Locus Robotics is a leader in the rapidly growing eCommerce order fulfillment optimization space. Our solution helps warehouse owners attain 2-3X efficiency over cart-picking operations by empowering pickers to work collaboratively with our robots, while integrating with the operator’s Warehouse Management System and using and optimizing existing facility infrastructure. This is an opportunity to be join a very smart team deploying cutting-edge technology to address real-world logistics challenges for major global brands.

As a results-oriented Senior Information Security Risk Analyst, you will spearhead the development and execution of company-wide risk management program, ensure that risk management techniques and strategies are maintained, and foster relationship with internal/external partners and the executive team. Reporting to the Senior Director of Compliance, you will mature and promote risk initiatives, work with partners and vendors, and serve as a key advisor to cross-functional teams and company leadership.

In this role you will be highly accountable for the effectiveness, quality and timeliness of project design decisions and how easily these designs can be implemented.

Responsibilities

• Enforce and interpret security policies, procedures, and regulatory requirements by performing internal and vendor security risk assessments.
• Provide security consulting on complex issues that involve combinations of platforms, computing environments, and technologies.
• Mitigate vulnerabilities and configuration deficiencies by conducting investigations of possible security exceptions.
• Perform assessments of vendor risk, develop mitigation plans and partner with internal stakeholders to assign monitoring responsibility.
• Implement, update, maintain, document, and improve security risk programs.
• Maintain awareness of existing and proposed security standard setting groups, State, Federal and international legislation and regulations pertaining to information security, and data privacy.
• Perform assessment and/or implementation of appropriate security methods and control techniques.
• Prepare status reports for management on security matters and develop security risk analysis scenarios and response procedures.
• Perform periodic assessments of information systems, people, and processes to identify security vulnerabilities and develop and execute remediation action plans.
• Assist in identifying security controls for the company's production environments.
• Act as a liaison to the business and IT groups and assist them in the implementation of data privacy, compliance requirements, and information security technologies and application security.
• May lead projects and provide guidance/training to less experienced staff.

• Bachelors  (Computer Science, Information Systems, or relational functional field) and/or equivalent combination of education or work experience.
• 7+ year's general information technology experience.
• 5+ years of professional Information Security experience focused on security risk, compliance assessment and remediation.
• 5+ years of professional experience with security tools such as forensics, cyber assessment, or code analysis
• Strong knowledge of networking, databases, systems, applications, mobile, SaaS and other cloud technologies.
• In-depth knowledge of data security and protection techniques.
• In-depth knowledge of application security, including integration with DevOps practices.
• Experience working with public cloud environments such as Amazon Web Services and Microsoft Azure
• Professional certifications required with one of the following: CISSP, CRISC, GSEC, or other applicable.
• Familiar with industry compliance standards as they relate to Robots as a Service, such as ISO27001, SOC1 (SSAE16) and SOC2
• Exceptional analytical ability, communication skills and the ability to work effectively with customers, IT management and staff, vendors, and consultants.
• Strong knowledge of industry frameworks and best practices (ISO, NIST, and/or others).
• Strong knowledge of regulatory requirements and compliance (PCI, SOX, HIPAA, GDPR).
• Extensive experience working with diverse groups within dynamic organizations in both IT and business areas.

Locus Robotics is an Equal Opportunity Employer