GRC and Security Analyst

Lucidya

Job Overview

Location

Remote

Employment Type

Full-time

Work Arrangement

Remote

Sector

Information Technology & Software

Experience Level

Junior (1-3 years)

Application Deadline

June 21, 2026

About the Company

Lucidya is a pioneering AI-native Customer Experience Intelligence platform dedicated to empowering enterprises. We enable businesses to deeply understand, effectively engage, and consistently retain their customers at scale.

As a rapidly expanding startup, security, compliance, and trust are fundamental pillars of our growth strategy. We are recognized by the World Economic Forum as one of the most promising startups in the MENA region, with an HQ in Riyadh and a global presence.

Our mission is to leverage AI, Machine Learning, and big data technologies to help businesses in the MENA region excel in serving their customers through our cutting-edge Media & Customer Intelligence products. We are funded by reputable investors and are scaling rapidly to meet the increasing demand for our innovative solutions.

Job Description

Lucidya is an AI-native Customer Experience Intelligence platform empowering enterprises to understand, engage, and retain customers at scale. As we expand, security, compliance, and trust are at the core of our growth strategy.

To support this expansion, we are strengthening our security organization and are looking for a Security Analyst to play a key role in bridging GRC, security engineering, and global compliance efforts.

As Lucidya grows internationally, maintaining strong security controls and achieving global compliance certifications is mission-critical. This role will directly contribute to implementing and achieving security compliance frameworks, ensuring Lucidya meets the highest standards of data protection and information security.

You’ll work at the intersection of GRC and Security Engineering, supporting compliance initiatives, strengthening internal controls, and enabling secure product development across cross-functional teams.

To apply for this role, click the Apply button on this page and follow the instructions.

Required Skills

ISO/IEC 27001ISO/IEC 42001NISTUS data privacy regulationsAPI securityPythonBashCI/CD pipelinesSOC 2GDPR

Key Responsibilities

Work closely with GRC and Security Engineering teams to support security, privacy, and compliance initiatives across Saudi Arabia, Qatar, international regions, and the U.S. market
Assist in the implementation and ongoing maintenance of ISO/IEC 27001, ISO/IEC 42001 (AI Management Systems), NCA and SOC 2 controls
Support U.S. market migration efforts by helping align security and compliance practices with SOC 2, NIST frameworks, and U.S. data privacy requirements
Contribute to regional data protection compliance activities, including KSA PDPL, Qatar PDPL, and U.S. states privacy laws, under guidance from senior team members
Participate in the creation, update, and maintenance of security, privacy, and AI governance policies, procedures, and control documentation
Help with document control, evidence collection, and audit readiness for internal reviews, customer assessments, and external audits
Work cross-functionally with engineering, product, and operations teams

Qualifications

2 - 4 years of experience in a similar Security Analyst / GRC role
Experience working with US-based SaaS companies
Strong understanding of AI and US compliance frameworks: ISO/IEC 42001, NIST, US data privacy regulations
Experience in B2B SaaS environments
ISO/IEC ISO 27001, ISO/IEC 42001 implementation knowledge (Implementer certification preferred)
SOC 2 understanding
NCA understanding and practical experience
GDPR knowledge is a plus
Penetration testing & vulnerability assessment knowledge
API security & integrations
Basic scripting (Python, Bash)
Code review support for deployments (automated tools)
Security reviews of CI/CD pipelines
Ruby / Rails code review experience is highly advantageous
CISM (preferred)
ISO/IEC 24001 Lead Implementer (mandatory)
ISO/IEC 27001 Lead Implementer (mandatory)
Excellent professional documentation skills
Strong organizational and follow-up abilities
Experience with document control and audit evidence
Ability to work effectively across distributed, cross-functional teams
Prior remote work with US-based teams (Nice-to-Have)
Experience supporting global compliance programs (Nice-to-Have)
Hands-on involvement in multiple certification cycles (Nice-to-Have)

Benefits & Perks

Opportunity to influence and enhance Lucidya’s governance, risk, and compliance practices at scale.
Contribute to strengthening security controls, driving compliance initiatives, and mitigating organizational risk.
Support a culture of security across the company.

How to Apply

To apply for this role, click the Apply button on this page and follow the instructions.

Join Our Communities

WhatsApp Channels

Global Jobs Gulf Jobs Nigerian Jobs Indian Jobs

Telegram Groups

Global Jobs Nigerian Jobs Gulf Jobs

In the rapidly evolving landscape of AI-driven customer experience, robust security and compliance are paramount for global expansion. This role demands expertise in areas like ISO 27001, ISO 42001, NIST frameworks, and data privacy regulations. As a GRC and Security Analyst, you will significantly impact Lucidya's ability to achieve international compliance certifications and maintain the highest standards of data protection. Your contributions will directly support secure product development and bolster customer trust, driving business growth and safeguarding our AI-native platform.