Principal / Staff InfoSec. Program Manager

RealReal   •  

San Francisco, CA

Industry: Retail & Consumer Goods


11 - 15 years

Posted 69 days ago

This job is no longer available.

The RealReal is leading the way in authenticated luxury consignment, online and in real life at our brick and mortar locations. Founded in 2011, we’re growing fast and fundamentally changing the way people buy and sell luxury — a multi-billion dollar industry. With a team of in-house experts who inspect every item we sell, our commitment to authenticity sets us apart and creates a foundation of trust with shoppers and consignors. Our mission to extend the lifecycle of luxury items is leading innovation in sustainable fashion. We’re proud to promote the circular economy and to be the first luxury member of the Ellen MacArthur Foundation’s prestigious CE100 USA.

Employees at The RealReal are dedicated, collaborative and innovative, and we’re looking for exceptional talent to join our team. Build your career with us and enjoy 401K matching, health, dental and vision insurance, commuter flex spending, healthcare flex spending, generous PTO, a mother’s room, flexible work hours and Friday bagels!

Security’s mission is to build and protect stakeholder trust - customers, employees, investors - in our business, especially where technology is involved. Security @TRR has a unique value in reinforcing trust in the stewardship that is core to the business. We do this by guiding right org security risk decisions and partnering withtechnology and business teams. We bring integrity, knowledge, and a passion for the technology. Come join us in building better security for a company that lives its values of ecology, economy, and quality.


  • Security- & Privacy-by-design. Drive the Security mindset across all product releases according to established practices using influence & communities. Assist withprogram management, scoping, and education for security- and privacy-by-design in our tech stack and processes
  • Drive the delivery of key security and compliance milestones on time, such as PCI, ITGC audits or SOX, GDPR and CA Privacy Bill AB-375
  • Develop sustainable embedded processes and alignment for Security across the org’s delivery teams, building into core product spec requirements.
  • Assist with management of Security and Compliance budget and vendor management.
  • Provide fully auditable visibility of changes and issues using tools such as Pivotal Tracker
  • Develop lightweight agile practices that empower the visibility of security practices and deliveries across the organization
  • Work with customers and partners to understand and resolve product security concerns


  • Proven ability to work collaboratively across departments and gain the respect of experts in different domains, like Engineering and Legal and Finance
  • Excellent influence and communication skills towards relationship-building
  • Excellent delivery capabilities
  • Ten years or more experience in relevant areas
  • Bachelor’s degree or work equivalent


  • Certifications
  • Develop Security & Tech culture: Program steer and energize internal and external tech talks, Meetup-type events, potential IP in OSS, patents, books/whitepapers