Sr. Security Engineer

Lucid Software is the leader in visual collaboration and work acceleration, helping teams see and build the future by turning ideas into reality. Our products include the Visual Collaboration Suite (Lucidchart and Lucidspark) and airfocus. We hold true to our core values: innovation in everything we do, passion & excellence in every area, individual empowerment, initiative and ownership, and teamwork over ego. At Lucid, we value diverse perspectives and are dedicated to creating an environment and culture that is respectful and inclusive for everyone. Lucid is a hybrid workplace. We promote a healthy work-life balance by allowing employees to work remotely, from one of our offices, or a combination of the two depending on the needs of the role and team.

Since the company’s founding, Lucid Software has received numerous global and regional recognitions for its products, business, and workplace culture. These include being listed to the Forbes Cloud 100, Fast Company Most Innovative Companies, Fortune Best Workplaces in Technology, and PEOPLE’s Companies that Care. Lucid’s solutions are used by more than 100 million users across the globe, making Lucid the most used visual collaboration platform by the Fortune 500. Our customers include Google, GE, and NBC Universal, and we partner with leaders such as Google, Atlassian, and Microsoft. 

As a Senior Security Engineer at Lucid, you will serve as a key defender of Lucid's corporate assets, world-class web applications, and employees. You'll bring depth of experience and technical leadership to a security team that enables innovation in line with Lucid’s risk tolerance.

Lucid's customers trust us with their data, and that trust is foundational to our mission. A successful Senior Security Engineer not only identifies risks, but drives the strategy, design, and execution of solutions that protect customer and corporate data at scale.

Responsibilities:

• Lead the design, implementation, and maintenance of security controls across Lucid's information systems.
• Evaluate, recommend, and configure security technologies and business tools with a risk-based lens, including reviewing and hardening SaaS applications to ensure they meet Lucid's security standards.
• Conduct in-depth security design reviews on complex and evolving system architecture proposals with a bias to enable and accelerate high-value business projects.
• Proactively identify threats, vulnerabilities, and opportunities to strengthen security controls and processes across the organization.
• Drive the development of scalable, automated solutions to mitigate risk and support business objectives.
• Mentor and guide other security engineers, raising the overall security posture and expertise of the team.
• Serve as a security subject matter expert and trusted partner for IT and other business stakeholders.
• Champion Lucid's core values and foster a culture of practical, risk-informed security.

Requirements:

• 5+ years of experience in a Security or IT-related field within a SaaS environment.
• Proven ability to lead security initiatives independently, from threat identification through solution delivery.
• Adversarial mindset: you enjoy breaking, testing, and improving security controls by challenging assumptions and surfacing gaps others overlook.
• Demonstrated experience building a culture of practical security over security theater, tying controls to specific, measurable risks.
• Strong automation skills using Python, Bash, Workato, Claude, or other tools
• Deep familiarity with identity management solutions such as Active Directory, Azure AD, and Okta, including their advanced security controls.
• Solid understanding of AWS infrastructure, particularly security-focused services (e.g., IAM, GuardDuty, Security Hub, CloudTrail).
• Familiarity with AI security risks and emerging attack surfaces, including securing agentic systems, MCP, and LLM-powered workflows against new and evolving threats.
• Able to translate complex security concepts for both technical and non-technical audiences.
• Experience leading effective incident response, including cross-team collaboration in stressful situations.
• Collaborative and effective working style across multiple internal teams.

Preferred Qualifications:

• 2+ years of hands-on experience with security controls in business systems (e.g., Google Workspace, Okta, endpoint protection platforms).
• Strong working knowledge of risk management principles and practices, with experience applying them in a fast-moving environment.
• Practical expertise with common security frameworks and compliance standards (e.g., NIST 800-53, ISO 27001, SOC 2, GDPR, CCPA).
• Relevant security certifications such as CISSP, OSCP, or security certifications with similar intensity.
• Bachelor's degree in Computer Science, Information Security, or a related field.
• Experience with fleet management systems such as Jamf or Intune.

#LI-MK1