Lucid Motors
Staff Cyber Incident Response Security Engineer
Lucid Motors, Newark, California, United States, 94560
Staff Cyber Incident Response Security Engineer
Get AI-powered advice on this job and more exclusive features. Leading the future in luxury electric and mobility. At Lucid, we set out to introduce the most captivating, luxury electric vehicles that elevate the human experience and transcend the perceived limitations of space, performance, and intelligence. Vehicles that are intuitive, liberating, and designed for the future of mobility. We plan to lead in this new era of luxury electric by returning to the fundamentals of great design – where every decision we make is in service of the individual and environment. Because when you are no longer bound by convention, you are free to define your own experience. Come work alongside some of the most accomplished minds in the industry. Beyond providing competitive salaries, we’re providing a community for innovators who want to make an immediate and significant impact. If you are driven to create a better, more sustainable future, then this is the right place for you. Job Summary
We are seeking an experienced Cyber Incident Response Security Engineer to join our global security team in Newark, CA. This is a critical role within our Cyber Incident Response Team (CIRT), responsible for managing and responding to security incidents across our global operations. You will serve as an escalation point for our 24/7 Security Operations Center (SOC) and play a key role in the automation, orchestration, and enhancement of our security incident response capabilities. This position requires deep expertise in cybersecurity, strong analytical skills, and the ability to work collaboratively in a fast‑paced environment. Incident Response & Escalation
Serve as the senior escalation point (Level 3) for high‑impact security incidents within the global 24/7 SOC. Lead advanced investigations into sophisticated cyber threats, including malware outbreaks, targeted intrusions, and persistent adversary activity. Provide strategic guidance on containment, eradication, and remediation to minimize business risk and operational disruption. Conduct proactive threat hunting using intelligence‑driven and behavior‑based analytics to identify hidden adversary activity. Develop, refine, and optimize threat detection rules and signatures to enhance SOC visibility and response accuracy. Analyze emerging threats, leveraging global intelligence sources, and deliver actionable recommendations to strengthen enterprise defenses. Security Automation & Orchestration
Architect and deploy automated workflows to improve incident triage, enrichment, and response efficiency. Operationalize SOAR platforms to orchestrate end‑to‑end response processes and reduce mean time to respond (MTTR). Integrate SIEM technologies to optimize log ingestion, correlation, and alerting while reducing false positives. Security Tooling & Continuous Improvement
Partner with security engineering and architecture teams to enhance detection and response capabilities. Perform root cause analysis of incidents and drive improvements to detection rules, playbooks, and security controls. Continuously evaluate evolving adversary TTPs, industry best practices, and frameworks (e.g., MITRE ATT&CK) to maintain a robust defense posture. You Bring
Bachelor’s degree in Computer Science, Information Technology, or a related technical field, or equivalent experience may be considered in lieu of a degree. 8+ years of progressive experience in Threat Detection & Response, Incident Response, or SOC Operations. Strong expertise in investigating malware, BEC, 3rd‑party supply chain, phishing, insider threats, web‑based attacks, and advanced persistent threats (APTs). Hands‑on experience with industry‑leading tools, CrowdStrike, Palo Alto Networks firewalls, Netskope, Wiz, Splunk. Proven experience leading Insider threat and Insider Risk Management, and confidential investigation. Proven experience with SIEM platforms, SOAR solutions, and threat intelligence integration. Proficiency in scripting (Python, PowerShell, Bash) to enable automation and custom detections. Deep understanding of adversary tradecraft, MITRE ATT&CK framework, TTPs, and the cyber kill chain. Proficiency in communication and collaboration during and after incidents. Hands‑on experience with cloud environments (AWS or OCI) required. Preferred Qualifications
Experience in the automotive industry or manufacturing environments. Industry‑recognized certifications such as GCIH, GCFA, CISSP, CISM, or OSCP highly desirable. Demonstrated ability to operate in a fast‑paced, global environment and effectively collaborate across cross‑functional teams. Equal Employment Opportunity
At Lucid, we don’t just welcome diversity – we celebrate it! Lucid Motors is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, national or ethnic origin, age, religion, disability, sexual orientation, gender identity and expression, marital status, and any other characteristic protected under applicable State or Federal laws and regulations. Salary Range
Base Pay Range (Annual): $145,100—$212,850 USD. Additional Compensation and Benefits
Lucid offers a wide range of competitive benefits, including medical, dental, vision, life insurance, disability insurance, vacation, and 401k. The successful candidate may also be eligible to participate in Lucid’s equity program and/or a discretionary annual incentive program, subject to the rules governing such programs. (Cash or equity incentive awards, if any, will depend on various factors, including, without limitation, individual and company performance.) Privacy Notice
By submitting your application, you understand and agree that your personal data will be processed in accordance with our Candidate Privacy Notice. If you are a California resident, please refer to our California Candidate Privacy Notice. Recruitment Agency Policy
Lucid Motors does not accept agency resumes. Please do not forward resumes to our careers alias or other Lucid Motors employees. Lucid Motors is not responsible for any fees related to unsolicited resumes.
#J-18808-Ljbffr
Get AI-powered advice on this job and more exclusive features. Leading the future in luxury electric and mobility. At Lucid, we set out to introduce the most captivating, luxury electric vehicles that elevate the human experience and transcend the perceived limitations of space, performance, and intelligence. Vehicles that are intuitive, liberating, and designed for the future of mobility. We plan to lead in this new era of luxury electric by returning to the fundamentals of great design – where every decision we make is in service of the individual and environment. Because when you are no longer bound by convention, you are free to define your own experience. Come work alongside some of the most accomplished minds in the industry. Beyond providing competitive salaries, we’re providing a community for innovators who want to make an immediate and significant impact. If you are driven to create a better, more sustainable future, then this is the right place for you. Job Summary
We are seeking an experienced Cyber Incident Response Security Engineer to join our global security team in Newark, CA. This is a critical role within our Cyber Incident Response Team (CIRT), responsible for managing and responding to security incidents across our global operations. You will serve as an escalation point for our 24/7 Security Operations Center (SOC) and play a key role in the automation, orchestration, and enhancement of our security incident response capabilities. This position requires deep expertise in cybersecurity, strong analytical skills, and the ability to work collaboratively in a fast‑paced environment. Incident Response & Escalation
Serve as the senior escalation point (Level 3) for high‑impact security incidents within the global 24/7 SOC. Lead advanced investigations into sophisticated cyber threats, including malware outbreaks, targeted intrusions, and persistent adversary activity. Provide strategic guidance on containment, eradication, and remediation to minimize business risk and operational disruption. Conduct proactive threat hunting using intelligence‑driven and behavior‑based analytics to identify hidden adversary activity. Develop, refine, and optimize threat detection rules and signatures to enhance SOC visibility and response accuracy. Analyze emerging threats, leveraging global intelligence sources, and deliver actionable recommendations to strengthen enterprise defenses. Security Automation & Orchestration
Architect and deploy automated workflows to improve incident triage, enrichment, and response efficiency. Operationalize SOAR platforms to orchestrate end‑to‑end response processes and reduce mean time to respond (MTTR). Integrate SIEM technologies to optimize log ingestion, correlation, and alerting while reducing false positives. Security Tooling & Continuous Improvement
Partner with security engineering and architecture teams to enhance detection and response capabilities. Perform root cause analysis of incidents and drive improvements to detection rules, playbooks, and security controls. Continuously evaluate evolving adversary TTPs, industry best practices, and frameworks (e.g., MITRE ATT&CK) to maintain a robust defense posture. You Bring
Bachelor’s degree in Computer Science, Information Technology, or a related technical field, or equivalent experience may be considered in lieu of a degree. 8+ years of progressive experience in Threat Detection & Response, Incident Response, or SOC Operations. Strong expertise in investigating malware, BEC, 3rd‑party supply chain, phishing, insider threats, web‑based attacks, and advanced persistent threats (APTs). Hands‑on experience with industry‑leading tools, CrowdStrike, Palo Alto Networks firewalls, Netskope, Wiz, Splunk. Proven experience leading Insider threat and Insider Risk Management, and confidential investigation. Proven experience with SIEM platforms, SOAR solutions, and threat intelligence integration. Proficiency in scripting (Python, PowerShell, Bash) to enable automation and custom detections. Deep understanding of adversary tradecraft, MITRE ATT&CK framework, TTPs, and the cyber kill chain. Proficiency in communication and collaboration during and after incidents. Hands‑on experience with cloud environments (AWS or OCI) required. Preferred Qualifications
Experience in the automotive industry or manufacturing environments. Industry‑recognized certifications such as GCIH, GCFA, CISSP, CISM, or OSCP highly desirable. Demonstrated ability to operate in a fast‑paced, global environment and effectively collaborate across cross‑functional teams. Equal Employment Opportunity
At Lucid, we don’t just welcome diversity – we celebrate it! Lucid Motors is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, national or ethnic origin, age, religion, disability, sexual orientation, gender identity and expression, marital status, and any other characteristic protected under applicable State or Federal laws and regulations. Salary Range
Base Pay Range (Annual): $145,100—$212,850 USD. Additional Compensation and Benefits
Lucid offers a wide range of competitive benefits, including medical, dental, vision, life insurance, disability insurance, vacation, and 401k. The successful candidate may also be eligible to participate in Lucid’s equity program and/or a discretionary annual incentive program, subject to the rules governing such programs. (Cash or equity incentive awards, if any, will depend on various factors, including, without limitation, individual and company performance.) Privacy Notice
By submitting your application, you understand and agree that your personal data will be processed in accordance with our Candidate Privacy Notice. If you are a California resident, please refer to our California Candidate Privacy Notice. Recruitment Agency Policy
Lucid Motors does not accept agency resumes. Please do not forward resumes to our careers alias or other Lucid Motors employees. Lucid Motors is not responsible for any fees related to unsolicited resumes.
#J-18808-Ljbffr