Security & Compliance Analyst

Since our founding in 2012 Lotlinx has consistently pioneered advancements in the automotive landscape. We specialize in empowering automobile dealers and manufacturers by providing cutting-edge data and technology delivering a distinct market advantage for every single vehicle transaction. Today we stand as the foremost automotive AI and machine learning powered technology excelling in digital marketing risk management and strategic inventory management.

Lotlinx provides employees with a dynamic work environment that is challenging team-oriented and full of passionate people. We offer great incentives to our employees such as competitive compensation and benefits flex time off and career development opportunities.

Job Summary

Lotlinx is seeking a Security & Compliance Analyst to serve as the operational engine of our security compliance and incident response programs. This role is a blend of a technical auditor security analyst and operational support specialist. You will be responsible for the continuous monitoring of our environment actioning security alerts and assisting our IT Operations and DevOps teams with the technical implementation of security controls.

The Lotlinx Security Philosophy: We prioritize value-added security over security theater. As an Analyst you are more than a checkeryou are an active participant in securing our stack. You will succeed by leveraging automation to perform technical audits and by providing hands-on support to ensure our security projects are implemented effectively without creating friction for our engineering teams.

Note on Technical Background: This is an operational role that requires a strong Information Technology background. You must understand how systems MDM and identity providers function at a technical level to accurately verify controls triage alerts and assist in technical projects. Candidates who can look under the hood to implement security settings and resolve alerts will be highly successful.

Key Responsibilities

• Security Alert Triage & Actioning: Serve as a first responder for security alerts generated by our defensive stack. You will investigate triage and action security events coordinating with IT Operations DevOps and external partners to ensure rapid containment and remediation.
• Collaborative Control Implementation: Actively assist IT Operations and DevOps teams with the technical implementation of security controls. This includes assisting with the configuration of MDM policies hardening cloud infrastructure settings and supporting the rollout of new security tools and features.
• Security Project Support: Provide technical and administrative support for departmental security projects. You will help manage the execution phase of security initiatives ensuring that technical milestones are met and that implementations align with our SOC 2 and CCPA requirements.
• Continuous Technical Auditing: Perform regular automated audits of our security controls within Secureframe. You will verify that technical configurations across Windows macOS and Linux endpoints meet our established security baselines.
• Automated IAM & Lifecycle Monitoring: Manage the technical verification of our identity perimeter via Okta. Monitor the Joiner-Mover-Leaver process and use automation to ensure that access lifecycles and permissions are handled correctly remediating any anomalies identified.
• Vulnerability Tracking & Remediation Support: Assist in the management of our vulnerability management program. You will track items in the Risk Register and work closely with DevOps and IT Operations to ensure remediation tasks are technically defined and executed according to business priority.
• Evidence Lifecycle Management: Lead the collection and validation of technical audit evidence. You will ensure that our compliance platform is continuously populated with high-quality evidence minimizing manual data gathering during formal audit windows.
• Security Activities Coordination: Support the planning and execution of security activities including the administration of cybersecurity awareness training assisting in disaster recovery (DR) tests and helping to coordinate annual penetration tests and tabletop exercises.

Qualifications

• Experience: 3-5 years in IT Operations Security Analysis or IT Audit. Experience as a first responder for security alerts is a significant asset.
• Pragmatic Mindset: A demonstrated ability to approach compliance and operations with a common-sense lens focusing on controls that provide actual security value and maintain engineering velocity.
• Technical Skills: Strong familiarity with identity management endpoint security and cloud-native SaaS environments.
• Operational Agility: The ability to pivot between auditing tasks and hands-on technical support for IT/DevOps projects.
• Education: Bachelors degree in a technical field or equivalent professional experience.
• Automation & AI Mindset: A strong desire to leverage AI tools to automate alert triage replace manual audit tasks and streamline compliance workflows.

The salary range for this position is $75000 - $84000 CAD with an annual target bonus.

Lotlinx provides a comprehensive benefits package.

This job posting is for an existing vacancy.

Lotlinx is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race color religion gender gender identity or expression sexual orientation national origin genetics disability age or veteran status.

Lotlinx is not currently able to offer sponsorship for employment visa status.

Lotlinx is headquartered in Peterborough NH and has locations in Holmdel NJ Manitoba Ontario and British Columbia Canada in addition to a large team spanning from the US to Canada.

Our success relies heavily on our customers but also our dedicated talent that continuously moves our platform forward. We value our employees their abilities and seek to foster an open cooperative dynamic environment where the team and company alike can thrive.