GenLogs is a transportation-technology company building the next generation of truck intelligence. Through a nationwide network of sensors and proprietary data, we deliver real-time, high-fidelity insights into freight movement for commercial supply-chain customers and public-sector agencies. Our mission is to strengthen America’s logistics backbone, combat freight fraud and cargo theft, and provide near-instantaneous visibility into commercial motor vehicle activity across major freight corridors. By operating at the intersection of edge sensing, computer vision, AI-driven analytics, and large-scale field deployment, GenLogs is transforming how transportation data is captured, secured, and commercialized.

ROLE OVERVIEW

GenLogs is a rapidly scaling information and intelligence company and our data, systems, and operational continuity are essential assets.

We are hiring a Head of Information Security (CISO) to design, own, and continuously evolve GenLogs’ security program. This is a senior, independent security leadership role with direct C-suite access, explicit authority to challenge engineering and DevOps decisions, and responsibility for defining what must be secured first, next, and later—under real-world resource constraints.

This role is not incident-response-heavy, red-team focused, or tool-driven. We are looking for a programmatic, strategic security leader who has built security from an advanced startup stage, understands how threats evolve faster than org charts, and knows how to set the tone of requirements without a large team.

WHAT YOU’LL DO

Own the Security Program — End to End

• Design and own GenLogs’ company-wide information security strategy
• Define the security roadmap under constrained resources
• Set enforceable security requirements across engineering, operations, and corporate IT
• Maintain independence from DevOps while collaborating closely with them
• Serve as the final authority on security risk acceptance

Identify and Protect Existential Assets (Day-Zero Focus)

• Identify GenLogs’ critical Tier 0 assets (data, systems, credentials, infrastructure)
• Immediately prioritize:
• • Identity & Access Management
  • Data backup and recovery strategy
  • Privileged access controls
  • Credential hygiene
• Define “company does not survive if this fails” scenarios and controls

Identity, Access, and Insider Threat Control

• Own IAM strategy across all systems
• Enforce least-privilege, role-based access, MFA, and privileged access reviews
• Secure onboarding and offboarding as an insider-threat control mechanism
• Reduce blast radius of credential compromise
• Implement access governance with minimal friction

Endpoint, Device, and MDM Security

• Secure all endpoints: laptops, mobile devices, and relevant field equipment
• Own device inventory, encryption standards, patching cadence, and MDM enforcement
• Define acceptable risk for BYOD vs managed devices
• Address data exfiltration risks at the endpoint layer

Incident Readiness (Not Firefighting)

• Define what incident response looks like before it happens
• Establish:
• • Incident response playbooks
  • Executive decision trees
  • Secure communication paths
• Establish and manage an external incident-response retainer

Phased Security Roadmap

• Build and maintain a phased execution plan
• Revisit and adjust priorities as threats, company scale, and customer exposure change
• Ensure security is always being built, never “finished”

SOC 2 Ownership (Means, Not the End)

• Own SOC 2 end-to-end:
• • Policies
  • Controls
  • Evidence
  • Auditor relationship
• Treat SOC 2 as baseline hygiene, not the finish line
• Ensure compliance does not degrade operational velocity

Monitoring, Vulnerability Awareness, and Signal

• Ensure monitoring exists for:
• • Critical systems
  • High-risk access
  • Material security events
• Track and respond to critical vulnerability disclosures
• Focus on signal over noise—not tool sprawl

Executive Communication & Political Acumen

• Brief the C-suite clearly on:
• • Risk
  • Tradeoffs
  • Consequences
• Advocate for security requirements in budget and roadmap discussions
• Push back when necessary—with credibility and clarity
• Translate technical threats into business risk

Government and Sensitive-Data Readiness

• Position GenLogs for more sensitive enterprise and government work
• Establish policies aligned with higher-assurance environments (without premature over-compliance)
• Understand frameworks such as NISPOM at a practical level
• Ensure early architectural decisions do not disqualify future opportunities

PREFERRED QUALIFICATIONS

• Built or materially evolved a security program at a scaling startup
• Experience prioritizing security under limited resources
• Broad knowledge of cybersecurity programs in dynamic environments
• Comfortable owning outcomes, not just advising
• Strong judgment, executive presence, and political capability
• May have engineering roots, but thinks in programs and risk, not tickets

US SALARY RANGE

GenLogs establishes compensation based on role, level, experience, and location. Salary bands are benchmarked against high-growth technology companies and adjusted for market conditions. Equity grants are included in most full-time offers to ensure every team member participates in the company’s long-term value creation. A recruiter will provide a precise range during the hiring process.

BENEFITS

Healthcare

• Employer-covered comprehensive medical, dental, and vision plans
• Employer contribution towards premiums of optional higher-end plans

Time Off

• Unlimited PTO
• Sick leave
• Company holidays (GenLogs observes all US Government holidays)
• Flexible leave for caregiving and medical needs

Family Support

• Paid parental leave

Professional Development

• Budget availability for approved professional development courses, certifications, and training

Travel Support

• 100% travel reimbursement for all approved company travel and spending

Retirement Savings

• 401(k) plan

A recruiter can provide more detail about the specific compensation and benefits associated with this role.