About the Team
The Security Compliance Team is responsible for Williams-Sonoma, Inc.'s enterprise security compliance, third-party risk, and cybersecurity risk management programs. The team is comprised of subject matter experts who partner with the business to deliver compliance solutions in a dynamic environment.
Founded in 1956, Williams-Sonoma, Inc. is the premier specialty retailer of high-quality products for the kitchen and home in the United States. Our family of brands are Williams-Sonoma, Pottery Barn, Pottery Barn Kids, PBteen, West Elm, Williams-Sonoma Home, Rejuvenation, Mark and Graham and GreenRow. We''re a multi-brand, multi-channel, global enterprise supported by state-of-the-art technology and some of the most talented teams in retailing - and we''re always looking for new energy and ideas.
About the Role
The Manager, Security Compliance leads the team and is responsible for setting strategy, establishing standards, and ensuring effective execution across the Security Compliance function.
Reporting to the CISO, this leader manages a team of security compliance professionals and contractors, with accountability for program outcomes, team performance, and enterprise risk visibility. The role partners closely with Technology, Legal, Internal Audit, and business stakeholders to ensure a scalable, risk-aligned control environment.
This position plays a critical role in maintaining audit readiness, strengthening the company's control framework, and providing clear, actionable insight into compliance posture, risks, and remediation progress to executive leadership and the Board.
Responsibilities
Lead and evolve the Security Compliance function, managing a high-performing team and driving consistent, high-quality execution across all program areas
Own and govern the enterprise security compliance and control framework, ensuring alignment with regulatory requirements and industry standards (PCI DSS, NIST, GDPR, CPRA, SOX) and driving continuous improvement
Oversee key compliance programs, including PCI, SOX, and privacy, ensuring audit readiness, effective control operation, and successful assessments
Lead the Third-Party Risk Management program, establishing scalable, risk-based processes for vendor assessment, monitoring, and governance, and providing clear visibility into third-party risk exposure
Drive the enterprise cybersecurity risk management program, ensuring risks are identified, prioritized, and remediated with clear accountability and executive visibility
Partner cross-functionally with Technology, Legal, Internal Audit, and business teams to embed security and compliance into operations and decision-making
Own audit and regulatory engagement, serving as the primary liaison with Internal Audit and ensuring efficient, well-coordinated audit execution
Provide clear, actionable reporting to executive leadership and the Board, translating complex risk and compliance topics into meaningful insights
Shape and mature the security awareness program, measurably improving human risk outcomes and strengthening the company's overall security posture
Success in this role is defined by the effectiveness of the control environment, clarity of risk visibility, and the organization's ability to sustain audit readiness and compliance at scale
Criteria
You have minimum of 6 + years of related experiences (information security, risk, or compliance), including people management experience driving results, creating solutions and achieving as one team
Bachelor''s degree in Risk Management, or related fields, or equivalent work experience
You have deep expertise in SOX, privacy regulations, and third-party risk management, and strong working knowledge of PCI DSS
You have strong decision-making, conflict resolution skills and experience leading teams and scaling enterprise compliance and risk programs
You are effective at driving accountability across both direct reports and cross-functional stakeholders
You are comfortable engaging with executive leadership and board-level audiences
You can translate complex regulatory requirements into practical, business-aligned control strategies
You bring a strong risk-based mindset, balancing compliance obligations with operational effectiveness
Relevant certifications such as CISSP, CISM, CISA, CRISC, or PCI ISA/QSA are preferred
This role requires being onsite in the Rocklin, CA office, Monday through Thursday and Friday as optional in the office
You have the following technical competencies:
Deep understanding of security and compliance frameworks (PCI DSS, NIST, ISO 27001, SOX)
Experience with third-party risk management methodologies and tools
Experience with GRC platforms and compliance automation
Strong risk assessment and control evaluation knowledge
Excellent written and verbal communication skills
Strong program leadership and prioritization capabilities
Experience working within the retail sector
Our Culture & Values
We believe that taking care of our people is vital to our success and we strive to offer equitable and transparent practices for all. We prioritize connection, growth, and wellbeing.
People First
Putting People First means investing in overall well-being and opportunities to grow and advance within the organization. Depending on the position and location, here are a few highlights of what benefits may be available:
Benefits
A generous discount on all WSI brands
A 401(k) plan and other investment opportunities
Paid vacations, holidays, and time off to volunteer
Health benefits, dental and vision insurance, including same-sex domestic partner benefits
Tax-free commuter benefits
A wellness program that supports your physical, financial and emotional health
Continued Learning
In-person and online learning opportunities through WSI University
Cross-brand and cross-function career opportunities
Resources for self-development
Advisor (Mentor) program
Career development workshops, learning programs, and speaker series
WSI will not now or in the future commence an immigration case or "sponsor" an individual for this position (for example, H-1B or other employment-based immigration).
This role is not eligible for relocation assistance.
Williams-Sonoma, Inc. is an Equal Opportunity Employer. Williams-Sonoma, Inc. will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance, or other applicable state or local laws and ordinances.
The expected starting pay range for this position is $150,000 - $180,000. Applicable pay ranges may differ across markets. Actual pay will be determined based on experience and other job-related factors permitted by law. In addition to competitive pay, compensation may include a variety of other components like benefits, paid time off, merit, and bonus opportunities.
#LI-JC1
Our Company
Founded in 1956, Williams-Sonoma, Inc. is the premier specialty retailer of high-quality products for the kitchen and home in the United States. Our family of brands are Williams Sonoma, Williams Sonoma Home, Pottery Barn, Pottery Barn Kids, Pottery Barn Teen, Rejuvenation, West Elm, Mark & Graham, Outward, and GreenRow. These brands are among the best known and most respected in the industry. We offer beautifully-designed, stylish and functional products for every area of the home, including the kitchen, living room, bedroom, home office, closet, laundry room and even outdoor spaces. We''ve seen some big changes since our first brick-and-mortar store opened more than half of a century ago. What hasn''t changed is our passion for high-quality products, functional design, outstanding customer service, and enhancing the lives of our customers and the communities where we operate. Today, we''re a multi-brand, multi-channel, global enterprise supported by state-of-the-art technology and some of the most talented teams in retailing - and we''re always looking for new energy and ideas.