Who we are

With its A.I.-powered robotic technology platform, Symbotic is changing the way consumer goods move through the supply chain. Intelligent software orchestrates advanced robots in a high-density, end-to-end system - reinventing warehouse automation for increased efficiency, speed and flexibility.

What we need

As a Senior Security Compliance Analyst for our growing team, you will be pivotal in establishing and maintaining a robust security and compliance program, focusing on achieving and maintaining SOC 2 Type 2 as well as other possible future certifications such as ISO 27001 and HITRUST. The ideal candidate will possess a strong understanding of security frameworks, risk management, and policy development.

What we do
GreenBox is pioneering warehousing-as-a-service, offering outsourced warehousing operations and specializing in automated warehousing solutions. Our focus is on the efficient movement of goods in cases and pallets across all sectors, such as wholesale, retail, and general merchandising.

*GreenBox is an independently managed joint venture between Symbotic and Softbank.

What you'll do

• Security & Compliance Program Development:

• Develop, implement, and drive adherence of a comprehensive security and compliance program aligned with NIST CSF and SOC 2 Type 2 standards.

• Create security program detailing the rules and guidelines that dictate how the company will perform operations as well as protect critical assets and data.

• Conduct thorough risk assessments and gap analyses to identify areas for improvement in security and compliance posture.

• Establish and maintain a framework for ongoing monitoring and reporting of compliance activities.

• Policy & Standard Creation:

• Develop and maintain security policies, procedures, and standards to ensure compliance with relevant regulations and industry best practices.

• Communicate and educate employees on security policies and procedures.

• Maintain documentation related to policies, procedures, and compliance activities.

• Certification Attainment & Maintenance:

• Lead the organization through the SOC 2 Type 2 and certification processes, including planning, implementation, and audit preparation. Other certifications will likely follow.

• Coordinate with external auditors and internal stakeholders to ensure successful certification audits.

• Manage ongoing compliance activities to maintain certifications.

• Coordinate remediation activities as a result of audit findings and vulnerability assessment processes.

• Risk Management:

• Identify, assess, and mitigate security and compliance risks.

• Develop and implement risk management strategies and controls.

• Monitor and report on the effectiveness of risk management activities.

• Internal Audits & Monitoring:

• Conduct internal audits to assess compliance with policies and standards.

• Monitor security and compliance controls to ensure effectiveness.

• Track and report on compliance metrics and KPIs.

• Vendor Management:

• Assist in the security review of vendors and third-party providers.

• Monitor vendor compliance with security requirements.

• Incident Response, Disaster Recovery, Business Continuity:

• Assist in the incident response process, including investigations and reporting.

• Contribute to the development and maintenance of incident response plans.

• Define and document standards relating to Disaster Recovery and Business Continuity.

• Work with various teams to implement DR and BC procedures.

What you'll need

• Bachelor's degree in information security, Computer Science, Business Administration, or equivalent experience.

• Minimum of 8 years of experience in compliance, security, or risk management.

• Strong understanding of SOC 2 Type 2 and other compliance standards and certification processes.

• Experience developing and implementing security policies, procedures, and standards.

• Knowledge of risk management frameworks and methodologies.

• Excellent analytical, problem-solving, and communication skills.

• Ability to work independently and as part of a team.

• Strong attention to detail and organizational skills.

• Experience with audit management.

• Experience working with GRC software platforms to manage compliance.

Our Environment

• Up to 10% travel may be required. Employees must have a valid driver's license and the ability to drive and/or fly to client and other customer locations.

• The employee is responsible for owning a credit card and managing expenses personally to be reimbursed on a bi-weekly basis.

#LI-JH2

#LI-Remote

About Symbotic

Symbotic is an automation technology leader reimagining the supply chain with its end-to-end, AI-powered robotic and software platform. Symbotic reinvents the warehouse as a strategic asset for the world's largest retail, wholesale, and food & beverage companies. Applying next-gen technology, high-density storage and machine learning to solve today's complex distribution challenges, Symbotic enables companies to move goods with unmatched speed, agility, accuracy and efficiency. As the backbone of commerce the Symbotic platform transforms the flow of goods and the economics of supply chain for its customers. For more information, visit www.symbotic.com.

We are a community of innovators, collaborators and pioneers who embrace our differences, because we know unique perspectives make us stronger and smarter. Every perspective matters. We depend on the collective voices of our employees, customers and community to help guide us as we build a better place to work - for you and the world. That's why we're proud to be an equal opportunity employer.

We do not discriminate based on race, color, ethnicity, ancestry, religion, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, veteran status, or genetic information.