Manager, Risk Management

March 17, 2026

Other Jobs To Apply

No other job posts for this day.

About Stitch Fix, Inc. Stitch Fix (NASDAQ: SFIX) is the leading online personal styling service that helps people discover the styles they will love that fit perfectly so they always look - and feel - their best. Few things are more personal than getting dressed, but finding clothing that fits and looks great can be a challenge. Stitch Fix solves that problem. By pairing expert stylists with best-in-class AI and recommendation algorithms, the company leverages its assortment of exclusive and national brands to meet each client's individual tastes and needs, making it convenient for clients to express their personal style without having to spend hours in stores or sifting through endless choices online. Stitch Fix, which was founded in 2011, is headquartered in San Francisco. About the Role As the Manager of Risk Management at Stitch Fix, you will lead the development, implementation and ongoing coordination of an enterprise-wide cyber security governance, risk, and compliance management program including cyber risk identification, analysis, and mitigation, tracking and reporting to executive management. You will implement a comprehensive and effective Governance, Risk, and Compliance (GRC) program to ensure compliance with Stitch Fix internal policies and regulatory requirements (NIST, SOX, PCI, etc). Define and align security policies, strategy, standards and controls, risk management, 3rd party risk assessments, baseline security controls as well as technology compliance initiative, Proactively assess, identify, and develop recommendations regarding data protection, GRC, and third party risk issues and vulnerabilities, working collaboratively with multiple stakeholder teams including Legal, People & Culture (HR), and IT. You will manage and mentor staff responsible for Stitch Fix’s vendor risk management and data protection programs. You will oversee Stitch Fix’s IT and Information Security Training and Awareness program and be responsible for internal communication. Work closely with internal stakeholders to drive risk mitigation and prioritize remediation efforts. This is a remote position available within the United States. We operate in an agile-inspired manner; collaborating across multiple time zones. You're excited about this opportunity because you will… • Play a leadership role in Stitch Fix’s Information Security and IT organization and work closely with the firm’s CISO, business and product community to embed security best practices and foster a culture of information security awareness • You will develop and implement the first line of defense for an end-to-end IT and information security risk management program in alignment with Stitch Fix’s Enterprise Risk Management program to drive the identification, assessment, and prioritization of existing and emerging IT and security risks across the organization. • Drive continuous improvement by developing metrics, monitoring trends, and implementing pragmatic solutions that balance security needs with business goals • Assist the CISO in developing and implementing a comprehensive IT and information security strategy • Develop and implement the company’s risk management framework, ensuring it is aligned with strategic goals. • Lead efforts in business continuity planning and disaster recovery exercises, ensuring preparedness for any potential disruptions • Provide risk reporting and insights to senior management, ensuring risks are communicated effectively and decision-makers have the necessary information. • Manage and track the effectiveness of implemented controls and risk mitigation efforts. • Stay up to date with industry trends and regulatory changes, ensuring the company’s risk management practices are current and compliant. We’re excited about you because… • Bachelor’s degree in Information Technology, Risk Management, Business Administration, or a related field. • 5+ years of experience in risk management or a related discipline, with at least 2 years in a managerial role. • Possess extensive experience in risk management and security within a publicly traded company • Strong understanding of risk management frameworks, methodologies, and tools. • Strong understanding of security frameworks, regulations and standards (ex: PCI, SOX, NIST CSF, etc) • Excellent analytical, problem-solving, and decision-making skills. • Experience with regulatory compliance, business continuity, disaster recovery, and resiliency planning. • Strong communication skills, with the ability to work collaboratively across departments and present risk information to senior leadership. Why you'll love working at Stitch Fix... • We are a group of bright, kind people who are motivated by challenge. We value integrity, innovation and trust. You’ll bring these characteristics to life in everything you do at Stitch Fix. • We cultivate a community of diverse perspectives— all voices are heard and valued. • We are an innovative company and leverage our strengths in fashion an

Back to blog

Common Interview Questions And Answers

1. HOW DO YOU PLAN YOUR DAY?

This is what this question poses: When do you focus and start working seriously? What are the hours you work optimally? Are you a night owl? A morning bird? Remote teams can be made up of people working on different shifts and around the world, so you won't necessarily be stuck in the 9-5 schedule if it's not for you...

2. HOW DO YOU USE THE DIFFERENT COMMUNICATION TOOLS IN DIFFERENT SITUATIONS?

When you're working on a remote team, there's no way to chat in the hallway between meetings or catch up on the latest project during an office carpool. Therefore, virtual communication will be absolutely essential to get your work done...

3. WHAT IS "WORKING REMOTE" REALLY FOR YOU?

Many people want to work remotely because of the flexibility it allows. You can work anywhere and at any time of the day...

4. WHAT DO YOU NEED IN YOUR PHYSICAL WORKSPACE TO SUCCEED IN YOUR WORK?

With this question, companies are looking to see what equipment they may need to provide you with and to verify how aware you are of what remote working could mean for you physically and logistically...

5. HOW DO YOU PROCESS INFORMATION?

Several years ago, I was working in a team to plan a big event. My supervisor made us all work as a team before the big day. One of our activities has been to find out how each of us processes information...

6. HOW DO YOU MANAGE THE CALENDAR AND THE PROGRAM? WHICH APPLICATIONS / SYSTEM DO YOU USE?

Or you may receive even more specific questions, such as: What's on your calendar? Do you plan blocks of time to do certain types of work? Do you have an open calendar that everyone can see?...

7. HOW DO YOU ORGANIZE FILES, LINKS, AND TABS ON YOUR COMPUTER?

Just like your schedule, how you track files and other information is very important. After all, everything is digital!...

8. HOW TO PRIORITIZE WORK?

The day I watched Marie Forleo's film separating the important from the urgent, my life changed. Not all remote jobs start fast, but most of them are...

9. HOW DO YOU PREPARE FOR A MEETING AND PREPARE A MEETING? WHAT DO YOU SEE HAPPENING DURING THE MEETING?

Just as communication is essential when working remotely, so is organization. Because you won't have those opportunities in the elevator or a casual conversation in the lunchroom, you should take advantage of the little time you have in a video or phone conference...

10. HOW DO YOU USE TECHNOLOGY ON A DAILY BASIS, IN YOUR WORK AND FOR YOUR PLEASURE?

This is a great question because it shows your comfort level with technology, which is very important for a remote worker because you will be working with technology over time...

DISCLAIMER