地点: China Mainland
州/省/市: Shanghai
城市: Shanghai
业务单元: Store Support Centre (SSC)
Project Manager, Incident Response
说明与要求
who we are
lululemon is an innovative performance apparel company for yoga, running, training, and other athletic pursuits. Setting the bar in technical fabrics and functional design, we create transformational products and experiences that support people in moving, growing, connecting, and being well. We owe our success to our innovative product, emphasis on stores, commitment to our people, and the incredible connections we make in every community we're in. As a company, we focus on creating positive change to build a healthier, thriving future. In particular, that includes creating an equitable, inclusive and growth-focused environment for our people.
Position
Project Manager, Incident Response
Reports to
Program Manager, Cybersecurity, China
Location
Shanghai
About this team
Mission and value delivery focused cybersecurity team in China is to focus to enable business growth with lululemon security guardrails ensure and cyber protection in place with effectiveness and efficiency. Team is also responsible to ensure China specific cyber requirements fulfilled.
Core responsibilities
Incident response project manager leads to manage all aspects of cybersecurity incident response from initiation to conclusion. Assess the nature of the incident and determines what resources are needed to resolve the situation and restore service. Being an incident response program manager also coordinates all efforts to contain and resolve the incident, leads communications and conference calls with teams, stakeholders, vendors and others to provide incident resolutions. The role also coordinate and direct response status and result. Also the role should inform, assign, escalate and demand external support during incident cycle to ensure effective containment and root analysis.
• Managing a team of Incident responders and Threat Hunters
• Defining and maintaining Information Security Incident Management Process and build procedure documents for incidents handling
• Performing forensics investigation based on logs and other data. Validate containment and remediation measures, Perform Root Cause Analysis (RCA) as vital efficiently.
• Managing, maintaining and improving Incident Response capabilities to detect, proactively hunt for and respond to sophisticated cyberattacks
• Coordinating, monitoring, and supporting general activities related to cases, investigations and risk mitigation and analysis
• Coordinating, communicating, sharing information, and working closely with various business units and teams within the company
• Periodically conducting tabletop exercises to test the readiness of IR function
• Working closely with Cybersecurity Engineering team on new monitoring rules implementation, playbooks, and other manual tasks' automation proficiently.
• Researching emerging threats to gain insight and understanding of the evolving threat landscape and its to the company.
• Ensuring continuous improvement of the Cybersecurity posture
• Owns program related resource management and 3rd party vendor management. Point of Contact for Procurement, Security, Legal, Stakeholder Management (Sponsor, Leadership, Architects)
• Develops relationships and collaborates with internal and external stakeholders across regions (NA, EMEA, APAC, China) and cross functional teams to ensure solutions meet timeline and business objectives.
• Ensures all project/program tasks are clearly understood, assigned, and tracked.
Qualifications
• 5+ years of experience in information security or related technology experience required, experience in the retail industry or professional consulting firm is a plus.
• Strong experience on leading cybersecurity incident in communication, root cause analysis, containments, and improvements across functional teams in medium or large organization
• Strong experience on building incident communication SOP and able to run table top exercise.
• Strong in English / Chinese verbal and written skill with clear cybersecurity indicators to reflect the status of incident.
• Able to lead and operation in stress situation during incident and able to respect the fact.
• Understanding of public cloud technologies, shared responsibility model for cloud, and experience implementing or assessing cloud security controls is required.
• Ability to operate with low degree of ambiguity, leveraging existing processes and tools with guidance
• Proven experience managing budget of >=$1M capex annually or size of initiative along with experience in forecasting.
• Demonstrated ability to function in a fast paced, multi-program environment with changing priorities
• Ability to anticipate potential problems and proactively troubleshoot to resolve issues
• Strong leadership skills, including the ability to influence and gain consensus in the absence of direct authority
• Proven results working with global and remote teams across different time zones
Must haves
• Acknowledge the presence of choice in every moment and take personal responsibility for your life.
• Possess an entrepreneurial spirit and continuously innovate to achieve great results.
• Communicate with honesty and kindness and create the space for others to do the same.
• Lead with courage, knowing the possibility of greatness is bigger than the fear of failure.
• Foster connection by putting people first and building trusting relationships.
• Integrate fun and joy as a way of being and working, aka doesn’t take yourself too seriously.
Additional notes
Authorization to work in China is required for this role.
Compensation and benefits package
lululemon’s compensation offerings are grounded in a pay-for-performance philosophy that recognizes exceptional individual and team performance. As part of our total rewards offering, you will receive competitive base pay and permanent employees in this position may be eligible for our annual bonus program, subject to program eligibility requirements.
At lululemon, investing in our people is a top priority. We believe that when life works, work works. We strive to be the place where inclusive leaders come to develop and enable all to be well. Recognizing our teams for their performance and dedication, other components of our total rewards offerings include support of career development, wellbeing, and personal growth:
• Supplement health and dental benefits, and mental health plans
• Paid time off
• Savings plan matching - Employee Stock Purchase Plan
• Generous employee discount
• Fitness & yoga classes
• Parenthood top-up
• Extensive catalog of development course offerings
• People networks, mentorship programs, and leadership series (to name a few)
Note: The incentive programs, benefits, and perks have certain eligibility requirements. The Company reserves the right to alter these incentive programs, benefits, and perks in whole or in part at any time without advance notice.
workplace arrangement
In Person
In-person collaboration and office-based work is necessary and important for this role. Work is performed onsite, 5 days a week, depending on role requirements.
只有被纳入考量范围的申请人才会收到我们的联络。非常感谢您有意申请我们的职位。lululemon 是支持公平就业机会的雇主。雇佣决策基于价值和商业需求,与种族、肤色、信仰、年龄、生理性别、社会性别、性取向、国籍、宗教、婚姻状况、健康状况、身体或精神残疾、兵役、怀孕、分娩和相关医疗情况,或受联邦、州或省及地方法律和法令保护的任何其他因素无关。符合资格的残障人士可根据要求获得合理便利。“公平就业机会”政策适用于与招募、雇佣、报酬、福利、惩戒、转岗、终止雇佣相关的所有操作以及其他所有雇佣条款与条件。虽然管理层主要负责“公平就业机会”政策的实施,但员工也应通过个人行动负责确保政策的有效性。
lululemon is committed to providing reasonable accommodation to applicants with disabilities. If you would like someone from our team to contact you for individualized support, email us ataccommodations@lululemon.com. In your email, please include the position title, the location of the position and the nature of your request.