Information Security Analyst II

Who we are:

Motive empowers the people who run physical operations with tools to make their work safer, more productive, and more profitable. For the first time ever, safety, operations and finance teams can manage their drivers, vehicles, equipment, and fleet related spend in a single system. Combined with industry leading AI, the Motive platform gives you complete visibility and control, and significantly reduces manual workloads by automating and simplifying tasks.

Motive serves more than 120,000 customers – from Fortune 500 enterprises to small businesses – across a wide range of industries, including transportation and logistics, construction, energy, field service, manufacturing, agriculture, food and beverage, retail, and the public sector.

Visit gomotive.com to learn more.

We are seeking a proactive and detail-oriented Information Security Analyst to safeguard our organization's information assets. This role will be instrumental in executing Data Loss Prevention strategies, managing incident response efforts, assisting with conducting cyber risk assessments, and ensuring robust security monitoring, all while maintaining a strong focus on proactive threat mitigation. Preferred candidate would have previous managed service provider experience.

Data Protection:

• Proactively manage and optimize Data Loss Prevention strategies and toolsets, ensuring effective protection of sensitive data across all platforms.
• Implement and refine data access monitoring and alerting systems, identifying and investigating anomalous user behavior to prevent potential data exfiltration.
• Champion and enforce data security best practices, contributing to the development of organizational standards and promoting a culture of data protection.

Incident Response:

• Lead and coordinate the full incident response lifecycle, from initial detection and containment to thorough eradication and recovery, minimizing business impact.
• Conduct in-depth analysis of security alerts and logs, leveraging advanced SIEM capabilities to identify and prioritize potential security incidents.
• Collaborate seamlessly with cross-functional teams during incident response, ensuring efficient communication and timely resolution.
• Provide comprehensive data analysis and reporting to support insider threat investigations, assisting in the identification and mitigation of potential internal risks.
• Implement and refine user activity monitoring protocols, enhancing our ability to detect and respond to suspicious behavior.

Risk Assessment:

• Maintain and enhance Motive's Cyber Risk Profile, aligning with the NIST Cybersecurity Framework (CSF) to ensure comprehensive and proactive risk management.
• Perform detailed security risk assessments, identifying vulnerabilities and recommending appropriate mitigation strategies to reduce the organization's attack surface.
• Develop, implement, and monitor risk mitigation plans, ensuring timely and effective remediation of identified security risks.

Third-Party Risk Assessment (Including AI):

• Conduct third-party risk assessments, evaluating security postures and compliance with organizational standards, with a focus on data handling, access controls, and incident response capabilities.
• Evaluate the security implications of third-party AI implementations, assessing data privacy and potential vulnerabilities introduced by AI-driven services.
• Collaborate with legal and procurement teams to incorporate security and compliance requirements into third-party contracts, ensuring clear expectations and accountability.
• Monitor and assess the security of third party access to company data and systems, including monitoring for unusual AI driven traffic patterns.

Compliance:

• Maintain security controls to ensure continuous adherence to regulatory compliance standards, including SOC 2, SOX, ISO and PCI DSS.
• Conduct security assessments and internal audits, verifying compliance with industry regulations and organizational security policies, and providing actionable recommendations for improvement.
• Collaborate in the development and maintenance of comprehensive security policies and procedures, ensuring alignment with evolving compliance requirements and industry best practices.
• Streamline the audit process by efficiently gathering and organizing necessary documentation and evidence, facilitating smooth and successful compliance audits.

• Bachelor’s degree in Computer Science, Information Technology or a related field.
• 7+ years experience in Information Security,  IT audits, compliance and risk management.
• Proficient in Data Loss Prevention and CASB related technologies 
• Deep understanding of NIST CSF Framework
• Excellent communication and presentation skills.
• Detail-oriented with a focus on quality and compliance.
• Someone with the highest ethical standards who can be trusted with the most wide-ranging access to sensitive information

Certifications (Preferred): 

• CEH or equivalent 
• Security + or equivalent 
• CISA (Certified Information Systems Auditor) or equivalent

Creating a diverse and inclusive workplace is one of Motive's core values. We are an equal opportunity employer and welcome people of different backgrounds, experiences, abilities and perspectives. 

Please review our Candidate Privacy Notice here.

The applicant must be authorized to receive and access those commodities and technologies controlled under U.S. Export Administration Regulations. It is Motive's policy to require that employees be authorized to receive access to Motive products and technology. 

#LI-Remote