GRC Policy Analyst

Job Title: GRC Policy Analyst I

Reports to: Head of GRC

Job Location: Los Angeles, CA, USA

Job Status: Exempt

About SHEIN

SHEIN is a global online fashion and lifestyle retailer, offering SHEIN branded apparel and products from global network of vendors, all at affordable prices. Headquartered in Singapore, SHEIN remains committed to making the beauty of fashion accessible to all, promoting its industry-leading, on demand production methodology, for a smarter, future-ready industry. Founded in 2012, SHEIN has more than 16,000 employees operating from offices around the world, and continues to expand operations globally. Join SHEIN and be the future!

Position Summary

SHEIN Global Security and Risk Management (GSRM) is a global security organization that oversees security infrastructure, risk management, data privacy, business fraud, governance, and regulatory compliance across SHEIN’s global footprint. It is composed of a team of security professionals, innovators and thought leaders that have had decades of global security experience, led large scale transformations, and served in Fortune 500 executive roles.

We're seeking a full-time GRC Policy Analyst I for our Los Angeles-based corporate office, who will be responsible for implementing and maintaining the policy framework, lifecycle, and supporting processes. This position will be part of a team of governance, risk, and compliance experts and work with technology and legal partners and business units to meet our global policy and compliance needs.

The ideal candidate should have a good understanding of general security technologies and best practices, industry standard compliance frameworks, and experience in global data privacy laws and regulations. This role must work effectively with development, engineering, and operations counterparts as well as internal and external partners across all security and regulatory areas to develop and maintain comprehensive security policies, standards, and guidelines in accordance with regulatory requirements and industry best practice to protect SHEIN data, services, and information assets.

Job Responsibilities

• Draft security and privacy policies, taking into account applicable legal and regulatory requirements, industry best practice and standards, new technologies, threat landscape, and SHEIN business needs.
• Develop supporting documentation, including policy release notes, implementation guidance, and executive summaries in support of policy communication and implementation.
• Maintain policy cross references to relevant industry standards, such as ISO 27k, NIST, PCI DSS, EU NIS 2
• Manage policy exceptions, including analysis, reporting, and approvals.
• Establish relationships and work with relevant stakeholders across the enterprise to support the policy management lifecycle.
• Maintain a current and comprehensive understanding of relevant industry standards to incorporate into the policy strategy, roadmap, and framework.
• Support integration and maturation of policy, compliance, and risk frameworks

Job Requirements

• Bachelor’s degree or higher in information security, writing, or similar field of study
• A minimum of 5 years of practical experience in technical policy writing with expert proficiency in the English language
• Detail oriented and highly organized, with the ability to thrive in a fast-paced environment and prioritize accordingly
• Experience in developing and deploying policy management programs, preferably with international experience in an e-commerce or technology related industry
• Relevant security certifications, such as CISSP, CISM, CISA are desirable
• Strong knowledge of security and data privacy standards, regulations and guidelines such as ISO 27k, NIST, CIS, GDPR, CCPA/CPRA, PCI DSS
• Strong written and verbal communication and collaboration skills, with the ability to translate complex and technical issues to all levels of personnel
• High level of personal integrity, with the ability to professionally handle confidential matters and exudes the appropriate level of judgment and maturity

Pay

$92,000.00 min. - $148,700.00 max annually. Bonus & RSU offered.

Benefits and Perks

• Healthcare (medical, dental, vision, prescription drugs)
• Health Savings Account with Employer Funding
• Flexible Spending Accounts (Healthcare and Dependent care)
• Company-Paid Basic Life/AD&D insurance
• Company-Paid Short-Term and Long-Term Disability
• Voluntary Benefit Offerings (Voluntary Life/AD&D, Hospital Indemnity, Critical Illness, and Accident)
• Employee Assistance Program
• Business Travel Accident Insurance
• 401(k) Savings Plan with discretionary company match and access to a financial advisor
• Vacation, paid holidays, floating holiday and sick days
• Employee discounts
• Free weekly catered lunch
• Dog-friendly office (available at select locations)
• Free gym access (available at select locations)
• Free swag giveaways
• Annual Holiday Party
• Invitations to pop-ups and other company events
• Complimentary daily office snacks and beverages

SHEIN Technology LLC is an equal opportunity employer committed to a diverse workplace environment.