Security Analyst

Cybersecurity GRC Security Analyst Risk and Issue Management

Who we are

We are a yoga-inspired technical apparel company up to big things. The practice and philosophy of yoga informs our overall purpose to elevate the world through the power of practice. We are proud to be a growing global company with locations all around the world, from Vancouver to Shanghai, and places in between. We owe our success to our innovative product, our emphasis on our stores, our commitment to our people, and the incredible connections we get to make in every community we are in.

About this team

The Cybersecurity team enables us to conduct its global operations in a secure manner and to safeguard the trusted information of its guests and users. This is accomplished by understanding business risk as manifested through security and compliance risk, and through fostering a high degree of employee awareness of all security and compliance topics. To further enhance our team, we are looking for an experienced specialist to serve as Security Analyst Risk and Issue Management. This role will work collaboratively with cross-functional teams within Cybersecurity and across Technology to identify, analyze, document, and drive clear risk remediation activities to reduce systemic security risks. The ideal candidate will bring a blend of technical security and risk management expertise, along with strategic thinking to drive measurable improvements in our security posture.

A day in the life :

As the Security Analyst Risk and Issue Management for us, you will define, facilitate, coordinate, and track remediation action plans for security risks and issues. The effectiveness of this role will be measured through verified closure of open risks and issues, and demonstrated reduction in the organization's security risk posture. Core responsibilities of this role are as follows :

• Lead and participate in targeted risk reduction initiatives across business units and technology domains
• Analyze complex systems, architectures, and processes to identify security vulnerabilities and systemic risks
• Collaborate with cross-functional teams to design and implement risk mitigation strategies
• Conduct root cause analysis of recurring security issues and propose remediation plans for sustainable solutions
• Support the development and refinement of GRC metrics and dashboards to track risk reduction progress
• Serve as a liaison between Cybersecurity and technology teams to ensure appropriate prioritization and alignment on risk remediation tasks
• Contribute to incident response post mortem activities to identify residual risk and develop risk mitigation strategies. This includes supporting root cause analysis (RCA) discussions to understand and document underlying issues, facilitating effective issue remediation.
• Remain current with emerging threats, vulnerabilities, and regulatory requirements
• Be an ambassador for the governance, risk and compliance security practice throughout the organization

Qualifications :

Must haves :

Required Skills :

Basic Qualification :

Additional Skills :

Background Check : No

Drug Screen : No