← back to jobs
> job detail
L
👽Other

Security Analyst II

Lucid Software · Raleigh, NC
// classified as
Other (Adjacent or hard to classify.)
posted
1d ago
location
Raleigh, NC
languages
tools
aws
> stack
aws
> description
<p><span style="font-size: 12pt;">Lucid Software is the leader in visual collaboration and work acceleration, helping teams see and build the future by turning ideas into reality. Our products include the Visual Collaboration Suite (Lucidchart and Lucidspark) and airfocus. We hold true to our core values: innovation in everything we do, passion &amp; excellence in every area, individual empowerment, initiative and ownership, and teamwork over ego. At Lucid, we value diverse perspectives and are dedicated to creating an environment and culture that is respectful and inclusive for everyone. Lucid is a hybrid workplace. We promote a healthy work-life balance by allowing employees to work remotely, from one of our offices, or a combination of the two depending on the needs of the role and team.</span></p> <p><span style="font-size: 12pt;">Since the company’s founding, Lucid Software has received numerous global and regional recognitions for its products, business, and workplace culture. These include being listed to the Forbes Cloud 100, Fast Company Most Innovative Companies, Fortune Best Workplaces in Technology, and PEOPLE’s Companies that Care. Lucid’s solutions are used by more than 100 million users across the globe, making Lucid the most used visual collaboration platform by the Fortune 500. Our customers include Google, GE, and NBC Universal, and we partner with leaders such as Google, Atlassian, and Microsoft.&nbsp;</span></p> <p><span style="font-size: 12pt;">As a Security Analyst at Lucid Software, you will protect our corporate assets,world-class web applications, and employees. You will focus on the execution of day-today Security Assurance operations, third-party risk assessments, customer trust, and support GRC (Governance, Risk, and Compliance) operations. Lucid Software’s security team fosters an environment where business and development can quickly adapt and innovate. We stay abreast of evolving security, legal, and business requirements through a risk and compliance mindset. Our mission is to protect and support the objectives of the business.</span></p> <p><span style="font-size: 12pt;"><strong>Responsibilities:</strong></span></p> <ul> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Conduct third-party vendor risk assessments and internal risk evaluations; identify, document, and report on potential vulnerabilities and control gaps.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Respond directly to standard vendor security questionnaires and support internal teams (i.e. Sales, Customer Success, etc.) in answering security-related questions from prospects.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Assist in tracking and collecting evidence for ongoing SOC 2 and ISO 27001 compliance audits.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Proactively identify emerging threats and associated risks to existing business processes and corporate assets, and collaborate with senior team members to develop practical security solutions.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Coordinate and deliver security awareness training programs to employees to foster a strong security culture.&nbsp;</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Assure compliance to outside regulations affecting the Company</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Collect and maintain impactful security and compliance metrics for team dashboards.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Partner with Legal, Engineering, IT, Finance, and HR to ensure corporate security policies are understood and followed.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Identify operational inefficiencies and areas for improvement in our existing security controls, and help design smoother workflows.</span></li> </ul> <p><span style="font-size: 12pt;"><strong>Requirements:</strong></span></p> <ul> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Bachelor’s degree in information security assurance, business management, or a related field</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">2-3 years of experience with third party risk management, GRC, customer due diligence, etc.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Understanding of common security frameworks and principles (e.g. NIST 800-53, ISO 27001, SOC 2, etc). Strong organizational skills with the ability to manage tasks independently and meet deadlines with minimal oversight on daily routines.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Excellent verbal and written skills; comfortable translating security concepts into clear documentation.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Strong interpersonal skills with a track record of building positive relationships across non-technical teams (like Legal, HR, Finance) and technical teams (like IT and Engineering) to resolve security risks collaboratively.</span></li> </ul> <p><span style="font-size: 12pt;"><strong>Preferred Qualifications:</strong></span></p> <ul> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Prior experience working within a modern SaaS environment or cloud-first technology company, with a basic familiarity of how cloud applications operate.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Prior knowledge of and skill in applying risk management principles and practices</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">One or more preferred Certification(s): CRISC, CISSP, CISA, SSCP, CC, Security+, CySA+, etc.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Basic understanding of cloud environments (AWS, GCP, or Azure).</span></li> </ul> <p><span style="font-size: 12pt;">#LI-DA1</span></p>