×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security

GRC and Security Analyst

Job in Riyadh, Riyadh Region, Saudi Arabia
Listing for: Lucidya | لوسيديا
Full Time position
Listed on 2026-05-24
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security
Salary/Wage Range or Industry Benchmark: 150000 - 200000 SAR Yearly SAR 150000.00 200000.00 YEAR
Job Description & How to Apply Below

About Lucidya

Lucidya is an AI‑native Customer Experience Intelligence platform empowering enterprises to understand, engage, and retain customers  we expand, security, compliance, and trust are at the core of our growth strategy.

About the Role

As Lucidya grows internationally, maintaining strong security controls and achieving global compliance certifications is mission‑critical. This role will directly contribute to implementing and achieving security compliance frameworks, ensuring Lucidya meets the highest standards of data protection and information security.

You’ll work at the intersection of GRC and Security Engineering, supporting compliance initiatives, strengthening internal controls, and enabling secure product development across cross‑functional teams.

What You’ll Be Doing
  • Work closely with GRC and Security Engineering teams to support security, privacy, and compliance initiatives across Saudi Arabia, Qatar, international regions, and the U.S. market
  • Assist in the implementation and ongoing maintenance of ISO/IEC 27001, ISO/IEC 42001 (AI Management Systems), NCA and SOC 2 controls
  • Support U.S. market migration efforts by aligning security and compliance practices with SOC 2, NIST frameworks, and U.S. data privacy requirements
  • Contribute to regional data protection compliance activities, including KSA PDPL, Qatar PDPL, and U.S. states privacy laws, under guidance from senior team members
  • Participate in the creation, update, and maintenance of security, privacy, and AI governance policies, procedures, and control documentation
  • Help with document control, evidence collection, and audit readiness for internal reviews, customer assessments, and external audits
  • Work cross‑functionally with engineering, product, and operations teams
Day‑to‑Day Responsibilities
  • Support daily security, privacy, and compliance activities across KSA, MEA and the U.S
  • Assist with maintaining and updating controls for ISO/IEC 27001, ISO/IEC 42001, NCA, DCC, NIST
  • Help align systems and processes with U.S & Saudi market requirements, including SOC 2 evidence, NIST‑aligned controls, and U.S & Saudi data privacy obligations
  • Review security controls for cloud infrastructure, SaaS environments, APIs, and integrations
  • Maintain policies, procedures, and control documentation, ensuring accuracy and version control
  • Collect, organize, and validate audit evidence for internal reviews, customer questionnaires, and external audits
  • Track compliance tasks, findings, and remediation actions in coordination with GRC and Security Engineering teams
  • Collaborate with engineering, product, and operations teams to address security and compliance requirements in day‑to‑day workflows
  • Support incident response documentation, risk assessments, and compliance reporting as needed
Success Metrics
  • ISO & AI Governance Compliance
  • ISO/IEC 27001 and ISO/IEC 42001 controls evidenced with zero high‑risk audit findings related to security or AI governance
  • NIST Alignment & Risk Reduction:
    Systems mapped to NIST frameworks show measurable risk reduction, gaps documented and remediated within agreed timelines
  • Achieve ISO
    27001 or ISO 42001 lead implementor
  • Independent progression and ownership of assigned tasks
First 90 Days
  • Develop a comprehensive understanding of Lucidya's security tools, processes, and system architecture
  • Actively contribute to the implementation of the ISO/IEC 42001 framework
  • Support ongoing compliance initiatives and audit activities
Requirements

What We’re Looking For

Experience & Background
  • 2‑4 years of experience in a similar Security Analyst / GRC role
  • Experience working with U.S.‑based SaaS companies
  • Strong understanding of AI and U.S. compliance frameworks
  • Experience in B2B SaaS environments
Compliance & Security Knowledge
  • ISO/IEC 27001, ISO/IEC 42001 implementation knowledge (Implementer certification preferred)
  • SOC 2 understanding
  • NCA understanding and practical experience
  • GDPR knowledge is a plus
  • Penetration testing & vulnerability assessment knowledge
Technical Skills
  • API security & integrations
  • Basic scripting (Python, Bash)
  • Code review support for deployments (automated tools)
  • Security reviews of CI/CD pipelines
  • Ruby/Rails code review experience is highly…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search