Senior GRC Analyst

• Serve as a subject matter expert on security best practices, compliance frameworks and standards such as SOX Section 404 IT General Controls, ISO 27001, GDPR, CCPA.
• Maintain security documentation including information security policies and procedures, risk assessment methodology and treatment plans, privacy and business impact assessments (BIA/PIA), and compliance audit procedures.
• Manage Serve's security awareness program platform and quarterly phishing simulation campaigns and reporting.
• Conduct periodic risk assessments of third-party vendor services and establish corrective action plans for risk mitigation.

This role helps ensure the security and compliance of Serve Robotics' robotic delivery systems, contributing to the company's mission of reimagining urban mobility by making deliveries more efficient and accessible while benefiting local businesses.

• Knowledge in ISO 27001/2 and SOC 2 trust principles.
• Knowledge in Information Security best practices.
• Experience with participating in compliance audits in a lead or supporting role.
• Experience in preparing compliance audit workpapers such as artifact request lists, standard test cases and test plans.

No specific benefits, compensation, or perks mentioned in the job description.

Serve Robotics is reimagining how things move in cities through personable sidewalk robots designed to take deliveries away from congested streets, make deliveries available to more people, and benefit local businesses.