Outrider, the pioneer in autonomous yard operations for logistics hubs, helps large enterprises improve safety and increase efficiency. The only company exclusively focused on automating all aspects of yard operations, Outrider eliminates manual tasks that are hazardous and repetitive. Outrider’s mission is to drive the rapid adoption of sustainable freight transportation by deploying zero-emission systems. Outrider is a private company backed by NEA, 8VC, Koch Disruptive Technologies, and other top-tier investors. For more information, visit www.outrider.ai
The Information Security Lead will report to the Director of IT Operations and be responsible for product and company information security. This is an opportunity to start early, build a security program, and hire/lead the Information Security Team.
Duties & responsibilities
- Develop and drives implementation of a short and long term security strategy and goals in alignment with Outrider's business objectives and culture
- Oversee information security in enterprise IT infrastructure and in deployment and management of enterprise applications
- Guarantees the strong performance of security operations across sites, as well as cloud-based service operations centers
- Secure operations involving large groups of R&D, Engineering, and development operations, requiring connectivity and integration with third party partners
- Perform gap analysis of current state versus industry best practices for the autonomous vehicle industry
- Partner across the organization to ensure that security is designed into products and processes from the early stages
- Prepare and present accurate and timely information in response to audits and inquiries; institutes a proactive culture to align activities and measurement with internal policy and regulatory requirements
- Oversee management of information security tools, contracts, documentation, standards, and processes to ensure an operating environment that is sound, sustainable, and compliant with company policies and requirements
- Identify and classify risks related to new implementations or existing infrastructure and application solutions and provision of guidance for remediation
- Establish and enhances policies and procedures to ensure the following of security best practices and compliance.
- Establishes governance processes and drives prioritization of security workload across the security workforce, and with dependent stakeholders
- Provide security expertise and direction for enterprise applications used to support Finance Management, Customer Management, Manufacturing Operations and Quality Control
- Assess and identifies security controls for sensitive and regulated data, and refines and oversees compliance programs aligned with regulatory and international standards (e.g., ISO27001, SOC2).
- Develop and drive security risk analysis, mitigation, and remediation plans. Plans for and leads security incident response and recovery efforts.
- Evolve Outrider's capability to monitor threats and vulnerabilities as well as detect, investigate, respond to, and recover from incidents.
- Own all documentation, process, and training surrounding Outrider's disaster recovery abilities.
- Ensure the appropriate development and delivery of end user security awareness training, effective reporting, as well as performance metrics; executes on security metric reporting to ensure business and senior leadership have a proper view of current security state and risks, globally.
- Stay abreast of new and evolving market trends, best practices, and industry specific information.
- Research, monitor, and analyze trends related to security in the automotive, machine learning, and autonomous driving spaces.
- Provide thought leadership, insights, and recommendations for optimizing security and streamlining processes.
- 7+ years of enterprise information security or relevant technology experience
- 2+ years experience leading a team of InfoSec/cybersecurity professionals. A breadth of hands on and leadership experience in security, engineering, or IT management
- In-depth understanding and management of information security, and security technologies such as intrusion detection and content filtering, threat patterns, security architecture, application architecture, and compliance criteria
- Thorough understanding of SDLC and Application Security Policies, Design and Documentation
- Ability to communicate, interpret Infosec and playback requirements to a non-technical security team (i.e. non-functional requirements)
- Thorough understanding of Risk Management principles (Risk Register, Cyber risks etc)
- Fundamental understanding of Incident Management and Security Operations
- Experience with cryptography, ethical hacking, computer forensics, information assurance, and intrusion detection and prevention methodologies
- Experience securing and navigating cloud platforms, such as AWS (Amazon Web Services), Azure, or GCP (Google Cloud Compute) platforms
- Knowledge of common operating systems (e.g. Windows, Linux, etc.), endpoint security principles, networking services and protocols; understanding of security technologies (IDS, firewalls, SIEM), cloud security monitoring technologies and the desire to remain technically hands-on, but also operate on a strategic level
- Excellent communication skills, especially the ability to communicate security and risk-related concepts to technical and non-technical audiences
- Ability to understand the business context and technology challenges and handle uncertainty and apply appropriate security solutions in response to multiple risks and needs
- Deep knowledge of relevant security and compliance frameworks, standards, and regulations (such as SOC2, NIST, COBIT, ISO270xx)
- Exceptional interpersonal, oral, and written communication skills
- Ability to clearly and succinctly communicate verbally and in writing, translating technical jargon to correspond with the audience's knowledge and understanding
- Capable of listening and obtaining clarification, changing approach or method to best fit the situation. Able to effectively partner with cross-functional teams to coordinate activities and accomplish goals
Compensation & benefits
- Salary range of $130,000 - $150,000. For benefits, check this out!
At Outrider, we believe in cultivating an environment where there is diversity of perspectives, experiences, and knowledge with the expectation that we thrive in an inclusive environment. Outrider is committed to a workforce where everyone's opportunities are limitless regardless of race, national origin, gender, age, religion, disability, veteran status, or any others that are protected by law.