Director, Information Security

Lucid Software is the leader in visual collaboration, helping teams see and build the future from idea to reality. Our products, business, and workplace culture have received numerous awards, such as being named to the Forbes Cloud 100 and a Fortune Best Workplace in Technology. Lucid is a hybrid workplace, allowing employees to work remotely, from one of our offices, or a combination of the two depending on the needs of the role and team. At Lucid, we hold true to our core values of teamwork over ego, innovation in everything we do, individual empowerment, initiative, and ownership, and passion and excellence in every area. We value diversity and are dedicated to creating an environment that is respectful and inclusive for everyone.

As a Director of Security at Lucid you will be helping to protect corporate assets, including our world-class web applications, employees, and local space. Lucid Software’s security team protects and promotes an environment where business and development can quickly adapt and innovate. We stay abreast of evolving legal and business requirements through cutting-edge technologies and a DevSecOps mindset. Our mission is to protect and support the objectives of the business.

Responsibilities:

• Lead a team of security personnel in their day-to-day duties and responsibilities
• Direct team in the definition, direction and maintenance of the security strategy that provides continual improvements in the security posture of the organization
• Develop security trainings for Lucid employees to ensure that security is prioritized
• Actively use industry standard security benchmarks (e.g. CIS 18) to measure Lucid’s internal risk and control posture
• Actively identify and implement security controls to protect against internal and external threats. Identify weaknesses and areas of opportunities and drive resolution in an appropriate timeframe.
• Design and implement security recommendations for all areas of the business, software applications, and physical controls
• Perform regular internal penetration tests. Coordinate external penetration tests with 3rd party providers
• Capable to provide assistance to all other team members and their day-to-day responsibilities when needed
• Design, implement and monitor compliance with security standards, policies, industry regulations, and customer requirements
• Keep business leadership up-to-date on security trends, anomalies, and concerns
• Lead responses to security incidents and threats

• 7+ years of security experience
• 3+ years of management experience
• 3+ years of working experience within SaaS companies
• Familiarity with security in a cloud environment
• In-depth knowledge of SIEM (Security Information Event Management)
• Familiarity with attack frameworks and mitigation
• Extensive incident response experience

• Familiarity with AWS and or other cloud providers security model (IAM)
• Experience implementing controls for industry standard frameworks (e.g. SOC2, ISO27000, CIS 18, NIST)
• Security Certifications (e.g. CISSP, CEH, GIAC, etc.)
• Passionate for designing and implementing high quality/robust solutions
• Can thrive working in a fast-paced, start-up-like environment
• Detail-oriented, organized, and helpful
• Bias towards finding solutions vs. shutting down ideas

If you’d like to confirm job application information found on other hiring websites, please contact us directly at: [email protected]