Security Analyst II

Lucid is a hybrid workplace. We promote a healthy work-life balance by allowing employees to work remotely, from one of our offices, or a combination of the two depending on the needs of the role and team.Full-TimeMiddle
Salary not disclosed
Apply NowOpens the employer's application page

Job Details

Experience
2-3 years
Required Skills
Compliance

Requirements

  • Bachelor’s degree in information security assurance, business management, or a related field.
  • 2-3 years of experience with third party risk management, GRC, customer due diligence, etc.
  • Understanding of common security frameworks and principles (e.g. NIST 800-53, ISO 27001, SOC 2, etc).
  • Strong organizational skills with the ability to manage tasks independently and meet deadlines.
  • Excellent verbal and written communication skills.
  • Strong interpersonal skills to build positive relationships across technical and non-technical teams.
  • Prior experience working within a modern SaaS environment or cloud-first technology company (preferred).
  • Basic familiarity with cloud application operations (preferred).
  • Prior knowledge of and skill in applying risk management principles and practices (preferred).
  • Certifications such as CRISC, CISSP, CISA, SSCP, CC, Security+, or CySA+ (preferred).
  • Basic understanding of cloud environments (AWS, GCP, or Azure) (preferred).

Responsibilities

  • Conduct third-party vendor risk assessments and internal risk evaluations; identify, document, and report on potential vulnerabilities and control gaps.
  • Respond directly to standard vendor security questionnaires and support internal teams in answering security-related questions from prospects.
  • Assist in tracking and collecting evidence for ongoing SOC 2 and ISO 27001 compliance audits.
  • Proactively identify emerging threats and associated risks to existing business processes and corporate assets, and collaborate with senior team members to develop practical security solutions.
  • Coordinate and deliver security awareness training programs to employees.
  • Assure compliance to outside regulations affecting the company.
  • Collect and maintain security and compliance metrics for team dashboards.
  • Partner with Legal, Engineering, IT, Finance, and HR to ensure corporate security policies are understood and followed.
  • Identify operational inefficiencies in existing security controls and help design smoother workflows.
View Full Description & ApplyYou'll be redirected to the employer's site
View details
Apply Now