<p>Leading the future in luxury electric and mobility</p> <p>At Lucid, we set out to introduce the most captivating, luxury electric vehicles that elevate the human experience and transcend the perceived limitations of space, performance, and intelligence. Vehicles that are intuitive, liberating, and designed for the future of mobility.</p> <p>We plan to lead in this new era of luxury electric by returning to the fundamentals of great design - where every decision we make is in service of the individual and environment. Because when you are no longer bound by convention, you are free to define your own experience.</p> <p>Come work alongside some of the most accomplished minds in the industry. Beyond providing competitive salaries, we're providing a community for innovators who want to make an immediate and significant impact. If you are driven to create a better, more sustainable future, then this is the right place for you.</p> <p>Location: Newark, CA</p> <p>About the Role</p> <p>We are seeking a forward-thinking and technically adept Technical Specialist, Application Security & AI Governance with deep expertise in application security to drive secure software development and influence the secure use of AI and data in applications. This role will work cross-functionally with engineering, architecture, data science, GRC, and product teams to embed security into the design and development of modern applications - from traditional services to those powered by large language models (LLMs) and sensitive data pipelines.</p> <p>You will act as a security champion and trusted partner, enabling the business to innovate securely while maintaining compliance and reducing risk in a rapidly evolving technology landscape.</p> <p>Key Responsibilities</p> <p>Strategic Partnership</p> <ul> <li>Serve as the cybersecurity point of contact for application teams, ensuring security is integrated across the software development lifecycle (SDLC). </li><li>Partner with engineers, product managers, and ML practitioners to ensure security controls are integrated into software and AI workflows. </li><li>Champion secure-by-design principles for applications that process sensitive data or leverage AI models. </li></ul> <p>Security by Design</p> <ul> <li>Conduct threat modeling, secure design reviews, and security assessments for applications, APIs, and AI-enabled features. </li><li>Provide security architecture guidance for cloud-native applications, containers, microservices, and AI/ML components. </li><li>Advise on securing LLM-based and data-driven applications, addressing risks such as prompt injection, model data leakage, API abuse, and insecure endpoints. </li></ul> <p>Risk & Impact Assessments</p> <ul> <li>Conduct in-depth security reviews for critical applications and AI use cases, ensuring alignment with business risk tolerance and regulatory expectations. </li><li>Collaborate with engineering and architecture leaders to ensure application and AI-related risks are identified early and remediated efficiently. </li><li>Partner with GRC and Legal to assess compliance risks related to software development, data handling, and AI governance. </li><li>Track, prioritize, and drive the remediation of security findings, helping teams improve measurable outcomes and reduce vulnerabilities. </li></ul> <p>Policy, Standards & Enablement</p> <ul> <li>Develop and maintain application security standards, secure coding practices, and design patterns. </li><li>Shape policies and controls related to secure development, data usage in applications, and responsible AI integration. </li><li>Help teams adopt DevSecOps practices and integrate tools such as SAST, DAST, SCA, secrets scanning, and container security. </li></ul> <p>Qualifications</p> <p>Required:</p> <ul> <li>8+ years of experience in cybersecurity, with a strong emphasis on application security and secure development practices. </li><li>In-depth knowledge of web application security, API security, DevSecOps, and secure cloud architectures. </li><li>Experience with secure coding, threat modeling, vulnerability management, and security reviews across the SDLC. </li><li>Familiarity with securing AI/ML-enabled applications, including model input validation, prompt security, and API protection. </li><li>Strong communication and stakeholder engagement skills; able to influence without authority. </li></ul> <p>Preferred:</p> <ul> <li>Certifications such as CSSLP, CISSP, OSWE, GWAPT, or relevant cloud/AI security credentials. </li><li>Experience working with LLMs and generative AI models in production environments. </li><li>Knowledge of data security tools and how they integrate into application security strategies (e.g., DSPM, DLP, insider risk platforms). </li><li>Familiarity with regulatory and industry frameworks (e.g., NIST AI RMF, Secure by Design, ISO/IEC 42001, EU AI Act). </li></ul> <p>Why Join Us?</p> <p>You'll play a critical role in shaping how we build and secure the next generation of applications, many of which will be powered by advanced data and AI capabilities. This is a high-impact opportunity to influence product design, development practices, and risk posture across the enterprise. Join a mission-driven team that values innovation, trust, and resilience at its core.</p> <p>At Lucid, we don't just welcome diversity - we celebrate it! Lucid Motors is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, national or ethnic origin, age, religion, disability, sexual orientation, gender, gender identity and expression, marital status, and any other characteristic protected under applicable State or Federal laws and regulations.</p> <p>By Submitting your application, you understand and agree that your personal data will be processed in accordance with our Candidate Privacy Notice. If you are a California resident, please refer to our California Candidate Privacy Notice.</p> <p>To all recruitment agencies: Lucid Motors does not accept agency resumes. Please do not forward resumes to our careers alias or other Lucid Motors employees. Lucid Motors is not responsible for any fees related to unsolicited resumes.</p>