Responsibilities:
- Oversee the Data Security Engineering team, consisting of direct and indirect reports (including full time employees, contractors, MSS staff and external service providers personnel). This includes hiring, training, career development, and performance management.
- Lead all aspects of data lifecycle disciplines, including but not limited to planning, design, implementation, and ongoing support of such technical solutions as data discovery, mapping, processing, recovery, de-identification, encryption, loss prevention, rights management, etc.
- Create and update new strategies, project plans and policy documents based on compliance and operational requests that map to SHEIN's business requirements
- Develop and manage security budget forecast, expense, and technology, service and vendor roadmaps.
- Liaise with external agencies, such as law enforcement, standards and technology organization, advisory bodies and industry
- Work directly with IT teams to facilitate risk analysis, solution requirements and technology roadmaps to ensure compliance with industry and regulatory standards.
- Establish credibility throughout the organization by earning the reputation for being a proactive senior leader and change agent.
- Sustain high-availability service levels and ensure fulfillment of business-wide service levels and operational support objectives.
Skills and Qualifications:
- 10 years of experience in security engineering, with a dedicated focus on data security field and at least 5 years of direct people management experience.
- Possess a Bachelor’s degree or higher in the field of Engineering, Computer Science, Business Analytics, or equivalent advance technology field of study
- Relevant cyber security certifications, such as CISSP, CISM, CISA and/or PMP are highly desired
- Must be skilled at mentoring and motivating staff, communicating goals and other corporate initiatives and driving to results
- Strong knowledge of data privacy regulations and guidelines such as GDPR, CCPA, PCI, etc.
- Extensive experience building data protection programs in e-commerce or related industries, with strong working and practical knowledge of cloud, network, endpoint, application, and IDM.
- Experience building data driven security metrics to support security operations.
- Experience with change management and development lifecycles, and regular preparation of management status and executive reports
- Strongly process and procedure oriented in managing projects
Ability to translate complex data security threats and risks from a technical perspective to business-line understanding and execution