Optoro is a fast-growing technology company that is revolutionizing the retail industry. Every year, more than 15% of retail goods are returned or simply never sell. This creates tons of unnecessary waste and costs retailers billions.

Our mission is to make retail more sustainable by eliminating all waste from returns. Our technology platform connects a seamless online returns experience with efficient supply chain processing and best in class reCommerce, so that retailers can improve outcomes across all points of the returns lifecycle. 

Backed by some of the top investors in the country - including Kleiner Perkins, Revolution Growth, and UPS - Optoro is powered by its collaborative, unconventional, and resourceful employees who love solving big problems. We are looking for individuals with similar creativity and energy to help build a lasting company focused on the triple bottom line.

The Job

The Senior Manager, Information Security is responsible for the overall security operations and management for all information security-related efforts at Optoro. This includes assessing, planning, coordinating, implementing, and monitoring our Information Security program. As a critical member of the Engineering and Technology team, you will focus on all aspects of information security and will work with other technology team members to help prioritize and solve information security challenges. You will also perform various management and support roles on cross-functional project teams where information security considerations need to be addressed. In addition, you will work closely with peer staff within the Engineering and Technology team, with key members of the Senior Executive team, and with vendor partners.

Responsibilities:

  • Create and manage security strategies
  • Work closely with the Technology leadership team on creating security architecture standards
  • Oversee information security audits, performed by organization or third-party
  • Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement
  • Implement and oversee technological upgrades, improvements and major changes to the information security environment
  • Provide information security awareness training to organization personnel
  • Serve as a focal point of contact for the information security team and the customer or organization
  • Build and manage a security team and all other information security personnel
  • Communicate information security goals and new programs effectively with other department managers within the organization 

Qualifications

  • Must Have
    • Minimum of seven years of IT experience, with five years in an information security role and at least two years in a supervisory capacity.
    • CISM, CISSP or comparable certification
    • Thorough and demonstrable understanding of information security concepts, protocols, industry best practices and strategies
    • In-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls
    • Ability to build strong relationships at all levels and across all business units and organizations, and understand business imperatives
    • Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals
    • A strong understanding of the business impact of security tools, technologies and policies
    • Strong leadership abilities, with the capability to develop and guide information security team members and IT operations personnel, and work with minimal supervision
    • Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, project and product development teams, management and business personnel
    • Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies
    • Experience working with legal, audit and compliance staff
    • Experience developing and maintaining policies, procedures, standards and guidelines
    • Experience in system technology security testing (vulnerability scanning and penetration testing).
    • Familiarity in application technology security testing (white box, black box and code review).
  • Nice to Have
    • Bachelor's degree in Information Systems
    • M.B.A. or M.S. in information security
    • Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL) and Control Objectives forInformation and Related Technology (COBIT) frameworks
    • Experience with Google Cloud Platform or other cloud providers 
    • Familiarity with the principles of cryptography and cryptanalysis 

All new employees at Optoro will be required to be fully vaccinated against COVID-19 prior to commencing employment. Employees will be required to produce proof of vaccination status prior to their first day of employment. Optoro will evaluate requests for reasonable accommodations for applicants unable to be vaccinated due to a religious belief or medical circumstance on an individual basis in compliance with applicable laws.

Optoro is an equal opportunity employer.

Apply for this Job

* Required

  
(File types: pdf, doc, docx, txt, rtf)
  
(File types: pdf, doc, docx, txt, rtf)


Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Optoro’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.


Form CC-305

OMB Control Number 1250-0005

Expires 05/31/2023

Voluntary Self-Identification of Disability

Why are you being asked to complete this form?

We are a federal contractor or subcontractor required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.

Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Disabilities include, but are not limited to:

  • Autism
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, or HIV/AIDS
  • Blind or low vision
  • Cancer
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or hard of hearing
  • Depression or anxiety
  • Diabetes
  • Epilepsy
  • Gastrointestinal disorders, for example, Crohn's Disease, or irritable bowel syndrome
  • Intellectual disability
  • Missing limbs or partially missing limbs
  • Nervous system condition for example, migraine headaches, Parkinson’s disease, or Multiple sclerosis (MS)
  • Psychiatric condition, for example, bipolar disorder, schizophrenia, PTSD, or major depression

1Section 503 of the Rehabilitation Act of 1973, as amended. For more information about this form or the equal employment obligations of Federal contractors, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.