Director, Information Security

Lucid Software offers a leading Visual Collaboration Suite that helps teams see and build the future from idea to reality. With its products—Lucidchart, Lucidspark and Lucidscale—teams can align around a shared vision, clarify complexity, and collaborate visually, no matter where they're located. Top businesses use Lucid's products all around the world, including customers such as Google, GE, and NBC Universal. Lucid's partners include industry leaders such as Google, Atlassian, and Microsoft. 

With a fast-growing team of more than 1,000 employees, we are committed to maximizing collaboration and innovation in the workplace through our products and with our people. Lucid is a hybrid, remote-friendly workplace, providing employees the flexibility to work where they are most productive, whether that’s at home, in the office, or a combination of the two. 

We hold true to our core values: innovation in everything we do, passion & excellence in every area, individual empowerment, initiative and ownership, and teamwork over ego. At Lucid, we welcome diversity and are dedicated to creating an environment and culture that is respectful and inclusive for everyone.

Since the company’s founding, Lucid has received numerous global and regional recognitions for its products, business, and workplace culture. These include being named a Fortune Best Workplace in Technology and a 2022 Glassdoor Best Place to Work, inclusion on the Forbes Cloud 100, and placing #19 on G2’s Best Software Products for 2022 list.

As a Director of Security at Lucid you will be helping to protect corporate assets, including our world-class web applications, employees, and local space. Lucid Software’s security team protects and promotes an environment where business and development can quickly adapt and innovate. We stay abreast of evolving legal and business requirements through cutting-edge technologies and a DevSecOps mindset. Our mission is to protect and support the objectives of the business.

Responsibilities:

• Lead a team of security personnel in their day-to-day duties and responsibilities
• Ensure that security staff are trained and stay up-to-speed on the latest security trends
• Develop security trainings for Lucid employees to ensure that security is not an afterthought
• Actively use industry standard security benchmarks (e.g. CIS 18) to measure Lucid’s internal risk and control posture
• Actively identify and implement security controls to protect against internal and external threats
• Design and implement security recommendations for all areas of the business, software applications, and physical controls
• Perform regular internal penetration tests. Coordinate external penetration tests with 3rd party providers
• Design, implement and monitor compliance with security standards, policies, industry regulations, and customer requirements
• Keep business leadership up-to-date on security trends, anomalies, and concerns

• 7+ years of security experience
• 3+ years of management experience
• Familiarity with security in a cloud environment
• In-depth knowledge of SIEM (Security Information Event Management)
• Familiarity with attack frameworks and mitigation
• Extensive incident response experience

• Familiarity with AWS and or other cloud providers security model (IAM)
• Experience implementing controls for industry standard frameworks (e.g. SOC2, ISO27000, CIS 18, NIST)
• Security Certifications (e.g. CISSP, CEH, GIAC, etc.)
• Passionate for designing and implementing high quality/robust solutions
• Can thrive working in a fast-paced, start-up-like environment
• Detail-oriented, organized, and helpful
• Bias towards finding solutions vs. shutting down ideas