Vehicle SOC Manager

Leading the future in luxury electric and mobilityAt Lucid, we set out to introduce the most captivating, luxury electric vehicles that elevate the human experience and transcend the perceived limitations of space, performance, and intelligence. Vehicles that are intuitive, liberating, and designed for the future of mobility.We plan to lead in this new era of luxury electric by returning to the fundamentals of great design – where every decision we make is in service of the individual and environment. Because when you are no longer bound by convention, you are free to define your own experience.Come work alongside some of the most accomplished minds in the industry. Beyond providing competitive salaries, we’re providing a community for innovators who want to make an immediate and significant impact. If you are driven to create a better, more sustainable future, then this is the right place for you.Role SummaryWe are seeking a Lead SOC Validation & Adversary Simulation Engineer to strengthen the effectiveness of our Security Operations Center (SOC / VSOC) by continuously validating detections, response workflows, and telemetry using adversary-informed testing techniques. This role is SOC-owned and SOC-driven. The primary objective is to improve detection fidelity, reduce blind spots, and increase SOC readiness across vehicle, cloud, and other environments. Adversary simulation and Purple Team techniques are used as methods to harden SOC operations not as standalone Red Team activities.Key ResponsibilitiesSOC Detection Validation & Assurance (Primary Focus)Own continuous validation of SOC detections across:Vehicle telemetry and in-vehicle IDSTelematics and backend servicesCloud APIs, and other supporting systems realistic attacker behavior, not synthetic rulesIdentify:Signal quality issuesExcessive false positives or low-value alertsPartner with SOC engineers to improve alert logic, correlation, and response playbooksAdversary Simulation in Support of SOCDesign controlled adversary simulations to test SOC capabilities:API misuse and abuseLateral movementUnauthorized diagnostics or ECU accessCoordinate with Red Team only when advanced exploitation is requiredSOC Telemetry & Signal EngineeringWork with platform and product teams to:Improve log coverage and qualityDefine high-value security signalsReduce noisy or redundant telemetryInfluence what gets logged, where, and why—from ECUs to cloud servicesHelp SOC prioritize telemetry based on risk and detection valueIncident Readiness & Response ValidationValidate SOC incident response workflows through:Tabletop scenarios informed by real attack pathsMeasure and improve:Mean Time to Detect (MTTD)Mean Time to Triage (MTTT)Mean Time to Respond (MTTR)Ensure SOC procedures align with real attack timelinesLeverage TARA / threat-modeling outputs to prioritize SOC coverageEnsure SOC monitoring aligns with:ISO/SAE 21434UNECE R155/R156Translate detection gaps into risk-based narratives for leadership and auditorsSupport audit evidence by demonstrating validated monitoring effectivenessBuild or enhance SOC validation automation, including:Detection testing frameworksAlert replay and validation pipelinesCoverage and maturity dashboardsSIEMSOARCI/CD where applicableReduce manual SOC testing and increase repeatabilityDefine SOC-focused KPIs such as:ATT&CK coverage by detectionReduction in blind spotsProduce clear SOC maturity and readiness reportsCommunicate findings to:SOC leadershipProduct securityEngineering stakeholdersRequired QualificationsTechnical ExperienceCybersecurity with strong SOC, detection engineering, or incident response experienceDeep understanding of:SOC operations and alert lifecycleDetection engineering and signal tuningAdversary techniques and kill chainsExperience working with:SIEM and SOC toolingCloud and API monitoringNetwork and system telemetryStrong scripting or automation skills (Python, Go, C)Proven experience leading SOC improvement initiativesAbility to influence detection priorities across teamsStrong written and verbal communication skillsComfortable presenting to leadership and auditorsAdditional Compensation and Benefits: Lucid offers a wide range of competitive benefits, including medical, dental, vision, life insurance, disability insurance, vacation, and 401k. The successful candidate may also be eligible to participate in Lucid’s equity program and/or a discretionary annual incentive program, subject to the rules governing such programs. (Cash or equity incentive awards, if any, will depend on various factors, including, without limitation, individual and company performance.)To all recruitment agencies: Lucid Motors does not accept agency resumes. Please do not forward resumes to our careers alias or other Lucid Motors employees. Lucid Motors is not responsible for any fees related to unsolicited resumes.#J-18808-Ljbffr