Information Security Analyst – Risk & Compliance - 20247

NIO is the leader of smart Electronic Vehicle (EV) industry in China, the fastest growing EV market in the world. We are rapidly expanding our footprint. By 2025, NIO plans to expand its presence to over 25 countries worldwide. 
The Information Security team is growing globally as well. Our goal is to build strong security capabilities to protect NIO’s business from current and emerging threats.  We’re seeking a passionate and self driven Senior Information Security Engineer to join our team. We are a global organization with talents in Information Security across the globe. Come join us today and be a part of NIO‘s exciting journey and growth. Also, this role is hybrid, and would require coming into the office a few days a week.

Responsibilities

• Support the maintenance of strong governance, risk, and compliance process for ISO 27001.
• Continuously improve the security framework, methodology, standards, and system of internal controls.
• Govern the NCR process and ensure corrective actions are completed.
• Establish and monitor performance metrics, trending reports, and KPI.
• Create and maintain internal governing documents for compliance with various auditing procedures and internal security controls.
• Regularly examine the organization's information security risks, analyzing threats, vulnerabilities, and impact.
• Be the main point of contact for all compliance audits such as ISO27001, ISO9001, SOX, GDPR, and data privacy as needed.
• Serve as a business partner with Engineering and G&A to discover needs and drive secured solutions, while building and fostering strategic business relationships.
• Develop security awareness training contents, campaigns, and deliver training to employees.
• Create, manage, and document standard operating procedures and policies.
• Act as the project manager for security project to track deliverables, and identify risks.
• Assist the daily security monitoring, detection, and investigations.

Requirement

• Preferred 5+ years in Information Security risk and governance experience.
• Bachelor’s degree in risk management, information security, or related discipline.
• Strong knowledge of security principles and risk management
• Experience with ISO27001 and NIST-800 are a must
• Excellent verbal and written communication skills to document, communicate findings, and interact with business customers.

Desirable

• Security certification a plus.

Benefits

• The US base salary range for this full-time position is $134,700 - $175,000
• Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.
• Please note that the compensation details listed in US role postings reflect the base salary only, and do not include discretionary bonus, equity, or benefits.

About NIO    NIO Inc. is a pioneer and a leading company in the premium smart electric vehicle market. Founded in November 2014, NIO’s mission is to shape a joyful lifestyle. NIO aims to build a community starting with smart electric vehicles to share joy and grow together with users. NIO designs, develops, jointly manufactures and sells premium smart electric vehicles, driving innovations in next-generation technologies in autonomous driving, digital technologies, electric powertrains and batteries. NIO differentiates itself through its continuous technological breakthroughs and innovations, such as its industry-leading battery swapping technologies, Battery as a Service, or BaaS, as well as its proprietary autonomous driving technologies and Autonomous Driving as a Service, or ADaaS. NIO’s product portfolio consists of the ES8, a six-seater smart electric flagship SUV, the ES7 (or the EL7), a mid-large five-seater smart electric SUV, the ES6, a five-seater all-round smart electric SUV, the EC7, a five-seater smart electric flagship coupe SUV, the EC6, a five-seater smart electric coupe SUV, the ET7, a smart electric flagship sedan, and the ET5, a mid-size smart electric sedan.
Equal Employment Opportunity   NIO is committed to a policy of equal employment opportunity. We recruit, employ, train, compensate, and promote without regard to race, color, age, sex, ancestry, marital status, religion, national origin, disability, sexual orientation, veteran status, present or past history of mental disability, genetic information or any other classification protected by state or federal law. NIO US is an E-Verify employer.