Fox Robotics is at the bleeding edge of warehouse automation, with a focus on autonomous forklifts. As the leader in this space, Fox has clear product market fit and is scaling fast, with plans to nearly double from ~90 employees in the next year. With this growth, employees have a once-in-a-career opportunity to learn, all while working as part of a mission-driven team focused on making robots that work.

What you’ll do:

We're in search of an experienced Senior SRE / Senior Security Engineer to join our Platform Engineering team. We are looking for a highly technical team member to ensure the continued reliability, scalability, and security of our IoT infrastructure. Our Platform team encompasses both Information Technology (IT) and Operational Technology (OT); where IT focuses on information management and business processes, OT is dedicated to controlling and monitoring physical processes in highly technical environments such as manufacturing and warehouse automation.

Responsibilities will evolve, and will include the below:

• Security Architecture:
• Design and implement robust security architectures to safeguard on-prem, Cloud, and deployed robotics infrastructures, considering all applicable hardware, networking, and software components.
• Create Infrastructure-as-Code that supports secure management of real-time and near-real-time data from sensors, robots, and systems that orchestrate multi-agent robot coordination.
• Design and implement systems that protect from attack vectors over typical internet protocols as well as attack surfaces from physical access or short-range wireless protocols such as USB, UWB, NFC, and Bluetooth.
• Incident Response and Threat Mitigation:
• Lead real-time response efforts to address critical vulnerabilities or security incidents, analyzing and mitigating security threats promptly. This could include coordinating with developers, systems administrators, hardware specialists, and field support operations to implement a coordinated response.
• Develop and implement proactive measures and patching protocols to prevent security issues, aligning with an ISO 27001 risk framework.
• Vulnerability Management:
• Conduct regular security assessments and vulnerability scans to identify and address potential weaknesses.
• Collaborate with cross-functional teams to remediate vulnerabilities in a timely manner.
• Integrate security scanning into automated code pipeline builds to identify and address security vulnerabilities early in the development process.
• Security Awareness and Training:
• Work with our IT organization to develop and deliver security awareness programs to educate employees on best practices.
• Devise security checklists and training agendas that support our ISO 27001 certification and enhanced security posture.
• Threat Intelligence:
• Monitor and analyze threat intelligence sources to stay ahead of emerging cyber threats, especially for IoT devices.
• Implement threat intelligence into security strategies to proactively defend against potential attacks.
• Collaboration with IT and Development Teams:
• Work closely with IT and development teams to ensure security best practices are integrated into the development lifecycle.
• Provide guidance on secure coding practices and help develop automated pipelines that support integrated security scanning

What you’ll need:

A deeply experienced threat and vulnerability analyst who can build repeatable technical and business processes for the enterprise.

• Deep understanding of cybersecurity principles, technologies, and best practices.
• Deep knowledge and mastery of Linux systems architecture, especially Debian-based systems.
• Experience with incident response, vulnerability management, and security architecture.
• Analytical mindset with the ability to assess and respond to evolving security threats.
• Certifications such as CISSP, CISM, or equivalent are highly desirable.
• Flexibility and adaptability to navigate the ever-changing landscape of cybersecurity.
• Flexibility in how you work, as we continue to evolve the way things are done (Fox is a startup, after all!)

Nice to have:

Experience with the following systems and programs is a plus:

• Hands-on experience with multiple security tools and platforms.
• Proven track record of adapting to new technologies and new contexts.
• Ansible automation experience.
• Robotics / IoT / telecom experience.
• Automated security scanning platform integrations such as Circle, SonarQube, Veracode, etc.

What’s in it for you:

• A once in a career opportunity to build, alongside colleagues who deeply care
• Working with robots is tremendously cool
• Competitive salary and stock options
• Generous healthcare options
• 401k match
• Generous PTO
• Other perks that connect us, including lunch on Fridays, team building activities, and more!