GRC and Security Analyst
Lucidya
This job listing has expired
Find similar jobs instead:
Job Overview
Location
Remote
Employment Type
Full-time
Work Arrangement
Remote
Sector
Information Technology & Software
Experience Level
Junior (1-3 years)
About the Company
Lucidya is a pioneering AI-native Customer Experience Intelligence platform designed to empower enterprises in understanding, engaging, and retaining customers at scale. As a rapidly growing SaaS startup, Lucidya leverages AI, Machine Learning, and big data technologies to provide cutting-edge Media & Customer Intelligence products, particularly for the MENA region.
With a global presence, including headquarters in Riyadh and offices worldwide, Lucidya is backed by reputable investors and is experiencing significant expansion. The company is committed to maintaining the highest standards of security, compliance, and trust as it grows internationally, making these areas core to its strategic development.
Job Description
Lucidya is at the forefront of AI-driven Customer Experience Intelligence, empowering enterprises to deeply understand, effectively engage, and consistently retain their customers. As our global footprint expands, the integrity of our security, compliance, and data protection measures is paramount to our continued success and growth.
To bolster our commitment to security and trust, we are seeking a dedicated GRC and Security Analyst. This role is crucial for bridging the gap between Governance, Risk, and Compliance (GRC) and Security Engineering, playing a key role in implementing and maintaining robust security frameworks and achieving international compliance certifications.
You will be instrumental in ensuring Lucidya meets the highest standards of data protection and information security. By working at the intersection of GRC and Security Engineering, you will support compliance initiatives, strengthen internal controls, and enable secure product development across our diverse, cross-functional teams.
To apply for this role, click the Apply button on this page and follow the instructions.
Required Skills
Key Responsibilities
- Work closely with GRC and Security Engineering teams to support security, privacy, and compliance initiatives across Saudi Arabia, Qatar, international regions, and the U.S. market.
- Assist in the implementation and ongoing maintenance of ISO/IEC 27001, ISO/IEC 42001 (AI Management Systems), NCA, and SOC 2 controls.
- Support U.S. market migration efforts by helping align security and compliance practices with SOC 2, NIST frameworks, and U.S. data privacy requirements.
- Contribute to regional data protection compliance activities, including KSA PDPL, Qatar PDPL, and U.S. states privacy laws, under guidance from senior team members.
- Participate in the creation, update, and maintenance of security, privacy, and AI governance policies, procedures, and control documentation.
- Help with document control, evidence collection, and audit readiness for internal reviews, customer assessments, and external audits.
- Work cross-functionally with engineering, product, and operations teams.
Qualifications
- 2 - 4 years of experience in a similar Security Analyst / GRC role.
- Experience working with US-based SaaS companies.
- Strong understanding of AI and US compliance frameworks: ISO/IEC 42001, NIST, US data privacy regulations.
- Experience in B2B SaaS environments.
- ISO/IEC ISO 27001, ISO/IEC 42001 implementation knowledge (Implementer certification preferred).
- SOC 2 understanding.
- NCA understanding and practical experience.
- GDPR knowledge is a plus.
- Penetration testing & vulnerability assessment knowledge.
- API security & integrations.
- Basic scripting (Python, Bash).
- Code review support for deployments (automated tools).
- Security reviews of CI/CD pipelines.
- Ruby / Rails code review experience is highly advantageous.
- CISM (preferred).
- ISO/IEC 24001 Lead Implementer (mandatory).
- ISO/IEC 27001 Lead Implementer (mandatory).
- Excellent professional documentation skills.
- Strong organizational and follow-up abilities.
- Experience with document control and audit evidence.
- Ability to work effectively across distributed, cross-functional teams.
- Prior remote work with US-based teams (Nice-to-Have).
- Experience supporting global compliance programs (Nice-to-Have).
- Hands-on involvement in multiple certification cycles (Nice-to-Have).
Benefits & Perks
- Opportunity to influence and enhance Lucidya’s governance, risk, and compliance practices at scale.
- Contribute to strengthening security controls, driving compliance initiatives, and mitigating organizational risk.
- Support a culture of security across the company.
How to Apply
This job has expired
Join Our Communities
The cybersecurity landscape is rapidly evolving, with AI-driven threats demanding sophisticated defense mechanisms. As Lucidya scales globally, ensuring robust security, compliance, and data protection is paramount. This role is pivotal in integrating GRC principles with security engineering, directly impacting the company's ability to meet international standards and safeguard customer trust. You will be instrumental in implementing and maintaining critical compliance frameworks, such as ISO/IEC 27001 and ISO/IEC 42001, and supporting adherence to regulations like SOC 2 and various data privacy laws. Your contributions will enable secure product development and foster a culture of security across the organization, directly influencing business ROI through enhanced trust and reduced risk.
Posted Date
May 19, 2026