SecOps Analyst

Leading the future in luxury electric and mobility

At Lucid, we set out to introduce the most captivating, luxury electric vehicles that elevate the human experience and transcend the perceived limitations of space, performance, and intelligence. Vehicles that are intuitive, liberating, and designed for the future of mobility.

We plan to lead in this new era of luxury electric by returning to the fundamentals of great design – where every decision we make is in service of the individual and environment. Because when you are no longer bound by convention, you are free to define your own experience.

Come work alongside some of the most accomplished minds in the industry. Beyond providing competitive salaries, we’re providing a community for innovators who want to make an immediate and significant impact. If you are driven to create a better, more sustainable future, then this is the right place for you.

Role: SecOps Analyst

The Cyber Security & Compliance team is looking for a SecOp Analyst to join the team.

Role:

• Reviewed security incident queue daily and close alerts and incidents.
• Manage incident response activities as per Lucid IRP (Incident Response Plan) including scoping, communication, reporting, and long-term remediation planning.
• Perform host-based analysis, artifact analysis, network packet analysis, and malware analysis in support of security investigations and incident response.
• Coordinate investigation, containment, and other response activities with business stakeholders and groups
• Provide mentoring of junior staff and serve as point of escalation for higher severity incidents.
• Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement.
• Recommend or develop new detection logic and tune existing sensors / security controls.
• Work with security solutions owners to assess existing security solutions ability to detect / mitigate the abovementioned TTPs.
• Creating custom SIEM queries and dashboards to support the monitoring and detection of advanced TTPs against company network.

Forensics and Incident response:

• Serve as escalation point for conducting investigations into security incidents involving advanced and sophisticated threat actors and TTPs.
• Assist in performing forensic collection and analysis of electronic assets, devices, and log sources.

Threat Hunting:

• Identify, collect, and analyze threat intelligence from internal and external sources and teams.
• Develop hypotheses, analyze techniques, and execute hunts to identify threats across the environment.
• Interface with security teams and business stakeholders to implement countermeasures and improve defenses.
• SIEM / UEBA analysis and reporting:
• Utilizing SIEM/UEBA to identify abnormal activity and extract meaningful insights.
• Research, develop, and enhance content within SIEM, EDR, UEBA and other tools.
• Technologies and Automation:
• Interface with engineering teams to design, test, and implement playbooks, orchestration workflows and automation.
• Research and test new technologies and platforms; develop recommendations and improvement plans.
• Maintain incident management program documentation, including incident response runbooks.

Minimum Qualifications:

• Bachelors Degree is required
• 5+ years of information security experience across incident response, vulnerability management and security tool administration.
• 3+ years of experience working in a Cyber Security Operations Center (in-house or outsourced) creating, escalating, and managing security incidents and creating incident reports as per the incident response plan (IRP).
• 3+ years of leading incident investigations and performing the role of incident commander / coordinator with minimal guidance.
• 3+ years of managing low to high-risk cybersecurity events, alerts, and incidents, event monitoring and analysis, responding and escalating IT security events and threats and vulnerabilities.
• 3+ years of collaborating with IT and Engineering stakeholders to drive incident response and remediation.
• 3+ years of development of common runbooks for most frequent or critical incident types.
• 3+ years of performing root cause analysis of recurring incidents and implementing lessons learned during an incident to help improve Lucid’s security maturity.
• 3+ years of driving incident response and incident handling processes.
• 3+ years of working with security tools such as SIEM, Analytics & Intelligence, Firewall/IDS/IPS, Intrusion Detection, Malware detection, Data Loss Protection, and Identity & Access Management

Preferred Qualifications:

• Ability to stay up to date on current cyber threat landscape, cyber threat trends, threat actors/groups, and exploit campaigns.
• Draft operational and executive-level reports on the incident management program.
• Measure and track key performance metrics for the detection/response and incident management program and implement strategies for improvement to better secure Lucid data and systems.
• Participate in routine and periodic status meetings to convey status of recent investigations / experiences and risks.
• Participate in process improvement and documentation review

Salary Range: The compensation range for this position is specific to the locations listed below and is the range Lucid reasonably and in good faith expects to pay for the position taking into account the wide variety of factors that are considered in making compensation decisions, including job-related knowledge; skillset; experience, education and training; certifications; and other relevant business and organizational factors.
• California (Bay Area) – $115,000 – $165,000

Additional Compensation and Benefits: Lucid offers a wide range of competitive benefits, including medical, dental, vision, life insurance, disability insurance, vacation, and 401k. The successful candidate may also be eligible to participate in Lucid’s equity program and/or a discretionary annual incentive program, subject to the rules governing such programs. (Cash or equity incentive awards, if any, will depend on various factors, including, without limitation, individual and company performance.)

Lucid maintains your privacy according to its Candidate Privacy Notice. If you are a California resident, please refer to our California Candidate Privacy Notice.

At Lucid, we don’t just welcome diversity – we celebrate it! Lucid Motors is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, national or ethnic origin, age, religion, disability, sexual orientation, gender, gender identity and expression, marital status, and any other characteristic protected under applicable State or Federal laws and regulations.

To all recruitment agencies: Lucid Motors does not accept agency resumes. Please do not forward resumes to our careers alias or other Lucid Motors employees. Lucid Motors is not responsible for any fees related to unsolicited resumes.