Security Control Assessor

The KION/Dematic Supply Chain Solutions (SCS) Global Software R&D Organization is responsible for delivering innovative software products to support a wide range of intralogistics, material handling, and management solutions. These products play a key role in powering the logistics operations of enterprises in a wide range of industries worldwide including eCommerce activities.



We are looking for a hands-on, dynamic, and enthusiastic security control assessor to help drive our security compliance efforts. This is an exciting opportunity to join our team and support our security efforts related to the development of various projects in IoT, Intralogistics, Cloud, and Edge systems that aim to transform the warehouse logistics and management industry.

What we offer:

• Career Development
• Competitive Compensation and Benefits
• Pay Transparency
• Global Opportunities

Learn More Here: https://www.dematic.com/en-us/about/careers/what-we-offer

Dematic provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

The base pay range for this role is estimated to be $65,000-$140,000 at the time of posting. Final compensation will be determined by various factors such as work location, education, experience, knowledge, and skills.

Tasks and Qualifications:

This Is What You Will Do In This Role:

• Conduct ISO 27001 Readiness Assessment and prepare Gap Assessment Report.
• Conduct independent comprehensive assessments of the security controls employed within or inherited by an products or system to determine the overall effectiveness of the controls.
• Plan and conduct security authorization reviews and assurance case development for product development, and network installation.
• Develop ISO 27001 specific procedure and policy documents as part of the implementation effort.
• Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).
• Participate in Risk Governance process to provide security risks, mitigations, and input on other technical risk.
• Assess the effectiveness of security controls and support necessary compliance activities (e.g., validate system security configuration guidelines, perform compliance monitoring).
• Ensure that all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals.
• Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.
• Capture security controls used during the requirements phase to integrate security within the process, to identify key security objectives, and to maximize software security while minimizing disruption to plans and schedules.

What We are Looking For:

• Bachelor degree or equivalent IT experience
• 5+ years of experience in risk management processes (e.g., methods for assessing and mitigating risk).
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
• 2+ years of ISO 27001 implementation experience conducting risk and controls assessment.
• ISO 27001 Lead Auditor certification