Sr. Security Engineer, GRC & Privacy

Leading the future in luxury electric and mobility At Lucid, we set out to introduce the most captivating, luxury electric vehicles that elevate the human experience and transcend the perceived limitations of space, performance, and intelligence. Vehicles that are intuitive, liberating, and designed for the future of mobility.   We plan to lead in this new era of luxury electric by returning to the fundamentals of great design – where every decision we make is in service of the individual and environment. Because when you are no longer bound by convention, you are free to define your own experience.   Come work alongside some of the most accomplished minds in the industry. Beyond providing competitive salaries, we’re providing a community for innovators who want to make an immediate and significant impact. If you are driven to create a better, more sustainable future, then this is the right place for you.**This role is 5 days onsite at our Headquarters in Newark, CA**

We are currently seeking a Senior Engineer, GRC & Privacy to identify and drive methodologies and processes in support of GRC Platform implementation and enablement.

Responsibilities:
•Works with business and technology stakeholders to design GRC functionality to meet program and enterprise cybersecurity and privacy needs
•Collaborates with the vendor to drive the development and implementation of GRC solutions to support process enablement
•Leads user acceptance testing of the GRC build and coordinates resulting system modifications
•Maintains and updates GRC workflows and system libraries including risks, controls, processes, issues and action plans
•Facilitates the governance and change management process for the GRC platform
•Assists with the development and delivery of training to process/module owners on GRC tool usage



Minimum Qualifications:

• 7+ years of experience in cybersecurity / privacy governance, compliance, or risk roles
• Certified in one or more of the following: CRISC, CISA, CISM, CISSP, CIPP, SANS GIAC Security Certifications, ITIL, ISO27001
• Competency in security and privacy frameworks including NIST CSF, NIST 800-53, ISO 27001, PCI, SOX, GDPR, CCPA/CPRA, Unified Controls Framework (UCF) and mapping to common controls
• Prior experience implementing and maintaining GRC solutions (i.e., OneTrust, BigID)
• Knowledge of design and implementation of workflows for Third Party Risk (Cloud, Manufacturing, etc.) and Privacy Management (Business Process, Data Governance, Data Mapping Automation, Privacy Impact Assessment, Data Subject Access Rights, Consent Management, etc.) and integrations with enterprise applications

Preferred Qualifications:

• Excellent interpersonal skills with the ability to communicate effectively verbally and in writing with all levels within the organization, including both technical and non-technical personnel
• Automobile and/or manufacturing industry experience is a plus
• Demonstrable interpersonal, facilitation and presentation skills to help IT and business stakeholders to navigate through complex cybersecurity and privacy GRC platform challenges
• Ability to work well in a demanding, dynamic environment, and meet overall objectives

Lucid maintains your privacy according to its Candidate Privacy Notice. If you are a California resident, please refer to our California Candidate Privacy Notice.   To all recruitment agencies: Lucid Motors does not accept agency resumes. Please do not forward resumes to our careers alias or other Lucid Motors employees. Lucid Motors is not responsible for any fees related to unsolicited resumes.