Staff IT Security Engineer

San Jose, CA /
Digital Development – Digital Development /
Full-time
Job Title: Staff  Information Security Engineer
Location: San Jose, CA, USA

Overview 
We are looking for a passionate Staff Information Security Engineer who wants to utilize and grow his or her skills in a challenging and innovative work environment. As a Senior Information Security Engineer, you will use your passion for security to help drive key security initiatives. You will be responsible for enhancing information security and manage risks across the US and European locations.

Responsibilities
•Monitor information systems for security incidents and vulnerabilities, develops monitoring and visibility capabilities, reports on incidents, vulnerabilities, and trends.
•Secure containerized applications using technologies such as Docker and Kubernetes.
•Develop and implement controls to secure the IT computing infrastructure in AWS.
•Manage and improve existing controls to safeguard Company data.
•Work closely with Engineering and other business units to drive security and compliance initiatives.
•Conduct proactive research to analyze security weaknesses, recommend appropriate improvements and manage mitigations.
•Develop and administer information security training and awareness programs.
•Lead security investigations and incident response processes.
•Define security requirements for new technologies.
•Participate in periodic policy compliance reviews and risk assessments.
•Perform and manage vendor risk assessments.
•Build, manage, and maintain security tools used by the Security team.

Qualifications
•Minimum 10 years of Information Security experience.
•Bachelor’s degree in computer science, information security, or related discipline.
•Industry standard security certification such as CISSSP is a plus.
•Strong problem-solving skills and excellent troubleshooting skills
•Experience with risk assessment and implementation of security controls.
•Familiar with common industry security tools and software.
•Experience with security monitoring, incident response practices and methodologies.
•Experience with data privacy, regulations, and security frameworks: ISO27001, GDPR, NIST cybersecurity framework, CIS controls
•Excellent verbal and written communication skills to document, communicate findings, and interact with business customers.
•Available outside of normal US business hours for high priority events and collaboration with global team as needed.

About NIO    
NIO Inc. is a pioneer in China’s premium smart electric vehicle market. Founded in November 2014, NIO’s mission is to shape a joyful lifestyle. NIO aims to build a community starting with smart electric vehicles to share joy and grow together with users. NIO designs, jointly manufactures, and sells smart premium electric vehicles, driving innovations in next-generation technologies in connectivity, autonomous driving, and artificial intelligence. Redefining the user experience, NIO provides users with comprehensive and convenient power solutions, innovative Battery as a Service (BaaS) program, and other user-centric services. NIO began deliveries of the ES8, a 7-seater flagship premium electric SUV, in China in June 2018, and its variant, the 6-seater ES8, in March 2019. NIO officially launched the ES6, a 5-seater high-performance premium electric SUV, in December 2018 and began deliveries of the ES6 in June 2019. NIO officially launched the EC6, a 5-seater premium electric coupe SUV, in December 2019 and began deliveries of the EC6 in September 2020.

Equal Employment Opportunity   
NIO is committed to a policy of equal employment opportunity. We recruit, employ, train, compensate, and promote without regard to race, color, age, sex, ancestry, marital status, religion, national origin, disability, sexual orientation, veteran status, present or past history of mental disability, genetic information or any other classification protected by state or federal law.
 
NIO US is an E-Verify employer.