Sr Manager, Information Security, Governance, Risk & Compliance

At Tailored Brands, we help people love the way they look and feel for their most important moments.  Our Technology team loves the way they feel and thrive at work, with:

• Flexible work opportunities, including remote and hybrid options
• Small, empowered teams that have fun delivering real value for our customers
• A culture that values a 50-year legacy while eagerly embracing the future 

Want to be part of this?

We currently have an exciting opportunity for a Sr Manager, Information Security (IS), Governance, Risk & Compliance (GRC) to join our Tailored Technology team.  This individual will play a crucial part of our organization involved in the assurance and ongoing operational excellence of the company’s Information Security Internal Controls and GRC programs as well as supporting the companies Data Privacy program across the organization, and creating a legendary customer experience.

This position will provide leadership and direction for major programs such as IT Security Policy and Compliance, GRC, Privacy and establishing an Internal Controls across the entire IT organization.  This position is also responsible for establishing and maintaining the company’s overall IT GRC and Internal Controls programs.  This person will also lead company efforts to continue to increase maturity of our Data Loss Prevention (DLP) program including establishing controls and guidance for supporting processes such as data classification and digital rights management.  The right candidate has strong domain knowledge of compliance and controls, curiosity, a growth mindset and a proven track record of GRC and Internal Controls programs, best practices and processes with hands-on experience.  This role reports to the Director of Information Security.

Tailored Brands is a high-growth, collaborative environment where people who are comfortable with ambiguity and have an investigative mindset will thrive.  If you love technology, can balance being detail-oriented with the big picture, and communicate equally well with IT team partners and business stakeholders, we are looking for you!

What You’ll Do | Key Responsibilities

• Direct the IS, GRC team to document, communicate and enforce areas of security improvement that balance risk with business operations, as well as ensure controls are not weakening efficiencies or business innovation.
• Liaison with auditors, both internal and external, to maintain and implement controls for compliance and privacy laws.
• Oversee and ensure adequate protection of key information is maintained through data classification, data loss prevention (DLP) and enforcement of records retention requirements.
• Establish and maintain a strategy for managing security-related audits, compliance checks and external assessment processes for auditors, including but not limited to, Sarbanes-Oxley (SOX), Payment Card Industry (PCI) Standards, Service Organization Controls (SOC) 2, California Consumer Privacy Act (CCPA) and other applicable industry standards.
• Provide GRC team leadership to create strong oversight with third parties, vendors and business partners.
• Guide team members to align with security, audit and risk management leadership for ongoing security program assessments, as well as annual strategic technology and budgetary directives.
• Facilitate IT compliance of identified controls – for example, IT general controls (ITGCs), application, cloud and cybersecurity.
• Act as a key point of contact when GRC team members identify risk to raise awareness with security management and business unit leads on a risk reduction plan.
• Play a key role in the vendor risk assessment process and ensure all business units follow and uphold process rigor.
• Partner with business units, procurement the enterprise project management office and legal when onboarding solutions to ensure adequate controls are available and enabled in production.
• Oversee findings brought forward through team analysis, requiring thorough documentation and recommendations to report to security leadership where gaps exist.
• Maintain a high degree of knowledge with current and proposed security changes impacting regulatory, privacy and security industry best practice guidance. 
• Influence and validate metrics used in assessment of security program success and report them regularly to security and business leadership. 

What You’ll Bring  | Skills & Experience

• 10 years of experience and proficiency in IT, IS, GRC and/or IT Internal Controls Programs
• CISA or equivalent certification is mandatory
• Excellent understanding of corporate policies, practices, and organizations
• Ability to frame strategies, messages, and communications in a clear and consumable manner, tailored to the audience
• Proven experience with data privacy, security, legal and compliance obligations
• Demonstrated commitment to valuing diversity and contributing to an inclusive working and learning environment
• Leadership and mentoring capabilities.
• Excellent problem-solving and analytical skills.
• Self-motivated, energetic team player with strategies to navigate roadblocks and drive results 
• Excellent verbal and written communication skills

Benefits

This role is eligible for healthcare including medical, dental and vision, retirement savings (401k with a company match), income protection programs such as life, accident and disability insurance, paid time off for sick leave, vacation, bereavement, jury duty, and holidays, wellbeing program, commuter, adoption assistance, education assistance, legal services, and employee merchandise discounts. For more detailed information go to mytbtotalrewards.com. 

Work-Life Balance

We understand the demands of work, school, family, and personal responsibilities.  Through our work-life resources and programs we offer services for every stage of life to help you manage the day-to-day needs.  We offer programs such as:

• Meeting-Free Fridays (encouraged) | so you can catch up on work and self-development
• Summer Fridays | from Memorial Day to Labor Day so you can enjoy a head-start to the weekend
• Holiday Early Departure | close out early the business day before a company observed holiday  

The starting salary for this position is $141,100 and may increase to $170,000 depending on merit, length of service with the Company, and other factors. We take into consideration an individual’s skills, background, and experience in determining final salary. Other compensation may include a 10% Annual Incentive Plan (AIP) bonus paid out according to policy. Base pay information is based on market location and may be subject to prevailing wage laws, if applicable.

Work Environment, Physical & Mental Demands

• Ability to sit and work at a computer keyboard for extended periods of time
• Ability to stoop, kneel, bend at the waist, and reach daily
• Able to lift and move up to 25 pounds occasionally
• Must utilize visual acuity, speech and hearing, hand and eye coordination and manual dexterity necessary to operate a computer and office equipment
• Hours regularly 40 hours per week, as work dictates, from a hybrid office location near our Houston Corporate Office or from a remote location

Note: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed are representative of the knowledge, skill, and/or ability required and are not intended to be an exhaustive list of all duties, responsibilities or qualifications associated with this job.

Salary : $141,100 - $170,000