Director, Information Security
Who we are:
Motive builds technology to improve the safety, productivity, and profitability of businesses that power the physical economy. Motive combines IoT hardware with AI-powered applications to connect and automate physical operations. Motive is one of the fastest-growing software companies in the world, serving more than 120,000 businesses, across a wide range of industries including trucking and logistics, construction, oil and gas, food and beverage, field service, agriculture, passenger transit, and delivery.
Motive is built on four foundational attributes; Own It, Less but Better, Build Trust, and Unlock Potential. This has taken our company to great heights, including being recognized by Fortune for Best Workplaces, Forbes Best Startup Employers, and Comparably for our Best Global Culture, Sales Team, Leadership Team, Career Growth, and CEO for Diversity. We’re proud to receive an employee net promoter score of 63 (according to Comparably) which places Motive in the top 5% of companies with 4,000 employees or more.
Today, our team is made up of more than 3,000 employees, located across the world, providing support to a wide range of customers. While most of our employees are remote, many have the opportunity to work on-site at any of our 8 global office locations. Visit our careers website to learn more about opportunities at Motive.
About the Role:
The Director of Information Security is a hands-on position reporting to the VP of Information Security, working with VPs and Executives.
What You'll Do:
- Responsible for managing SOC 2, SOX ITGC and PCI attestations for SaaS based solutions and improving controls based on your feedback and expertise, introducing new best practices and processes to service a fast-growing SaaS organization.
- Responsible for security technology and planning, multi-year roadmap development and execution, assist in developing security capabilities and processes while striking the right balance between risk management and operational efficiency
- Support the VP of InfoSec as a liaison on cybersecurity and privacy matters, including prioritization of risk remediation, risk quantification, and communication of risk decisions in a way that drives business value
- Develop and lead risk treatment directives and report on cybersecurity program progress and risk decisions to business stakeholders
- Possess a strong ability to influence and engage effectively with stakeholders across different functions, demonstrating skill and the talent to Information Security goals across the organization
- Deep understanding of IAM Security, Endpoint Protection, Vulnerability Management and Email Security program management strategy and governance to ensure alignment with standards and zero trust principles
- Manage 3rd party SaaS security reviews as part of the vendor management program
- Optimize security functional domains and operations, coordinate the preparation of cybersecurity resiliency plans to respond to cybersecurity and privacy breaches
- Support VP of InfoSec and provide direct oversight for KPI development, security effectiveness and efficiency plans
- Assist and manage the cybersecurity spend budget, service provider performance and relationship management
- Identify, evaluate, and manage innovations, tooling, and technologies to improve the security and compliance program
- Liaises with the Product Security, enterprise architecture, AWS infrastructure and engineering teams to build alignment, thus ensuring that information security requirements are being met
- Lead the response to security incidents, coordinating efforts to minimize the impact and recover from any breaches
- Improve incident Management operational capabilities and underlying Security Information and Event Monitoring (SIEM) capabilities for effective monitoring and response capabilities.
What We're Looking For:
- At least 8+ years of multifaceted security leadership and management experience in a pre-IPO and publicly held company environment
- Demonstrated experience applying security and risk frameworks, and regulations such as NIST CSF/800-53, AICPA SOC criterias, ISO 27001, CIS, OWASP, CSA, etc.
- Up to date and in-depth knowledge of cybersecurity technologies and trends, threat landscape, risk attribution and risk management in a complex global environment.
- Experience in Zero Trust Architecture, Mobile Device Management (MDM) , Endpoint detection and Response (EDR), AWS security controls, data security, risk management, security readiness backed with AI, OKTA Identity Access Management, Security Information and Event Monitoring (SIEM), Business resumption and contingency planning, cyber incident, and crisis management, etc.
- Experience managing strategic planning, budgeting, and resource management.
- Experience performing threat modeling and design reviews to assess security implications and requirements
- Highly motivated with an exceptional work ethics, problem solving skills, and demonstrated track record of influencing senior leaders and working with peers cross-functionally.
- One or more security certifications including CISSP, CISM, CCSP, CRISC, CISA
Your compensation may be based on several factors, including education, work experience, and certifications. For certain roles, total compensation may include restricted stock units. Motive offers benefits including health, pharmacy, optical and dental care benefits, paid time off, sick time off, short term and long term disability coverage, life insurance as well as 401k contribution (all benefits are subject to eligibility requirements). Learn more about our benefits by visiting Motive Perks & Benefits
Creating a diverse and inclusive workplace is one of Motive's core values. We are an equal opportunity employer and welcome people of different backgrounds, experiences, abilities and perspectives.
Please review our Candidate Privacy Notice here.
The applicant must be authorized to receive and access those commodities and technologies controlled under U.S. Export Administration Regulations. It is Motive's policy to require that employees be authorized to receive access to Motive products and technology.