Commercial Security Operations Analyst

About the position

Geotab is a global leader in IoT and connected transportation and certified “Great Place to Work™.” We are a company of diverse and talented individuals who work together to help businesses grow and succeed, and increase the safety and sustainability of our communities. Geotab is advancing security, connecting commercial vehicles to the internet and providing web-based analytics to help customers better manage their fleets. Geotab's open platform and Geotab Marketplace®, offering hundreds of third-party solution options, allows both small and large businesses to automate operations by integrating vehicle data with their other data assets. Processing billions of data points a day, Geotab leverages data analytics and machine learning to improve productivity, optimize fleets through the reduction of fuel consumption, enhance driver safety and achieve strong compliance to regulatory changes. Our team is growing and we're looking for people who follow their passion, think differently and want to make an impact. Ours is a fast paced, ever changing environment. Geotabbers accept that challenge and are willing to take on new tasks and activities - ones that may not always be described in the initial job description. Join us for a fulfilling career with opportunities to innovate, great benefits, and our fun and inclusive work culture. Reach your full potential with Geotab.

Responsibilities

• Respond to customer RFPs, security questionnaires, and other inquiries by working closely with internal business units to gather relevant information and provide comprehensive and accurate responses.
• Conduct customer meetings to discuss and address security-related questions, concerns, and requirements.
• Oversee and manage security certifications (ISO27001, SOC2 and other) and audits against the systems, processes, and network infrastructure according to existing security policies and standards.
• Provide information assurance and subject matter expertise as required in support of panels, committees, and working groups.
• Assist with internal security impact analysis tasks and other operational items.
• Generate security requirements documents outlining the solution in business terms, and create clear requirements to enable application development.
• Supplement security requirements with detailed use cases, business process diagrams, wireframes, and workflow diagrams to illustrate business needs and security concerns.
• Develop test cases for new designs to validate the security process and system solution, and execute testing for bug fixes and new capabilities being released.
• Provide analysis of security processes and workflows with suggestions for improvement.

Requirements

• 3 -5 years of required experience in Business analysis experience working with stakeholders within a cross-functional matrix environment.
• Familiarity with information security documentation requirements, certification and accreditation processes, and abreast with general reporting requirements for industry security standards (e.g. ISO 27001, NIST SP 800-53).
• Expertise in common security tool use.
• Project Management experience is a strong plus.
• Demonstrated ability to effectively communicate security-related concepts to both technical and non-technical stakeholders.
• Experience working in cross-functional teams to enhance security posture and drive security initiatives.
• Possess a high-level understanding of security, particularly in the areas of compliance and application security.
• Excellent analytical and writing skills.
• Experience in requirements management, including collecting, documenting, analyzing, tracing, validating, prioritizing and controlling change.
• Experience gathering and preparing level-of-effort estimates, use cases, test cases and plans.
• Able to work well under pressure and respond to fast changing priorities and deadlines.
• Highly organized and able to manage multiple tasks and projects simultaneously.
• Excellent verbal and written communication skills.
• Strong analytical skills with the ability to problem solve well-judged decisions.
• A strong team-player with the ability to engage with all levels of the organization.
• Technical competence using software programs, including, but not limited to, Google Suite for business (Sheets, Docs, Slides).

Nice-to-haves

• Preferred Professional certification (e.g. CISSP, CCSP, CISM) in Information Security from a reputable institution highly valued.

Benefits

• Flex working arrangements
• Home office reimbursement program
• Baby bonus & parental leave top up program
• Online learning and networking opportunities
• Electric vehicle purchase incentive program
• Competitive medical and dental benefits
• Retirement savings program