esign, implement, and maintain security controls for Lucid's information systems for applications, platforms, and infrastructure, including implementation of vendor POCs. Evaluate security technologies and configuration for business tools. Train IT staff on correct security practices and configuration. Actively participate in local and remote team-building activities and exercises. Promote and exemplify Lucid’s core values. Proactively Identify threats and opportunities for improvements in security controls and processes. Work with other teams such as Legal, Engineering, IT, Finance, and HR to identify potential threats to critical business assets. Assist with developing, maintaining, and coordinating security and compliance training. Implements and enhances compliance programs and routines. Perform risk assessments, document results, and provide detailed updates to stakeholders. Manage assigned risks including the collection of risk-related security metrics.Familiarity with security logging best practices and solutions. Intermediate or greater understanding of common web application security controls. Base understanding of AWS common infrastructure components. Understanding of common Identity Management controls and solutions such as Active Directory and Okta. Understanding of common security frameworks and principles (e.g. NIST 800-53, ISO 27001, SOC 2, etc). Ability to manage tasks to meet deadlines. Ability to read and write technical text. Able to work effectively across several different internal teams. Understanding of common risk analysis methodologies. Excellent verbal and written skills with great attention to details.1+ years experience with security controls in business systems (e.g., Google Workspaces, Anti-malware, Okta, etc.). CIS 18 Security Control Framework experience General knowledge of and skill in applying risk management principles and practices Security-related certification(s) (e.g., Security+, Networking+, CISSP, OSCP, CISM, or CRISC) Bachelor’s degree in a related field Understanding of common endpoint controls such as Jamf, InTune, and Chef.