Information Security Manager

Who We Are

Since 2007, Geoforce has been an industry leader in GPS tracking, providing reliable solutions for over 250,000 assets across 90+ countries. Our comprehensive platform combines rugged GPS devices with advanced software, supported by global satellite and cellular networks. From vehicles to heavy equipment, we deliver the visibility and control businesses need to optimize operations. Trusted by industry leaders like Southwest Airlines, DHL, and SLB (Schlumberger), Geoforce is the go-to partner for smarter asset management. Learn more at www.geoforce.com.

As a rapidly growing company committed to technology innovation and delivering high value services to its clients, Geoforce is constantly looking for high integrity, well-rounded professionals who thrive on challenges, are fascinated by technology, exhibit passion and pride, and don't mind rolling up their sleeves to get a job done.

What We Need

We are looking for a Manager of Information Security who will lead the information security strategy and security operations within Geoforce Inc. Reporting to the VP of Software Engineering, the Manager of Information Security serves as the organization’s key cybersecurity authority, responsible for establishing, managing, and continually enhancing a robust, enterprise-wide information security program.

Job Duties

This role provides strategic direction, ensures regulatory compliance, leads incident response efforts, leads customer information security questionnaire responses, and fosters a strong security culture across the enterprise. The role also governs relationships with third-party vendors and managed security partners and drives business-aligned risk management and resiliency efforts.

Strategic Leadership & Governance

• Develop, implement, and maintain the organization's information security and data privacy strategy, policies, and governance framework, aligning with frameworks such as NIST CSF 2.0, ISO, SOC II Type 2 and CIS Controls.

• Serve as a trusted advisor to leadership on cyber risk, regulatory/compliance obligations (e.g., GDPR, CCPA), and emerging threats.

• Establish and manage key performance indicators (KPIs) and dashboards to measure program effectiveness and foster continuous improvement.

• Develop and communicate a roadmap for the privacy & security program that balances business enablement with risk mitigation.

• Lead security-related projects and deliverables for security as well as external department projects.

• Create and implement processes for SOC II type 2 compliance during the year 2026.

• Implement third-party vendor risk management program, including onboarding security reviews and continuous monitoring.

Security Operations, Communications & Incident Response

• Coordinate real-time monitoring, triage, and response to security alerts and vulnerabilities.

• Identify and implement core security platform needed to maintain security within Geoforce Infrastructure, Networking, and IT systems. Platforms may include EDR, SIEM, Secure email gateways etc.

• Oversee risk assessments, incident response, and vulnerability management across enterprise IT and Software Development.

• Lead customer communications and documentation around the InfoSec processes, documentation and certifications.

• Development and Governance of Security Policies and Procedures including SOC II Type2 audit readiness.

• Conduct regular risk assessments to identify vulnerabilities within the IT and Cloud environment.

• Implement risk mitigation strategies and continuously monitor their effectiveness.

• Conduct post-incident analysis to improve future responses.

• Report on security posture, risks, and incidents to leadership and regulatory auditor.

• Creation of SOPs related to security operations.

Security Awareness & Culture Building

• Lead and enhance the Security Awareness Training (SAT) program (e.g., KnowBe4), including phishing simulations and compliance reporting.

• Advocate for a security-first culture across IT, software development, and business team through ongoing engagement, communication, and training.

• Identify, budget, and implement tools across company for improving and maintaining security posture.

What Success Looks Like?

• A measurable reduction in organizational cyber risk through improved controls and visibility.

• Security events are detected, contained, and remediated with minimal business disruption.

• A well-established, compliant, and auditable information security program.

• A workforce that demonstrates security awareness and embraces shared accountability.

• Security technologies are implemented, optimized and integrated across IT towers and business units.

• Getting to a SOC II Type 2 compliance in 2026
  

Knowledge & Skills

• Technical Proficiency: Deep knowledge of cybersecurity principles, tools, technologies, risk management, and compliance frameworks (NIST, CIS, ISO, SOCII).

• Certifications: CISSP, CISM, or equivalent strongly preferred.

• Business Acumen: Ability to balance cybersecurity strategy with business growth goals, using risk-based prioritization.

• Communication Skills: Strong ability to articulate security concepts to non-technical customers, stakeholders, and executive leadership.

• Leadership: Collaborating with cross-functional teams and managing vendor relationships, including MDR (Managed Detection and Response) and performance measurement.

Education & Work Experience

• Preferred Bachelor’s degree in computer science or other quantitative fields.

• 6+ years in information security leadership roles, with expertise in managing enterprise-wide programs.

• Hands-on experience in implementing security assessment tools.

Geoforce Perks

• Competitive Salaries

• Company-sponsored health insurance, dental insurance, vision insurance, life and AD&D insurance, 401(K) Plan, flexible spending account, and dependent care reimbursement account

• Paid Holidays

• Flexible Paid Time Off (PTO) Policy

• The opportunity to work with other cool people who have a passion for excellence, innovation, and adventure.