Role Description Within the Accounting function at BenchPrep, you'll play a pivotal role in our finance team. Your focus will be on maintaining accurate financial records, preparing reports, analyzing data, and ensuring regulatory compliance. You'll contribute to budgeting, forecasting, audits, and process improvements, supporting our financial health and strategic decision-making. The ideal candidate has a strong background in accounting, financial analysis, and reporting, along with excellent analytical skills, attention to detail, and the ability to communicate financial information effectively across the organization. Proactivity, problem-solving abilities, and a commitment to continuous improvement are also essential. - Manage accounting function including account reconciliations, journal entries, AR, AP, and Billing - Analysis and review of company expenditures, confirming proper allocation of expenses to the various departments, and reporting to these departments as necessary - Review transactions to ensure accounting treatment is in accordance with GAAP and company policies and procedures - Analyze billing transactions to ensure proper allocation of revenue recognition policies - Review general ledger accounts and making all necessary journal entries including posting monthly, quarterly, and yearly accruals - Assist in building financial statements including balance sheet, income statement, and changes in financial position, as well as budget variance analysis - Assist in the design and preparation of budgets for review by management - Prepare year-end schedules for the annual tax returns - Look for ways to improve upon accounting processes and procedures Qualifications - Bachelor’s degree in accounting; CPA preferred - 3-5 years (Staff Accountant), or 5-8 (Sr Accountant) years in accounting or auditing; public accounting experience preferred - Team player with a positive attitude towards contributing and learning - Thorough knowledge and experience in the areas of financial statement preparation, GAAP, and revenue recognition - Strong verbal/written communication skills - Excellent analytical and problem solving skills - Ability to work well independently and in a team environment - Self starter, quick learner, and ability to multitask on a regular basis - Detail-oriented with excellent organizational skills and deadline driven - Capacity to thrive in a fast-paced environment - Strong sense of ownership on issues and following through to completion - Advanced proficiency with Microsoft Excel - Experience working in accounting systems (NetSuite, Intacct, Quickbooks, etc.) strongly preferred Benefits - Medical and ancillary benefits - Potential for yearly bonus - Stipends for work-from-home expenses - Flexible paid time off (unlimited PTO) - Annual professional development stipend dollars - Competitive base salary

About the roleAs Lucidya grows internationally, maintaining strong security controls and achieving global compliance certifications is mission-critical. This role will directly contribute to implement and achieve security compliance frameworks, ensuring Lucidya meets the highest standards of data protection and information security. You’ll work at the intersection of GRC and Security Engineering, supporting compliance initiatives, strengthening internal controls, and enabling secure product development across cross-functional teams. What You’ll Be Doing - Work closely with GRC and Security Engineering teams to support security, privacy, and compliance initiatives across Saudi Arabia, Qatar, international regions, and the U.S. market - Assist in the implementation and ongoing maintenance of ISO/IEC 27001, ISO/IEC 42001 (AI Management Systems), NCA and SOC 2 controls - Support U.S. market migration efforts by helping align security and compliance practices with SOC 2, NIST frameworks, and U.S. data privacy requirements - Contribute to regional data protection compliance activities, including KSA PDPL, Qatar PDPL, and U.S. states privacy laws, under guidance from senior team members - Participate in the creation, update, and maintenance of security, privacy, and AI governance policies, procedures, and control documentation - Help with document control, evidence collection, and audit readiness for internal reviews, customer assessments, and external audits - Work cross-functionally with engineering, product, and operations teams Day-to-Day Responsibilities - Support daily security, privacy, and compliance activities across KSA, MEA and the U.S. - Assist with maintaining and updating controls for ISO/IEC 27001, ISO/IEC 42001, NCA, DCC, NIST - Help align systems and processes with U.S & Saudi market requirements, including SOC 2 evidence, NIST-aligned controls, and U.S & Saudi data privacy obligations - Review security controls for cloud infrastructure, SaaS environments, APIs, and integrations - Maintain policies, procedures, and control documentation, ensuring accuracy and version control - Collect, organize, and validate audit evidence for internal reviews, customer questionnaires, and external audits - Track compliance tasks, findings, and remediation actions in coordination with GRC and Security Engineering teams - Collaborate with engineering, product, and operations teams to address security and compliance requirements in day-to-day workflows - Support incident response documentation, risk assessments, and compliance reporting as needed Success Metrics - ISO & AI Governance Compliance - ISO/IEC 27001 and ISO/IEC 42001 (AI Management System) controls assigned to the role remain implemented and evidenced, with zero high-risk audit findings related to security or AI governance. - NIST Alignment & Risk Reduction - Systems and processes mapped to NIST frameworks (e.g., NIST CSF / NIST AI RMF) show measurable risk reduction, with identified gaps documented and remediated within agreed timelines. - Achieve ISO27001 or ISO 42001 lead implementor - Independent progression and ownership of assigned tasks First 90 Days - Develop a comprehensive understanding of Lucidya’s security tools, processes, and system architecture. - Actively contribute to the implementation of the ISO/IEC 42001 framework. - Support ongoing compliance initiatives and audit activities.

Role Description As Lucidya grows internationally, maintaining strong security controls and achieving global compliance certifications is mission-critical. This role will directly contribute to implement and achieve security compliance frameworks, ensuring Lucidya meets the highest standards of data protection and information security. You’ll work at the intersection of GRC and Security Engineering, supporting compliance initiatives, strengthening internal controls, and enabling secure product development across cross-functional teams. What You’ll Be Doing - Work closely with GRC and Security Engineering teams to support security, privacy, and compliance initiatives across Saudi Arabia, Qatar, international regions, and the U.S. market. - Assist in the implementation and ongoing maintenance of ISO/IEC 27001, ISO/IEC 42001 (AI Management Systems), NCA and SOC 2 controls. - Support U.S. market migration efforts by helping align security and compliance practices with SOC 2, NIST frameworks, and U.S. data privacy requirements. - Contribute to regional data protection compliance activities, including KSA PDPL, Qatar PDPL, and U.S. states privacy laws, under guidance from senior team members. - Participate in the creation, update, and maintenance of security, privacy, and AI governance policies, procedures, and control documentation. - Help with document control, evidence collection, and audit readiness for internal reviews, customer assessments, and external audits. - Work cross-functionally with engineering, product, and operations teams. Day-to-Day Responsibilities - Support daily security, privacy, and compliance activities across KSA, MEA and the U.S. - Assist with maintaining and updating controls for ISO/IEC 27001, ISO/IEC 42001, NCA, DCC, NIST. - Help align systems and processes with U.S & Saudi market requirements, including SOC 2 evidence, NIST-aligned controls, and U.S & Saudi data privacy obligations. - Review security controls for cloud infrastructure, SaaS environments, APIs, and integrations. - Maintain policies, procedures, and control documentation, ensuring accuracy and version control. - Collect, organize, and validate audit evidence for internal reviews, customer questionnaires, and external audits. - Track compliance tasks, findings, and remediation actions in coordination with GRC and Security Engineering teams. - Collaborate with engineering, product, and operations teams to address security and compliance requirements in day-to-day workflows. - Support incident response documentation, risk assessments, and compliance reporting as needed. Success Metrics - ISO & AI Governance Compliance: ISO/IEC 27001 and ISO/IEC 42001 (AI Management System) controls assigned to the role remain implemented and evidenced, with zero high-risk audit findings related to security or AI governance. - NIST Alignment & Risk Reduction: Systems and processes mapped to NIST frameworks (e.g., NIST CSF / NIST AI RMF) show measurable risk reduction, with identified gaps documented and remediated within agreed timelines. - Achieve ISO27001 or ISO 42001 lead implementor. - Independent progression and ownership of assigned tasks. What We’re Looking For Experience & Background - 2 - 4 years of experience in a similar Security Analyst / GRC role. - Experience working with US-based SaaS companies. - Strong understanding of AI and US compliance frameworks: - ISO/IEC 42001 - NIST - US data privacy regulations - Experience in B2B SaaS environments. Compliance & Security Knowledge - ISO/IEC ISO 27001, ISO/IEC 42001 implementation knowledge (Implementer certification preferred). - SOC 2 understanding. - NCA understanding and practical experience. - GDPR knowledge is a plus. - Penetration testing & vulnerability assessment knowledge. Technical Skills - API security & integrations. - Basic scripting (Python, Bash). - Code review support for deployments (automated tools). - Security reviews of CI/CD pipelines. - Ruby / Rails code review experience is highly advantageous. Certifications - CISM (preferred). - ISO/IEC 24001 Lead Implementer (mandatory). - ISO/IEC 27001 Lead Implementer (mandatory). Soft Skills - Excellent professional documentation skills. - Strong organizational and follow-up abilities. - Experience with document control and audit evidence. - Ability to work effectively across distributed, cross-functional teams. Nice-to-Have Experience - Prior remote work with US-based teams. - Experience supporting global compliance programs. - Hands-on involvement in multiple certification cycles. Hiring Process - Screening Interview by Mawhub - “Esraa Adel - Senior Talent Acquisition Partner”. - First Technical interview - “Mostafa Asaad - Security Delivery Manager”. - Culture Fit Interview - Youssef Okal - “TA Lead @ Lucidya”. Why Join Us? This role offers the opportunity to influence and enhance Lucidya’s governance, risk, and compliance practices at scale. You will contribute to strengthening security controls, driving compliance initiatives, mitigating organizational risk, and supporting a culture of security across the company.

Title: Cyber-Security Analyst - IS-Security Location: Galveston United States Job Description: Minimum Qualifications: Bachelor's degree and one (1) year of IT or security experience. An equivalent combination of education and experience relevant to the role may be considered for this position. Preferred Qualifications: - 3 years of cybersecurity experience. - Python, Rust, C, C+, Java, and/or PowerShell. - Academic and/or working experience with TCP/IP networking, and networking services such as DNS, SMTP, DHCP, etc. - Windows, MacOS, Linux-variant operating systems, such as the file system structure, system services, and typical behavior of endpoints and servers - Cloud-based services such as Microsoft Office 365 and Azure productivity tools. Job Summary: The Security Analyst on the Governance, Risk, and Compliance (GRC) team plays a critical role in safeguarding sensitive information resources and data, ensuring organizational compliance with industry regulations. This position supports the development, implementation, and monitoring of security policies, risk management processes, and compliance frameworks such as HIPAA, TAC 202, UTS 165, and NIST cybersecurity standards. Job Duties: Under direct supervision, the Security Analyst supports the organization's information resources, security environments, and applications to ensure they remain adequately protected and aligned with the NIST Cybersecurity Framework (CSF). The role assists in activities across the CSF functions: Identify, Protect, Detect, Respond, and Recover, including supporting asset classification, implementing security controls, monitoring for anomalous activity, and participating in 24/7 incident response processes. - Complete CompTIA CySA+ certification training and successfully pass the exam within 90 days of hire. - Work assigned shifts supporting 24x7x365 Tier 1 SOC operations. - Perform alert triage across on-premises and cloud security technologies, including SIEM, IDS, antivirus, cloud services, Windows servers, network infrastructure, DLP, UBA, and user-submitted security reports. - Apply basic security controls to contain malicious activity and prevent unauthorized disclosure of sensitive information. - Escalate alerts to Tier 2 based on severity and priority, supporting follow-on incident response activities. - Contribute to SOC workflow improvements by identifying false positives and recommending process enhancements. - Assist with incident response through resolution and help develop after-action reports. - Participate in ongoing skill development to strengthen investigation and response capabilities. - Adhere to internal controls, reporting structures, and all applicable standards, processes, and procedures. - Perform other related duties as assigned by management. Working Environment: Any qualifications to be considered as equivalents in lieu of stated minimums require the prior approval of the Chief Human Resources Officer or designee. The University of Texas Medical Branch at Galveston is an Equal Opportunity / Affirmative Action University. Specific job requirements or physical location of some positions allocated to this classification may render this position security sensitive, and thereby subject to the provisions of Section 51.215, Texas Education Code. To the extent this position qualifies as a position that researches, works on, or has access to critical infrastructure as defined in Section 117.001(2) of the Texas Business and Commerce Code, there is a requirement for any applicant, employee, or contractor to have the ability to maintain the security or integrity of the infrastructure. Therefore, if applicable, anyone hired in this position or continued to be employed in this position must be routinely reviewed to determine whether they are able to maintain the security or integrity of the infrastructure. Salary Range: Actual salary commensurate with experience. Work Schedule: Remote local position, rotating shifts, including nights and weekends. Equal Employment Opportunity UTMB Health strives to provide equal opportunity employment without regard to race, color, religion, age, national origin, sex, gender, sexual orientation, gender identity/expression, genetic information, disability, veteran status, or any other basis protected by institutional policy or by federal, state or local laws unless such distinction is required by law.