Information Security Lead Engineer

Who We Are

Since 2007, Geoforce has been an industry leader in GPS tracking, providing reliable solutions for over 250,000 assets across 90+ countries. Our comprehensive platform combines rugged GPS devices with advanced software, supported by global satellite and cellular networks. From vehicles to heavy equipment, we deliver the visibility and control businesses need to optimize operations. Trusted by industry leaders like Southwest Airlines, DHL, and SLB (Schlumberger), Geoforce is the go-to partner for smarter asset management. Learn more at

As a rapidly growing company committed to technology innovation and delivering high value services to its clients, Geoforce is constantly looking for high integrity, well-rounded professionals who thrive on challenges, are fascinated by technology, exhibit passion and pride, and don't mind rolling up their sleeves to get a job done.

What We Need

We are looking for a Manager of Information Security who will lead the information security strategy and security operations within Geoforce Inc. Reporting to the VP of Software Engineering, the Manager of Information Security serves as the organization's key cybersecurity authority, responsible for establishing, managing, and continually enhancing a robust, enterprise-wide information security program.

Roles and Responsibilities

This role provides strategic direction, helps in maintaining regulatory compliance, leads incident response efforts, leads customer information security questionnaire responses, and fosters a strong security culture across the enterprise. The role also governs relationships with third-party vendors and managed security partners and drives business-aligned risk management and resiliency efforts.

Strategic Leadership & Governance

• Develop, implement, and maintain the organization's information security and data privacy strategy, policies, and governance framework, aligning with frameworks such as NIST CSF 2.0, ISO, SOC II Type 2 and CIS Controls.
• Serve as a trusted advisor to leadership on cyber risk, regulatory/compliance obligations (e.g., GDPR, CCPA), and emerging threats.
• Manage key performance indicators (KPIs) and dashboards to measure program effectiveness and foster continuous improvement.
• Develop and communicate a roadmap for the privacy & security program that balances business enablement with risk mitigation.
• Lead security related projects and deliverables for security as well as external department projects.
• Implement third-party vendor risk management program, including onboarding security reviews and continuous monitoring.

Security Operations, Communications & Incident Response

• Build, run, and own infrastructure and automation to detect, contain, and eradicate security threats.
• Develop alerting and detection strategies to identify malicious or anomalous behavior.
• Develop new and novel defensive techniques to identify or counteract changes in adversary techniques and tactics.
• Dissect network, host, memory, and other artifacts originating from multiple operating systems and applications.
• Investigate enterprise-wide operations to uncover sophisticated and undetected threats.
• Partner closely with other members of the Information Security team to lead changes in the company's network defense posture.
• Identify and implement core security platform needed to maintain security within Geoforce Infrastructure, Networking, and IT systems. Platforms may include EDR, SIEM, Secure email gateways etc.
• Lead customer communications and documentation around the InfoSec processes, documentation and certifications.
• Development and Governance of Security Policies and Procedures including SOC II Type2 audit readiness.

Security Awareness & Culture Building

• Lead and enhance the Security Awareness Training (SAT) program (e.g., KnowBe4), including phishing simulations and compliance reporting.
• Advocate for a security-first culture across IT, software development, and business team through ongoing engagement, communication, and training.

Qualifications

• Experience: 3+ years in information security leadership roles, with expertise in managing enterprise-wide programs. Hands on experience in implementing security assessment tools.
• Technical Proficiency: Extensive knowledge of cybersecurity principles, tools, technologies, risk management, and compliance frameworks (NIST, CIS, ISO, SOCII).
• Certifications: CISSP, CISM, or equivalent strongly preferred.
• Communication Skills: Strong ability to articulate security concepts to non-technical customers, stakeholders, and executive leadership.
• Leadership: Collaborating with cross-functional teams and managing vendor relationships, including MDR (Managed Detection and Response) and performance measurement.

What Success Looks Like?

• A measurable reduction in organizational cyber risk through improved controls and visibility.
• Security events are detected, contained, and remediated with minimal business disruption.
• A well-established, compliant, and auditable information security program.
• A workforce that demonstrates security awareness and embraces shared accountability.
• Security technologies are implemented, optimized and integrated across IT towers and business units.
• Getting ready for SOC II Type 2 audit in 2026 to complete audit in 2027.

---