Lucid Motors is seeking a security executive who can help establish a world-class security program globally to reduce company risk and increase efficiencies company-wide. 

The Role: 

Develop the strategy and roadmap for managing technology, risk, information security, and the compliance environment contributing to Lucid's continued growth  Establish security measures to detect, prevent, and mitigate cyber attacks  Continuously evaluate the state of Lucid's security and risk profile and develop a risk-based gap analysis in order to implement and maintain a best-in-class security program  Partner closely with executives and business leaders, providing guidance and ensuring information security strategy aligns with business and product roadmap goals.  Identify risks and prevent vulnerabilities, including the evaluation and recommendation of all technical and business controls.  Effectively manage all enterprise cyber, data protection, data retention and insider threat programs, including establishing incident response, 24x7 security operations center, and security engineering, architecture and intelligence teams.  Lead the development, training and dissemination of security policies, standards, and guidelines. Create and implement security awareness training programs.  Own the investigation process for all security incidents and ensure corrective actions are completed promptly. Additionally, oversee the development of all security contingency plans.  Ensure compliance to critical standards as company expands into new markets that require new security measures such as PCI and others.   Models and reinforces ethical behavior in self and others, adheres to organizational policies and guidelines, supports compliance initiatives, maintains confidences, conducts business with honesty, shows consistency in words and actions. 

Qualifications: 

Deep expertise across security, privacy, IT audit, and legal security standards, guidelines, and principles within a large, highly-distributed, complex organization  Proficient in information security management frameworks, such as NIST and ISO/IEC 27001   Track record of building, growing, and maintaining high-performing security teams, driving transformation in a growth environment.   You are a hands on executive who leads by example.  Demonstrated ability to leverage advanced knowledge of a business structure and components of a product or service to evaluate business needs, analyze gaps caused by change initiatives, determine potential opportunities and drive transformation.   Experience leading technical security scanning, penetration testing, application security testing, mobile device security analysis, network security analysis, business continuity and disaster recovery.  Strong experience with state-of-the-art security technology and technical concepts.   Expert in enterprise risk management and defining and applying a risk management framework for a large global organization  In-depth understanding of data protection laws and regulations, including PDPL, GDPR and other relevant legislation in regional jurisdiction.  Deep knowledge of cloud security, network security, data protection, as well as OT security or security in a manufacturing environment.  Experience with enforcing secure coding practices, threat modeling, identity and access management, and security incident response and recovery.  Strategic problem solver who is analytically driven and an effective communicator who can present complex analysis to business leaders and executive leadership.   Minimum of 10 years of experience in enterprise risk and information security for a global company.  Bachelor’s degree in related field strongly preferred.  CISSP certification strongly preferred.   Successfully led organizations to obtain and maintain required security certifications.