GRC Analyst, WARSAW


  • A minimum of 5 years of experience in information security risk management, including business impact analysis, risk assessment and treatment, risk metrics and trend analysis

  • Possess a bachelor’s degree or higher in the field of information security, engineering, computer science or equivalent advance technology field of study

  • Relevant security certifications, such as CISSP, CISM, CISA, ISO 27001 Lead Auditor are highly desired

  • Strong knowledge of security and data privacy standards, regulations and guidelines such as ISO 27k, NIST, CIS, LGPD, GDPR, CCPA, PCI DSS

  • Practical knowledge and experience working with threat modeling frameworks such as STRIDE, MITRE ATT&CK, OCTAVE

  • Experience developing and deploying risk management frameworks and programs, preferably with international experience in an e-commerce or technology related industry

  • Experience with deploying GRC tools is desirable

  • Strong analytical and problem-solving skills

  • Strong written and verbal communication skills, with the ability to translate complex and technical issues to all levels of personnel

  • Detail oriented and highly organized, with the ability to thrive in a fast-paced environment and prioritize accordingly

  • High level of personal integrity, with the ability to professionally handle confidential matters and exudes the appropriate level of judgment and maturity


    • There are 4 steps in the interview process. Your recruiter will confirm each step and names of interviewers during your 1st phone interview. 


    About SHEIN:


    SHEIN is a global fashion and lifestyle e-retailer committed to making the beauty of fashion accessible to all. We use on-demand manufacturing technology to connect suppliers to our agile supply chain, reducing inventory waste and enabling us to deliver a variety of affordable products to customers around the world. From our global offices, we reach customers in more than 150 countries.


    The Team


    SHEIN EU Technology Center is an EU technology company. Founded in 2012, SHEIN is a leading global online retailer with operations in Dublin, Guangzhou, Los Angeles and Singapore, along with other key markets. SHEIN reaches consumers across more than 150 countries and regions around the world. We place a premium on choice, delivering more than 6,000 new fashion, beauty and lifestyle products daily with more than 600,000 items available. Our mission is to help people express their individuality through the latest trends that are accessible and affordable. To learn more about SHEIN, follow us at shein.com, instagram.com/sheinofficial and youtube.com/shein.


    SHEIN Global Security & Risk Management is a global security organization that oversees security infrastructure, risk management, data privacy, governance and regulatory compliance across SHEIN’s global footprint. It is composed of a team of security professionals, innovators and thought leaders that have had decades of global security experience, led large scale transformations, and served in Fortune 500 executive roles.


    Here, innovation isn’t simply about protecting and defending our company. We develop solutions that are practical today and scalable tomorrow; and we create collaborative teams dedicated to innovation across each of our businesses to share our common values and vision.



    ,[Interface with business stakeholders to understand business needs and promote and deliver services in the security services catalog., Conduct security risk assessments of business processes, projects, business units, systems, and data., Conduct third-party risk assessments and security reviews of third-party agreements., Work closely with technology and legal partners and business units to ensure appropriate security and data protection requirements are incorporated into third-party engagements., Prepare risk assessment reports to inform risk treatment decisions., Track and monitor remediation and risk management activities., Support security and privacy awareness & training initiatives in Poland and the EU region, Deploy the risk management framework, processes, and tools to conduct risk assessments effectively and consistently., Develop, implement, mature, and champion risk management processes and concepts., Maintain a current and comprehensive understanding of relevant industry standards to incorporate into the risk management strategy, framework, and program., Support integration and maturation of policy, compliance, and risk frameworks.] Requirements: information security risk management, Degree, Communication skills, CISSP, NIST, CIS, GDPR, STRIDE, MITRE ATT&CK, OCTAVE, ISO27000, LGPD, CCPA, PCI DSS, E-commerce, CISM, CISA, ISO 27001 Lead Auditor Additionally: Opportunities for development in the organization, Annual bonus, Private medical care, Life and health insurance, Multisport card, Lunch for 1 PLN, 30% discount for SHEIN products.
Data publikacji: 2024-04-21
APLIKUJ

Podobne oferty

Analityk w dziale Księgowości, WARSZAWA, LeasingTeam Group Freight Billing Analyst, KATOWICE, Klient TeamQuest Analityk Danych w dziale Księgowości i Rachunkowości, WARSZAWA, LeasingTeam Group Technik analityk, PABIANICE, Aflofarm Farmacja Polska Sp. z o. o. Performance Analyst, KATOWICE, Klient TeamQuest System Analyst, KATOWICE, SCALO Sp. z o.o. System Analyst, WARSZAWA, SCALO Sp. z o.o. System Analyst, SZCZECIN, SCALO Sp. z o.o. System Analyst, KIELCE, SCALO Sp. z o.o. System Analyst, KRAKÓW, SCALO Sp. z o.o.