Lucidya1 week ago

GRC and Security Analyst

Lucidya

Remote · Riyadh, Riyadh Region, Saudi Arabia or SA

Riyadh, Riyadh Region, Saudi Arabia or SARemoteFull TimeMid LevelNot SpecifiedStartup

Type

Full Time

Level

Mid Level

Education

Not Specified

Company size

Startup

Job Summary

Security Analyst bridging GRC, security engineering, and global compliance to implement and maintain security controls and certifications (ISO/IEC 27001, ISO/IEC 42001 AI Management System, SOC 2) across global regions including US, KSA, and MEA. Owns or supports audit readiness, evidence collection, and documentation; aligns security practices with NIST, U.S. data privacy laws, and regional PDPL requirements; collaborates with engineering, product, and operations to embed governance and compliance into day-to-day workflows; contributes to policy creation and control documentation, and supports incident response and risk assessments.

Required Qualifications

2 - 4 years of experience in a similar Security Analyst / GRC role
Experience working with US-based SaaS companies
Strong understanding of AI and US compliance frameworks: ISO/IEC 42001, NIST, US data privacy regulations
Experience in B2B SaaS environments
ISO/IEC 27001, ISO/IEC 42001 implementation knowledge (Implementer certification preferred)
SOC 2 understanding
NCA understanding and practical experience
GDPR knowledge is a plus
Penetration testing & vulnerability assessment knowledge
API security & integrations
Basic scripting (Python, Bash)
Code review support for deployments (automated tools)
Security reviews of CI/CD pipelines
Ruby / Rails code review experience is highly advantageous
Certifications: CISM (preferred), ISO/IEC 24001 Lead Implementer (mandatory), ISO/IEC 27001 Lead Implementer (mandatory)
Soft Skills: Excellent professional documentation skills, Strong organizational and follow-up abilities, Experience with document control and audit evidence
Nice-to-Have Experience: Prior remote work with US-based teams, Experience supporting global compliance programs
Hands-on involvement in multiple certification cycles

Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.

Hiring someone like this?

Get your role in front of qualified candidates on Sorce.

Get started