Vice President, Information Security and Tech Operations - USA

The RealReal is the world’s largest online marketplace for authenticated, resale luxury goods. Through our work, we are committed to contributing to a sustainable future, both for fashion and for our employees. Authenticity is a core component of our business; we value it in our products and we celebrate it across our teams by encouraging every TRR employee to bring their REAL authentic selves to work each day. We’re hiring, and we’d love for you to join our dynamic team! At The RealReal we emphasize customer data security in every aspect of our products and services. You will lead security from all angles, taking a 360-degree view of our security practices and product roadmap to ensure that we are in compliance with all applicable laws, directives, policies and client requirements regarding the safety of data and of our platform. You will ensure the implementation of the information security plans and manage the operational processes for monitoring and maintaining information security and compliance. As the security leader in our fast-growing business, you will have to wear many hats. In addition to leading security & compliance, you will also be responsible for our IT/Technical Operations practice.  This scope includes device management, corporate applications & services, networking and technical helpdesk. What You Get To Do Every Day Information Security: Establish and maintain the vision, strategy, and program to ensure information assets within The RealReal are adequately protected Identify, develop, implement, and maintain processes across the enterprise to proactively reduce and mitigate risks and bad actors Develop an incident response plan to drive cross-functional resolution Meet with prospects and customers to articulate how The RealReal secures their data Engage in and close deals and guide security issues in our product from being a deal blocker to a strength for The RealReal Triage and respond to incidents, establish and keep up-to-date appropriate standards and controls, and manage security technologies and tools therein Drive regular internal and external audits and compliance standards for PCI, SOX, ISO, SOC and others as necessary From a security standpoint drive the product roadmap and new feature development, working closely with the Product Management & Engineering team to assure hardening before release into the market Publish articles and as evangelist speak at conferences about The RealReal security and compliance Be up to date on global security trends and represent The RealReal as an authority on enterprise InfoSec, presenting to customer groups and industry forums in some instances Leverage best practices from the security industry to help secure customer data Some occasional need for hands-on technical implementation work to help customers deploy our technology Assist with internal and external audits; interface with auditors and external parties to satisfy company assessments  Identify, analyze and evaluate technology risk and measure the risk quantitatively and qualitatively Price out cost of remediation solutions in order to advise the business on the best risk solution portfolio Tech Operations: Lead the Help Desk team to maintain the highest level of performance and instill a customer service culture Management of 1500+ Mac PC and mobile devices Process development for standardizing Onboarding and ITSM support Deploy and support video conferencing across our global offices Balance daily operational requirements with long-term strategic planning and communication What You Bring To The Role BSCS or BSEE or another quantitative field MS preferred and a MINIMUM of 10+ years as an information security professional preferably in a VP of Security or CISO role Demonstrated experience in designing and implementing programs to secure and maintain systems consistent with principles embodied in ISO, NIST, SSAE, FIPS, and the comparable US and international standards and frameworks Experience building programs to support SAST, DAST, & IAST while moving left in the SDLC Experience building and enhancing SIEM solutions to identify areas of opportunity sooner. Experience ensuring endpoint lifecycle Proven experience delivering security training programs to encompass best security practices to include phishing, endpoint practices, multi-factor, etc. Knowledge of email delivery systems and associated security practices Understanding of Sender Policy Framework - SPF, DomainKeys Identified Mail - DKIM, DMARC, Reporting, and Conformance Knowledge of user authentication frameworks - OAuth, SSO, Okta, Sailpoint    Extremely articulate with exceptional verbal, written and visual communication skills Highly analytical, you quickly distill and organize ambiguous situations to find clarity and solutions Self-starter, you have a bias towards action and rolling up your sleeves An entrepreneur at heart, you can’t help noticing things that can be improved and thinking of ways to improve them Track record of continuing professional development to keep abreast of latest developments relevant to discipline and industry Passion, drive, commitment and tenacity in leading via influencing Have a great, energetic & empathetic personality and remain diplomatic in all interactions   The expected salary range for this role is $250,000 - $295,000. To determine starting pay we carefully consider a variety of factors, including primary work location and an evaluation of a candidate’s skills, experience, market demands, and internal parity. Additionally, salary is just one component of TRR’s total rewards package. Depending on role, employees may also be eligible for a bonus program, incentive pay and benefits. GHR8094 #LI-ES30 #LI-Remote   The RealReal is the world’s largest online marketplace for authenticated, resale luxury goods, with more than 30 million members. With a rigorous authentication process overseen by experts, The RealReal provides a safe and reliable platform for consumers to buy and sell their luxury items. We have hundreds of in-house gemologists, horologists and brand authenticators who inspect thousands of items each day. As a sustainable company, we give new life to pieces by thousands of brands across numerous categories—including women's and men's fashion, fine jewelry and watches, art and home—in support of the circular economy. We make selling effortless with free virtual appointments, in-home pickup, drop-off and direct shipping. We do all of the work for consignors, including authenticating, using AI and machine learning to determine optimal pricing, photographing and listing their items, as well as handling shipping and customer service. At our 13 retail locations, including our twelve shoppable stores, customers can sell, meet with our experts and receive free valuations. The RealReal is committed to providing an equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, or Veteran status. We will consider qualified applicants for a position regardless of arrest or conviction records.  At TRR, People Come First. That’s why diversity and inclusion are vital to our priorities as an equal opportunity employer. You can read about our Diversity Equity and Inclusion program here . Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The employee is regularly required to sit; use hands to finger, handle, or feel and talk or hear. The employee is occasionally required to stand; walk; reach with hands and arms; climb or balance; stoop, kneel, crouch, or crawl; and taste or smell. The employee must occasionally lift and/or move up to 10 pounds. Specific vision abilities required by this job include close vision. The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.