Manager, Information Security

We are looking for an experienced leader to manage the portfolio of Information Security and Compliance initiatives. You will play a key role in spearheading various cross-functional programs and supporting other teams with their growing sets of needs.

In this role you will:

• Establish baseline reporting metrics to effectively measure the health of the Information Security and Compliance domain and provide leadership-level reporting of events, incidents, and trends
• Develop systems and processes for monitoring, detecting, and alerting on anomalous behavior within GOAT Group environments
• Analyze known and emerging threats to determine risks against GOAT Group assets and employees
• Create, communicate and maintain security policies and standards across GOAT Group
• Collaborate with key stakeholders and partners (Legal, IT, People, Product, Engineering, Operations) to assess and audit the compliance of said relevant security policies and standards
• Develop and drive various Information Security and Compliance programs (e.g., incident response protocols and procedures, security awareness training for employees, etc…)
• Perform vendor risk assessments in partnership with Legal and Procurement
• Lead the design and development of tools to automate security controls and security workflows
• Ensure business and technology operations align with industry and regulatory compliance controls (e.g., PCI, GDPR, CCPA, IT SOX, SOC 2, etc…)

We are looking for:

• BS degree preferred
• 5+ years of hands-on management experience
• Ability to effectively drive, track and report on adoption of key information security and compliance initiatives internally within an organization
• Experience with various security and compliance technologies and services (e.g., SIEM, IDS, Vulnerability Management, DLP, Network Security, EDR, Pen Testing, Bounty Programs, Security Training Programs, etc…)
• Preferred certifications: CISSP, CISM, CISA, GIACStrong knowledge of industry and regulatory compliance requirements and frameworks (e.g., PCI, GDPR, CCPA, IT SOX, SOC 2, NIST CSF, ISO27001, HITRUST, etc…)
• Experience/skills in documenting risk and compliance policies, standards and activities
• Proven track record of bridging technical and non-technical partners across all levels of the organization in order to drive alignment
• Experience collaborating with engineering teams to develop internal tools and solutions
• Strong communication and stakeholder management skills
• A quick learner, a self-starter, able to work autonomously, and you're willing (and able) to handle the pressures of increasing levels of responsibility

GOAT is the global platform for the greatest products from the past, present and future. Since its founding in 2015, GOAT has become the leading and most trusted sneaker marketplace in the world. Through its unique positioning between the primary and resale markets, the company offers styles across various time periods on its digital platforms and in its retail locations, while delivering products to over 30 million members across 170 countries.
The company is backed by strategic investor Foot Locker, Inc. as well as some of the leading names in venture capital including D1 Capital Partners, Accel, Andreessen Horowitz, Index Ventures, Matrix Partners, Upfront Ventures, Webb Investment Network and Y Combinator.
We encourage you to apply even if you feel unsure about whether you meet every single requirement. We look for people who are passionate about what we do, not just those who check off all the boxes.
GOAT Group will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, if applicable.  If you are a California resident, please review our California Privacy Rights Notice for Job Applicants.