Description & Requirements
Who we are
lululemon is a yoga-inspired technical apparel company up to big things. The practice and philosophy of yoga informs our overall purpose to elevate the world through the power of practice. We are proud to be a growing global company with locations all around the world, from Vancouver to Shanghai, and places in between. We owe our success to our innovative product, our emphasis on our stores, our commitment to our people, and the incredible connections we get to make in every community we are in.
About this team
Mission and value delivery focused cybersecurity team in China is to focus to enable business growth with lululemon security guardrails ensure and cyber protection in place with effectiveness and efficiency. Team is also responsible to ensure China specific cyber requirements fulfilled.
A day in the life:
As an IAM program manager, you will lead the design, implementation, and maintenance of Identity and Access Management (IAM), Identity Governance and Administration (IGA), and Privileged Access Management (PAM) systems. Your work will directly contribute to enhancing our organization's security posture while ensuring seamless user experiences. The Program Manager oversees the Project Managers, Business Analysts, and Engineers responsible for tactical delivery of key projects within the program that could be agile OR waterfall. They will work closely with the business/product partners, technology/business stakeholders, architecture, portfolio & core delivery teams.
- Lead & Design: Lead and design and implementation of IAM, IGA, and PAM solutions to meet business and security needs.
- System Integration: Integrate diverse applications with IAM, IGA, and PAM systems, ensuring a seamless and secure login experience for users.
- Operational Excellence: Develop, maintain, and ensure the smooth operation of SOPs for IAM, IGA, and PAM systems.
- Security Enhancement: Conduct security architecture benchmarking and gap analysis to improve overall security maturity.
- Business Continuity: Balance security improvements with business continuity, ensuring minimal disruption to operations.
- Process Design: Design processes or provide technical solutions to enhance the organization's security posture.
- Cross-Team Communication: Work closely with cross-functional teams to ensure successful implementation and adoption of IAM solutions.
- Effectively identifies and solves for potential risks, issues, and development strategies to prevent realization of risks while providing transparency to the applicable stakeholders
- Owns program related resource management and 3rd party vendor management. Point of Contact for Procurement, Security, Legal, Stakeholder Management (Sponsor, Leadership, Architects)
- Develops relationships and collaborates with internal and external stakeholders across regions (NA, EMEA, APAC, China) and cross functional teams to ensure solutions meet timeline and business objectives.
- Ensures all project/program tasks are clearly understood, assigned, and tracked.
Qualifications:
- 5 ~ 10 years of experience in information security or related technology experience required experience in the retail industry or professional consulting firm is a plus.
- Proven track records to build identity access management program, including but not limit to user auth, MSA, SSO, Identity governance, covering different user group and internal & external use cases
- Strong experience on one or more privilege access management tool and RBAC design for enterprise level organization
- Strong knowledge on Microsoft identity capabilities and ecosystem is must.
- Understanding of public cloud technologies, shared responsibility model for cloud, and experience implementing or assessing cloud security controls is required.
- Ability to operate with low degree of ambiguity, leveraging existing processes and tools with guidance
- Passion for problem solving w/ an ability to excel in an ambiguous environment
- Demonstrated ability to function in a fast paced, multi-program environment with changing priorities
- Ability to anticipate potential problems and proactively troubleshoot to resolve issues
- Strong leadership skills, including the ability to influence and gain consensus in the absence of direct authority
- Proven results working with global and remote teams across different time zones
Must haves:
- Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred.
- Certification in one or more of the following is a plus: CISSP, CISA, CISM, CCSK, CCSP, GCP Security Engineer, Azure Security Engineer, or similar.
- Possesses an entrepreneurial spirit and continuously innovates to achieve great results.
- Communicates with honesty and kindness and creates the space for others to do the same.
- Leads with courage, knowing the possibility of greatness is bigger than the fear of failure.
- Fosters connection by putting people first and building trusting relationships.
- Integrates fun and joy as a way of being and working, aka doesn’t take themselves too seriously.