Sr. Manager, Security Analytics

Salt Lake, UT - USA

Monthly Salary: Not Disclosed

Posted on: 12 hours ago

Vacancies: 1 Vacancy

Job Summary

Lucid Software is the leader in visual collaboration and work acceleration helping teams see and build the future by turning ideas into reality. Our products business and workplace culture have received numerous awards such as being named to the Forbes Cloud 100 and a Fortune Best Workplace in Technology. Lucid is a hybrid workplace allowing employees to work remotely from one of our offices or a combination of the two depending on the needs of the role and team. At Lucid we hold true to our core values of teamwork over ego innovation in everything we do individual empowerment initiative and ownership and passion and excellence in every area. We value diverse perspectives and are dedicated to creating an environment that is respectful and inclusive for everyone.

We are looking for a motivated Sr. Manager for Lucids Security Analytics who will manage Lucids Trust & Enablement and GRC teams. This manager will be accountable for monitoring and proving Lucids compliance with our existing certifications coordinating customer-facing security interactions (e.g. security calls customer questionnaires and customer audits) and maintaining Lucid security policies.

Responsibilities:

Security Analytics Team Leadership: Responsible for direct reports including weekly 1:1s OKR/KPI planning performance growth and team growth plan.
Contract Reviews: Partner with Legal to review external contracts for security compliance.
Vendor Management: Own and drive relationships with third-party vendors.
Lead implementation of security controls: Take charge of implementing and enhancing information security controls particularly focusing on SOC2 ensuring alignment with laws regulations industry standards (e.g. GDPR ISO27001) and business requirements.
FedRAMP Program Management: Provide strategic managerial support and ensure compliance for our ongoing FedRAMP Authorization program.
Monitor and investigate security issues: Oversee the monitoring investigation and resolution of issues creating reports conducting security assessments and driving security programs across the organization.
Manage SaaS product security technologies: Supervise the implementation and management of security technologies related to our SaaS product.
Support in client interactions: Assist departments with information security-related questions during proposal and negotiation processes with potential clients/customers.
Drive security awareness: Develop and deliver security awareness and training programs to educate employees on best practices fostering a strong security culture.
Conduct security assessments: Perform regular security assessments and audits to identify gaps in the companys security posture recommending and driving remediation actions.
Ensure device compliance: Take ownership of company device management to maintain compliance with regulations and industry standards.

Requirements:

5 years of relevant experience working with information security management systems including risk assessment threat management and incident response.
2 years of people leadership experience
Relevant academic background: Bachelors or Masters degree in IT security information systems computer science technology management or a similar field or equivalent apprenticeship experience with foundational knowledge of information security-related topics.
Understanding of SaaS security: Strong grasp of the security challenges and solutions for modern cloud-based SaaS providers.
Problem-solving mindset: Passionate about combining robust security with the fast-paced environment of SaaS product management.
Project management skills: Self-driven project manager familiar with the workstreams of ISO 27001 and SOC 2 certification processes.
Technical security knowledge: Strong understanding of modern web application architecture (e.g. OWASP Top 10) cloud hosting technologies (e.g. Kubernetes infrastructure as code) and best practices for securing these environments.
Strong interpersonal skills: Ability to communicate effectively with colleagues and customers at all levels building strong relationships with various stakeholders.

Preferred Qualifications:

Possession of a CISA CISM CISSP or CRISC certification(s) is a strong plus.

Understanding of common security frameworks and principles (e.g. NIST 800-53 ISO 27001 SOC 2 FedRAMP etc).
Understanding of common risk analysis methodologies (e.g. OCTAVE FAIR NIST 800-30).
Practical audit management experience (auditor-facing and customer-facing).
Previous experience managing customer-facing teams.

#LI-DA1

Required Experience:

Manager