ABOUT THE ROLE
Peloton inspires & motivates millions of people every day. A key part of delivering on that mission is not only an amazing experience that our instructors & platforms provide, but also the data, telemetry, & insights that empower our members to be the best version of themselves anywhere, anytime. Earning & maintaining our members trust & safeguarding their data is key to everything we do.
The Sr. Manager Security & Privacy GRC oversees the Governance, Risk, Compliance (GRC), & Privacy functions reporting directly to the CISO. The main objective of the team is to deliver best in class Security Governance, Risk, Compliance, & Privacy services to ensure that Peloton operates in a risk mitigated, security managed environment & that Pelotons security compliance & privacy objectives are being met. Their responsibilities span Pelotons products & services & the internal applications, tools, & infrastructure that support them.
The Sr. Manager Security & Privacy GRC will work with multiple & diverse teams across Peloton including, but not limited to Product & Platform Engineering, Enterprise Information Technology, Legal, & various internal risk owners & 3rd parties. They will work closely with engineering, safety & compliance, & the finance organizations leadership team to coordinate our shared proactive compliance efforts & investment strategy.
The ideal candidate must be an inspirational leader who can prioritize well, communicate clearly & compellingly, & understands how to lead a high level of operational & strategic excellence. A proven history of leading & growing security teams, setting security strategies, developing risk assessment & mitigation programs, & leading privacy programs are all key experiences needed for this role. Additionally, strong Program Management experience & the ability to influence & manage deliverables across a highly diverse global organization is essential. They earn credibility & trust through their organizations accurate & timely identification of high-impact security & privacy compliance risks to partners & by providing clear & concrete guidance for their remediation.
A proven people & organizational leader who has repeatedly demonstrated the ability to invest in & grow others. They are able to multiply their impact & insight by delivering through others & by creating a fun, cohesive, & collaborative organizational culture.
YOUR DAILY IMPACT AT PELOTON
- Own Pelotons proactive security & risk management by developing a strategy & a backbone of policy, standards, process, people, & technology to assess & mitigate threats
- Partner effectively with Information Security, Product, Platform, Internal Audit, Legal, & other internal peers to support Pelotons compliance with applicable legal, regulatory, & security frameworks for the safeguarding of clients, intellectual property, & sensitive data
- Participate as a member of the management team in governance processes of the organizations security strategies.
- Develop & communicate security & privacy strategies & plans to the leadership team, staff, & partners.
- Develop, implement, maintain, & oversee enforcement of policies, procedures, & associated plans for system security administration & user system access based on industry-standard best practices.
- Define & communicate plans, procedures, policies, & standards for the organization for building, implementing, & operating new systems, equipment, applications, & services.
- Maintain an in-depth understanding of the broad security & privacy regulatory landscape impacting Peloton. Understand the impact of laws & regulations on Pelotons systems & technology.
- Act as advocate & liaison for Pelotons security & privacy vision via regular written & in-person communications.
- Recommend & implement changes in security & privacy policies, standards, & practices in accordance with changes in laws & regulations.
- Leads multi-disciplinary multi-functional team responsible for end to end security consultancy services
- Serves as a point of escalation & works to align partners & collaborators on strategic security/privacy initiatives & outcomes
- Responsible for the establishment & implementation of organizational key metrics & operational SLAs to measure the effectiveness & operational readiness of GRC-related capabilities & initiatives.
- Recruit, hire, manage, & develop world-class talent to build a successful organization that is a destination for security experts.
- Serve as a key partner & provide support to regulatory compliance initiatives related to PCI, GDPR, CCPA, HIPAA, & others.
YOU BRING TO PELOTON
- 5+ years of progressive experience in Information Security and/or related disciplines, with at least 2 years experience in a corporate level Information Security management position.
- Minimum of 5 years of large-scale project management experience.
- Must possess excellent people management & organizational development skills.
- Experience managing distributed & multi-functional IT/business teams
- Able to function independently, under pressure, & perform multiple functions & duties with minimal direction or guidance.
- Ability to establish & maintain a culture of risk management & compliance while delivering a world-class customer experience.
- Good communication & data presentation skills that allow you to clearly, compellingly, & effectively influence audiences internally & externally, across organization boundaries.
- Humble, hardworking, forward-thinking, & embodies a hands-on leadership approach.
- Excellent relationship-building skills across diverse multi-functional teams.
- Exceptional written/oral communication skills.
- Extensive experience in building successful & diverse multi-functional teams.
- Exceptional bias for action & ownership
Peloton is the leading interactive fitness platform globally, with a passionate community of 7 million Members in the US, UK, Canada, Germany, & Australia. Peloton makes fitness entertaining, approachable, effective, & convenient, while fostering social connections that motivate its Members to commit to their fitness journeys. An innovator at the nexus of fitness, technology, & media, Peloton reinvented the fitness industry by developing a first-of-its-kind subscription platform that seamlessly combines the best equipment, proprietary networked software, world-class streaming digital fitness & wellness content, & best-in-class fitness experts & Instructors.
At Peloton, we motivate the world to live better. Together We Go Far means that we are greater than the sum of our parts, stronger collectively when each one of us is at our best. By combining hardware, software, content, retail, apparel, manufacturing, Member support, & so much more, we deliver an exhilarating fitness experience that unlocks our members' greatness. Join our team to unlock yours.
Peloton is an equal opportunity employer & committed to creating an inclusive environment for all of our applicants. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. If you would like to request any accommodations from application through to interview, please email: email@example.com
Peloton has a COVID-19 vaccination policy to safeguard the health & well-being of our employees & customers globally. All employees based in the U.S. & Canada are required to provide proof of vaccination, unless the employee has a Peloton-approved reasonable accommodation or as otherwise required by law.