Optoro is a fast-growing technology company that is revolutionizing the retail industry. Every year, more than 15% of retail goods are returned or simply never sell. This creates tons of unnecessary waste and costs retailers billions.

Our mission is to make retail more sustainable by eliminating all waste from returns. Our technology platform connects a seamless online returns experience with efficient supply chain processing and best in class reCommerce, so that retailers can improve outcomes across all points of the returns lifecycle. 

Backed by some of the top investors in the country - including Kleiner Perkins, Revolution Growth, and UPS - Optoro is powered by its collaborative, unconventional, and resourceful employees who love solving big problems. We are looking for individuals with similar creativity and energy to help build a lasting company focused on the triple bottom line.

The Job

The Senior Manager, Information Security is responsible for the overall security operations and management for all information security-related efforts at Optoro. This includes assessing, planning, coordinating, implementing, and monitoring our Information Security program. As a critical member of the Engineering and Technology team, you will focus on all aspects of information security and will work with other technology team members to help prioritize and solve information security challenges. You will also perform various management and support roles on cross-functional project teams where information security considerations need to be addressed. In addition, you will work closely with peer staff within the Engineering and Technology team, with key members of the Senior Executive team, and with vendor partners.

Responsibilities:

• Create and manage security strategies
• Work closely with the Technology leadership team on creating security architecture standards
• Oversee information security audits, performed by organization or third-party
• Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement
• Implement and oversee technological upgrades, improvements and major changes to the information security environment
• Provide information security awareness training to organization personnel
• Serve as a focal point of contact for the information security team and the customer or organization
• Build and manage a security team and all other information security personnel
• Communicate information security goals and new programs effectively with other department managers within the organization 

Qualifications

• Must Have
• Minimum of seven years of IT experience, with five years in an information security role and at least two years in a supervisory capacity.
• CISM, CISSP or comparable certification
• Thorough and demonstrable understanding of information security concepts, protocols, industry best practices and strategies
• In-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls
• Ability to build strong relationships at all levels and across all business units and organizations, and understand business imperatives
• Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals
• A strong understanding of the business impact of security tools, technologies and policies
• Strong leadership abilities, with the capability to develop and guide information security team members and IT operations personnel, and work with minimal supervision
• Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, project and product development teams, management and business personnel
• Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies
• Experience working with legal, audit and compliance staff
• Experience developing and maintaining policies, procedures, standards and guidelines
• Experience in system technology security testing (vulnerability scanning and penetration testing).
• Familiarity in application technology security testing (white box, black box and code review).
• Nice to Have
• Bachelor's degree in Information Systems
• M.B.A. or M.S. in information security
• Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL) and Control Objectives forInformation and Related Technology (COBIT) frameworks
• Experience with Google Cloud Platform or other cloud providers 
• Familiarity with the principles of cryptography and cryptanalysis 

All new employees at Optoro will be required to be fully vaccinated against COVID-19 prior to commencing employment. Employees will be required to produce proof of vaccination status prior to their first day of employment. Optoro will evaluate requests for reasonable accommodations for applicants unable to be vaccinated due to a religious belief or medical circumstance on an individual basis in compliance with applicable laws.

Optoro is an equal opportunity employer.