Lucid Software is a leader in visual collaboration, helping teams see and build the future from idea to reality. With our products—Lucidchart, Lucidspark and Lucidscale—teams can align around a shared vision, clarify complexity, and collaborate visually, no matter where they're located. Our products, business and workplace culture have received numerous global and regional recognitions, such as being included on the Forbes Cloud 100 and being named a Fortune Best Workplace in Technology. Lucid is a hybrid, remote-friendly workplace, providing employees the flexibility to work where they are most productive. Our employees embody our four core values of teamwork over ego, innovation in everything we do, individual empowerment, initiative, and ownership, and passion and excellence in every area.
As a Security Engineer at Lucid, you will be helping to protect Lucid’s corporate assets, including our world-class web applications and employees. Lucid Software’s security team fosters an environment where business and development can quickly adapt and innovate. We stay abreast of evolving legal and business requirements through a risk and compliance mindset. Our mission is to protect and support the objectives of the business.
Responsibilities:
- Design, implement, and maintain security controls for Lucid's information systems for applications, platforms, and infrastructure, including implementation of vendor POCs.
- Evaluate security technologies and configuration for business tools.
- Train IT staff on correct security practices and configuration.
- Actively participate in local and remote team-building activities and exercises.
- Promote and exemplify Lucid’s core values.
- Proactively Identify threats and opportunities for improvements in security controls and processes.
- Work with other teams such as Legal, Engineering, IT, Finance, and HR to identify potential threats to critical business assets.
- Assist with developing, maintaining, and coordinating security and compliance training.
- Implements and enhances compliance programs and routines.
- Perform risk assessments, document results, and provide detailed updates to stakeholders.
- Manage assigned risks including the collection of risk-related security metrics.
Requirements:
- Familiarity with security logging best practices and solutions.
- Intermediate or greater understanding of common web application security controls.
- Base understanding of AWS common infrastructure components.
- Understanding of common Identity Management controls and solutions such as Active Directory and Okta.
- Understanding of common security frameworks and principles (e.g. NIST 800-53, ISO 27001, SOC 2, etc).
- Ability to manage tasks to meet deadlines.
- Ability to read and write technical text.
- Able to work effectively across several different internal teams.
- Understanding of common risk analysis methodologies.
- Excellent verbal and written skills with great attention to details.
Preferred Qualifications:
- 1+ years experience with security controls in business systems (e.g., Google Workspaces, Anti-malware, Okta, etc.).
- CIS 18 Security Control Framework experience
- General knowledge of and skill in applying risk management principles and practices
- Security-related certification(s) (e.g., Security+, Networking+, CISSP, OSCP, CISM, or CRISC)
- Bachelor’s degree in a related field
- Understanding of common endpoint controls such as Jamf, InTune, and Chef.
If you’d like to confirm job application information found on other hiring websites, please contact us directly at: talentacquisition@lucid.co
#LI-NJ1 #LI-Remote