Information Security Specialist (RFPs and Vendor Assessments) At ORO Labs, we’re reshaping the future of procurement. Founded in California in 2020, we’re a fast-growing SaaS startup making procurement intuitive, integrated, and intelligent. Our platform supports Fortune 200 clients across North America and Europe, and we are now excited to be expanding our operations to serve leading enterprises across Australia. We help them streamline purchasing, mitigate supplier risk, and improve compliance—all while unlocking value from their existing tech investments. With teams across the U.S., Europe, and India, and now expanding into Australia, we thrive on collaboration, agility, and innovation. Overview: The Information Security Specialist will report to the CTO and work closely with the compliance team to support the organization’s security goals, primarily focusing on responding to RFPs, vendor assessments, and customer inquiries related to security practices. This role ensures the company’s security posture is clearly communicated in sales processes and annual vendor assessments. The Information Security Specialist will play a vital role in building customer trust by addressing security-related questions and maintaining transparency in security processes. Key Responsibilities: RFP and Vendor Assessment Management: Lead the response process for RFPs and vendor assessments, ensuring the company’s security posture aligns with customer expectations and requirements. Customer Engagement: Act as the primary point of contact for customer inquiries around security, explaining security processes and addressing customer concerns during the sales and assessment processes. Policy and Process-Driven Approach: Apply a policy-driven approach in all engagements, maintaining alignment with industry standards and best practices. Compliance Support: Collaborate with the compliance team to ensure adherence to security frameworks and regulatory requirements such as ISO 27001 and SOC 2. Audit Support: Assist in internal and external security audits, ensuring the organization meets compliance and security standards. Skills and Qualifications: Experience: 5+ years in information security, with direct experience managing RFPs and completing vendor security questionnaires. Technical Expertise: Knowledgeable in information security concepts, protocols, and compliance frameworks such as ISO 27001 and SOC 2. Communication Skills: Able to clearly articulate technical security information to non-technical stakeholders and customers. Project Management: Skilled in prioritizing and managing multiple projects simultaneously, ensuring timely and organized responses to RFPs and assessments. Attention to Detail: Strong attention to detail and commitment to accuracy in all security responses. Education: Bachelor’s degree in Information Security, Computer Science, or a related field preferred but not
Company Overview: ORO Labs is a well-funded B2B startup founded by industry veterans. Our SaaS solution is an AI-based procurement orchestration platform that’s dramatically improving business processes for employees, purchasing personnel, and suppliers, and it’s gaining rapid traction among global multi-nationals. ORO’s smart procurement workflows help organizations increase business agility and transparency, shortening cycle times while seamlessly increasing accuracy and compliance for the enterprise Role Overview : The Director - Infosec is a senior leadership role responsible for developing, implementing, and overseeing the overall information security strategy to protect ORO’s data, systems, and technology infrastructure from cyber threats and security risks. This role will report to the CTO and work closely with the compliance team to support the organization’s security goals, primarily focusing on responding to RFPs, vendor assessments, and customer inquiries related to security practices. This person will play a vital role in building customer trust by addressing security-related questions and maintaining transparency in security processes. Key Responsibilities : Develop, implement, and enforce information security policies, procedures, and standards aligned with business goals and regulatory requirements RFP and Vendor Assessment Management: Lead the response process for RFPs and vendor assessments, ensuring the company’s security posture aligns with customer expectations and requirements Lead and manage the organization’s information security program to safeguard confidentiality, integrity, and availability of information assets Customer Engagement: Act as the primary point of contact for customer inquiries around security, explaining security processes and addressing customer concerns during the sales and assessment processes Collaborate with leadership, IT, legal, compliance, and business units to communicate security risks and influence decision-making Apply a policy-driven approach in all engagements, maintaining alignment with industry standards and best practices. Collaborate with the compliance team to ensure adherence to security frameworks and regulatory requirements such as ISO 27001 and SOC 2. Assist in internal and external security audits, ensuring the organization meets compliance and security standards Stay abreast of the latest cybersecurity technologies, and regulatory changes to adapt the security strategy proactively Skills and Qualifications : Experience: At least 14+ years of progressive experience in information security roles, including leadership positions. Technical Expertise: Knowledgeable in information security concepts, protocols, and compliance frameworks such as ISO 27001 and SOC 2. Excellent communication and stakeholder management skills, capable of influencing executive decision-making Experience in risk management, security operations, incident response, and vulnerability management Deep knowledge of cybersecurity frameworks, standards, and regulatory requirements. Project Management: Skilled in prioritizing and managing multiple projects simultaneously, ensuring timely and organized responses to RFPs and assessments. Attention to Detail: Strong attention to detail and commitment to accuracy in all security responses. Education : Bachelor’s degree in Information Security, Computer Science, or a related field preferred but not required.
You will be joining ORO Labs, a well-funded B2B startup that is making a significant impact in the industry. As a Data Curator in the Content Team, your primary responsibility will be to ensure the accuracy, quality, and accessibility of the company's data assets. Working closely with analysts, IT professionals, and subject matter experts, you will curate and manage data repositories to facilitate informed decision-making and ensure compliance with standards and regulations. Your key responsibilities will include curating, organizing, and maintaining large datasets with a focus on accuracy, completeness, and consistency. You will develop and implement data curation strategies, collaborate with stakeholders to interpret data requirements, and optimize data storage solutions to enhance accessibility and usability. Adherence to data governance policies, privacy regulations, and data protection standards will be crucial, along with maintaining documentation for data curation processes and monitoring data integrity. To excel in this role, you should possess a Bachelor's degree in Computer Science, Information Management, or a related field, with demonstrated experience in data curation or management. A strong understanding of data management principles, governance, and quality assurance is essential, along with exceptional attention to detail and problem-solving skills. Effective communication and collaboration abilities are key for successful teamwork, and knowledge of machine learning and statistical analysis concepts would be advantageous. Joining ORO Labs offers you the opportunity to shape the quality and accessibility of organizational data while enjoying a competitive salary, comprehensive benefits, and growth prospects in a dynamic and innovative work environment.,