Project Manager, Governance Risk Compliance

地点: China Mainland

州/省/市: Shanghai

城市: Shanghai

业务单元: Store Support Centre (SSC)

说明与要求


who we are
lululemon is an innovative performance apparel company for yoga, running, training, and other athletic pursuits. Setting the bar in technical fabrics and functional design, we create transformational products and experiences that support people in moving, growing, connecting, and being well. We owe our success to our innovative product, emphasis on stores, commitment to our people, and the incredible connections we make in every community we're in. As a company, we focus on creating positive change to build a healthier, thriving future. In particular, that includes creating an equitable, inclusive and growth-focused environment for our people.

Position
Project Manager, Governance Risk Compliance

Reports to
Technology Director, Cybersecurity

Location
Shanghai

About this team
Mission and value delivery focused cybersecurity team in China is to focus to enable business growth with lululemon security guardrails ensure and cyber protection in place with effectiveness and efficiency. Team is also responsible to ensure China specific cyber requirements fulfilled.  

Core responsibilities
The project manager of cybersecurity governance and compliance focus to enable business growth during rapid changing cybersecurity risk & data regulations in China. He / She leads cross board data transfer (CBDT) regulation compliant work from tech side to provide company-value-first compliant tactics and drives to delivery great result with respective teams. This role also works as interface during cybersecurity inspection from department of police in China. As GRC role, leading security awareness program in China provides her the great recognition from senior business leaders. All above has demonstrated her consistent strong performance and critical for business. This role takes extended to lead data protection in China. the role is to build the data flow map, plan for protection controls point in roadmap, and to be the security assessment point on data protection into each of fast pasting projects. His / her unique skillset is critical for data protection program from China market and connects cross the global. The new role also drives efficiency through automation for ‘Security-by-design’ program. The security checkpoints have been moved into design phase of the China projects, and 95% of the China projects have been tracked into unified security porta. This provides great value to business and tech team to ensure cyber risk transparency and being consistent into business objectives.

This role will work closely with the business/product partners, technology/business stakeholders, architecture, portfolio & core delivery teams, also including:
Build cybersecurity compliance roadmap and governance controls processes
Assess security control effectiveness to support business initiatives
Provide cross team cyber awareness and security simulation fulfillment
Provide security review and approval for new projects and initiatives
Unblocks the team and proactively problem solves as needed throughout the program lifecycle with guidance 
Effectively identifies and solves for potential risks, issues, and development strategies to prevent realization of risks while providing transparency to the applicable stakeholders 
Owns program related resource management and 3rd party vendor management. Point of Contact for Procurement, Security, Legal, Stakeholder Management (Sponsor, Leadership, Architects) 
Develops relationships and collaborates with internal and external stakeholders across regions (NA, EMEA, APAC, China) and cross functional teams to ensure solutions meet timeline and business objectives. 
Ensures all project/program tasks are clearly understood, assigned, and tracked.

Qualifications
5+ years of experience in information security or related technology experience required experience in the retail industry or professional consulting firm is a plus.
Proven track records to lead medium or large organization to continue compliant cybersecurity laws and regulations in China and for rest of the world
Good understand on enterprise risk management for Cybersecurity and have experience to lead program for cyber risk mitigation with cross function teams collaborations.
Thorough understanding of technology domain, stack, and skills. 
Proven experience in leading the strategic path and delivery of multiple portfolio management capabilities such as but not limited to, onboarding, recruiting, vendor management, capacity management, resource management, annual planning process, workforce management etc.  
Ability to operate with low degree of ambiguity, leveraging existing processes and tools with guidance
Passion for problem solving w/ an ability to excel in an ambiguous environment 
Demonstrated ability to function in a fast paced, multi-program environment with changing priorities 
Ability to anticipate potential problems and proactively troubleshoot to resolve issues 
Strong leadership skills, including the ability to influence and gain consensus in the absence of direct authority 
Proven results working with global and remote teams across different time zones 


Must haves
Acknowledge the presence of choice in every moment and take personal responsibility for your life.
Possess an entrepreneurial spirit and continuously innovate to achieve great results. 
Communicate with honesty and kindness and create the space for others to do the same. 
Lead with courage, knowing the possibility of greatness is bigger than the fear of failure. 
Foster connection by putting people first and building trusting relationships. 
Integrate fun and joy as a way of being and working, aka doesn’t take yourself too seriously. 

Additional notes
Authorization to work in China is required for this role.


Compensation and benefits package 
lululemon’s compensation offerings are grounded in a pay-for-performance philosophy that recognizes exceptional individual and team performance. As part of our total rewards offering, you will receive competitive base pay and permanent employees in this position may be eligible for our annual bonus program, subject to program eligibility requirements.   

At lululemon, investing in our people is a top priority. We believe that when life works, work works. We strive to be the place where inclusive leaders come to develop and enable all to be well. Recognizing our teams for their performance and dedication, other components of our total rewards offerings include support of career development, wellbeing, and personal growth:
Supplement health and dental benefits, and mental health plans
Paid time off
Savings plan matching - Employee Stock Purchase Plan
Generous employee discount
Fitness & yoga classes
Parenthood top-up
Extensive catalog of development course offerings
People networks, mentorship programs, and leadership series (to name a few)

Note: The incentive programs, benefits, and perks have certain eligibility requirements. The Company reserves the right to alter these incentive programs, benefits, and perks in whole or in part at any time without advance notice.


Workplace arrangement

In Person
In-person collaboration and office-based work is necessary and important for this role. Work is performed onsite, 5 days a week, depending on role requirements.