Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy
Jobs / Job page
Security and Compliance Manager image - Rise Careers
Job details

Security and Compliance Manager

Since our founding in 2012, we’ve grown quickly and consistently. As our early adopters quickly began to see results, word spread. Today, we’ve grown to be thousands of dealers strong, including hundreds of rooftops under the Nation’s Top 100 Auto Groups. We also partner with OEMs directly, are approved for co-op programs and work with a wide network of resellers.

Lotlinx empowers automobile dealers and manufacturers with data and technology to give the best possible market advantage on every vehicle transaction.  Dealers leverage our proprietary platform to identify potential inventory risks and opportunities to execute VIN-specific strategies enabling them to move inventory faster and more efficiently controlling their risk and optimizing their gross profit and PVR. Lotlinx offers a suite of features such as real-time market analysis, inventory management, and precision targeted vehicle demand data. All of this helps to increase turn, reduce waste, and improve margin.

Lotlinx provides employees with a dynamic work environment that is challenging, team-oriented, and full of passionate people. We offer great incentives to our employees, such as competitive compensation and benefits, flex time off, and career development opportunities.

About Lotlinx
Lotlinx is the best in class, AI-powered Inventory Management solution for the automotive industry. Lotlinx uses advanced machine learning technology to help vehicle sellers analyze shopper data, identify high intent purchasers, and execute inventory-specific strategies to reduce days on lot and improve margin per vehicle.

Security and Compliance Manager

Job Description

Lotlinx is currently seeking an experienced Security and Compliance Manager to join our dynamic team. In this role, reporting directly to the VP of Product Operations, you will be instrumental in ensuring our adherence to legal standards and internal policies, with a specific emphasis on the convergence of software development, operations, organizational culture, and security.

This position is tailored for individuals with a comprehensive background in compliance, information security, and risk management, who are eager to instigate significant changes in a high-paced environment. As the key point of contact, you will assume responsibility for all facets of cybersecurity and compliance project management – from initiation and planning to execution and monitoring.

This newly established role at Lotlinx offers the autonomy and opportunity to develop and implement processes and frameworks, where you'll have a lasting impact. Success in this role hinges on your ability to build trust, adapt quickly, actively learn, communicate clearly, champion efficiency, and willingly tackle formidable challenges. If you are ready to thrive in a position where you can make a substantial impact while steering your own professional trajectory, we encourage you to apply.

Key Responsibilities

  • Regulatory Compliance Expertise: Act as a subject matter expert for cybersecurity and compliance projects, providing guidance and leadership in adherence to relevant laws and regulations in both Canada and the United States, with a focus on SOC 2.
  • Roadmap Oversight and Governance: Oversee the execution of the cybersecurity roadmap and governance framework, ensuring alignment with compliance standards like SOC 2. Provide progress updates and track changes in the organization's cyber risk and security posture, staying abreast of laws in Canada and the United States such as the California Consumer Privacy Act (CCPA) and the Gramm-Leach-Bliley Act (GLBA).
  • Internal Audits and Risk Assessments: Conduct internal audits and risk assessments, ensuring strict adherence to compliance standards.
  • Cross-Departmental Collaboration: Collaborate with various departments to integrate compliance controls into operational processes, ensuring alignment with legal requirements.
  • Security Activities Planning and Execution: Plan and execute security activities, including cybersecurity awareness training, tabletop exercises, DR tests, penetration tests, etc.
  • Security Event Processes: Establish and execute processes for security events, ensuring timely response, investigation, containment, reporting, and continuous improvement.
  • DevOps Collaboration: Collaborate with DevOps teams to integrate automated security tools into the CI/CD pipeline.
  • Application Security Testing: Perform Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), and Software Composition Analysis (SCA).
  • Security Scan Results Review: Review security scan results, prioritize vulnerabilities using a risk-based approach, and collaborate with development teams for resolution.
  • Application Architecture Evaluation: Evaluate application architecture for security issues and flaws, addressing concerns such as network security, IAM misconfigurations, encryption, and key management.
  • IAM Effectiveness Assessment: Assess the effectiveness of Identity and Access Management (IAM) controls, access controls, and user management processes.

Qualifications

  • Minimum 3 years of experience in a compliance and/or cybersecurity role, with a preference for those with exposure in the software industry.
  • Bachelor’s degree or equivalent in Information Technology, Cybersecurity, or a related field.
  • Possession of professional certifications related to cybersecurity, compliance, and risk management (e.g., CISM, CISSP, CISA) is considered an asset.
  • Technical and problem-solving skills in the context of IT Service Management (ITSM) or ITIL are considered an asset.
  • Ability to learn and translate technical issues into a business risk context.
  • Demonstrated proficiency in presentations and status reporting.
  • Strong administrative and organizational skills.
  • Talent to promote collaboration between stakeholders, solve problems, achieve objectives, meet schedules, improve efficiencies, exercise good judgment, and communicate clearly.
  • Proven experience in managing compliance within technology and software development environments.
  • Deep understanding of IT security principles, risk management, and product lifecycle.

Lotlinx is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

Lotlinx is not currently able to offer sponsorship for employment visa status.

Lotlinx is headquartered in Peterborough, NH and has locations in Holmdel NJ, Manitoba, Ontario and British Columbia, Canada in addition to a large team spanning from the US to Canada.

Our success relies heavily on our customers but also our dedicated talent that continuously moves our platform forward. We value our employees, their abilities and seek to foster an open, cooperative, dynamic environment where the team and company alike can thrive. 

LotLinx Glassdoor Company Review
3.3 Glassdoor star iconGlassdoor star iconGlassdoor star icon Glassdoor star icon Glassdoor star icon
LotLinx DE&I Review
No rating Glassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star icon
CEO of LotLinx
LotLinx CEO photo
Len Short
Approve of CEO

We are an automotive inventory marketing technology company that helps dealers sell cars smarter by aligning marketing strategies to sales objectives with unparalleled efficiency and precision.

6 jobs
FUNDING
TEAM SIZE
DATE POSTED
February 4, 2024

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!
Other jobs
Company
Posted 13 days ago
Company
Posted 3 months ago