zulily is a retailer obsessed with bringing our customers something special every day. Unique products from up-and-coming brands are featured alongside favorites from top brands, including clothing, home decor, accessories, toys and gifts, giving customers something new to discover each morning at an incredible price. We are fast-paced, innovative and metric-driven, with a team passionate for delighting our customers. Whether you want to work with incredible product selection, develop smart marketing plans, help us in our pursuit of faster fulfillment, or do something else awesome in between, we have a place for you. With locations in Seattle, Reno, Columbus and Bethlehem, our team is excited to be changing the way people shop every day - and we are just getting started.

This position is responsible for all aspects of Technology security, compliance and risk management ensuring the integrity, confidentiality and availability of information, networks and systems. Direct responsibilities include establishing and leading a Global Center of Excellence to develop, maintain, and execute a strategic roadmap for information security, compliance and risk management that includes oversight of the security architecture, controls, processes, standards, policies and procedures. Responsibilities also include coordination of Technology security personnel, projects, risk assessments, compliance audits, investigating and resolving IT security incidents, providing Technology security support and supervising project teams in the design, configuration, testing and deployment of Technology security solutions.

QUALIFICATIONS

 
  • 10+ years’ experience in a combination of security, risk management and technology jobs.
  • 5+ years’ experience as a manager of technology security with job history demonstrating increasing levels of responsibility
  • 5+ years’ experience managing and leading high performing technology teams
  • Achievement of an advanced security related certification such as CISSP.
  • Proven track record and experience in developing security policies, procedures and standards while successfully executing security projects.
  • Knowledge and understanding of relevant legal and regulatory requirements, such as SOX, PCI, HIPAA, Data Protection, etc.
  • Experience with information security frameworks such as COBIT, ITIL, etc.
  • Strong conceptual understanding of information security theory.
  • Strong project management skills and experience in creating and managing projects.
  • Proficiency in performing risk, business impact and vulnerability assessments and defining risk mitigation strategies.
  • Knowledge of security issues, techniques and implications across UNIX, LAMP stack, LINUX and Windows environments; experience with Active Directory, SAP and RSA. Knowledge of User Identity and Access Management (IAM) tools.
  • Strong understanding of the business impact of security tools, technologies and policies. Ability to develop and articulate a compelling business case for recommended actions.
  • Knowledge of the SAP security architecture a plus.
  • At least a 4 year undergraduate degree is required, with a strong preference for a technical discipline such as Computer Science or Information Security. Advanced degree preferred.