Security Analyst II
L
Lucid SoftwareSoftware
Lucid is a hybrid workplace. We promote a healthy work-life balance by allowing employees to work remotely, from one of our offices, or a combination of the two depending on the needs of the role and team.Full-TimeMiddle
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Experience
- 2-3 years
- Required Skills
- Compliance
Requirements
- Bachelor’s degree in information security assurance, business management, or a related field.
- 2-3 years of experience with third party risk management, GRC, customer due diligence, etc.
- Understanding of common security frameworks and principles (e.g. NIST 800-53, ISO 27001, SOC 2, etc).
- Strong organizational skills with the ability to manage tasks independently and meet deadlines.
- Excellent verbal and written communication skills.
- Strong interpersonal skills to build positive relationships across technical and non-technical teams.
- Prior experience working within a modern SaaS environment or cloud-first technology company (preferred).
- Basic familiarity with cloud application operations (preferred).
- Prior knowledge of and skill in applying risk management principles and practices (preferred).
- Certifications such as CRISC, CISSP, CISA, SSCP, CC, Security+, or CySA+ (preferred).
- Basic understanding of cloud environments (AWS, GCP, or Azure) (preferred).
Responsibilities
- Conduct third-party vendor risk assessments and internal risk evaluations; identify, document, and report on potential vulnerabilities and control gaps.
- Respond directly to standard vendor security questionnaires and support internal teams in answering security-related questions from prospects.
- Assist in tracking and collecting evidence for ongoing SOC 2 and ISO 27001 compliance audits.
- Proactively identify emerging threats and associated risks to existing business processes and corporate assets, and collaborate with senior team members to develop practical security solutions.
- Coordinate and deliver security awareness training programs to employees.
- Assure compliance to outside regulations affecting the company.
- Collect and maintain security and compliance metrics for team dashboards.
- Partner with Legal, Engineering, IT, Finance, and HR to ensure corporate security policies are understood and followed.
- Identify operational inefficiencies in existing security controls and help design smoother workflows.
View Full Description & ApplyYou'll be redirected to the employer's site