lululemon

The project manager of cybersecurity governance and compliance focus to enable business growth during rapid changing cybersecurity risk & data regulations in China. He / She leads cross board data transfer (CBDT) regulation compliant work from tech side to provide company-value-first compliant tactics and drives to delivery great result with respective teams. This role also works as interface during cybersecurity inspection from department of police in China. As GRC role, leading security awareness program in China provides her the great recognition from senior business leaders. All above has demonstrated her consistent strong performance and critical for business. This role takes extended to lead data protection in China. the role is to build the data flow map, plan for protection controls point in roadmap, and to be the security assessment point on data protection into each of fast pasting projects. His / her unique skillset is critical for data protection program from China market and connects cross the global. The new role also drives efficiency through automation for ‘Security-by-design’ program. The security checkpoints have been moved into design phase of the China projects, and 95% of the China projects have been tracked into unified security porta. This provides great value to business and tech team to ensure cyber risk transparency and being consistent into business objectives.

This role will work closely with the business/product partners, technology/business stakeholders, architecture, portfolio & core delivery teams, also including:

• Build cybersecurity compliance roadmap and governance controls processes

• Assess security control effectiveness to support business initiatives

• Provide cross team cyber awareness and security simulation fulfillment

• Provide security review and approval for new projects and initiatives

• Unblocks the team and proactively problem solves as needed throughout the program lifecycle with guidance 

• Effectively identifies and solves for potential risks, issues, and development strategies to prevent realization of risks while providing transparency to the applicable stakeholders 

• Owns program related resource management and 3rd party vendor management. Point of Contact for Procurement, Security, Legal, Stakeholder Management (Sponsor, Leadership, Architects) 

• Develops relationships and collaborates with internal and external stakeholders across regions (NA, EMEA, APAC, China) and cross functional teams to ensure solutions meet timeline and business objectives. 

• Ensures all project/program tasks are clearly understood, assigned, and tracked.

• 5+ years of experience in information security or related technology experience required experience in the retail industry or professional consulting firm is a plus.

• Proven track records to lead medium or large organization to continue compliant cybersecurity laws and regulations in China and for rest of the world

• Good understand on enterprise risk management for Cybersecurity and have experience to lead program for cyber risk mitigation with cross function teams collaborations.

• Thorough understanding of technology domain, stack, and skills. 

• Proven experience in leading the strategic path and delivery of multiple portfolio management capabilities such as but not limited to, onboarding, recruiting, vendor management, capacity management, resource management, annual planning process, workforce management etc.  

• Ability to operate with low degree of ambiguity, leveraging existing processes and tools with guidance

• Passion for problem solving w/ an ability to excel in an ambiguous environment 

• Demonstrated ability to function in a fast paced, multi-program environment with changing priorities 

• Ability to anticipate potential problems and proactively troubleshoot to resolve issues 

• Strong leadership skills, including the ability to influence and gain consensus in the absence of direct authority 

• Proven results working with global and remote teams across different time zones