Manager, Incident Response

📋 Description

• • As the Manager, Incident Response at Lumin Digital, you will be at the forefront of safeguarding our organization and the digital banking platforms we provide to millions of consumers globally. This critical role demands decisive leadership and strategic oversight in responding to cybersecurity threats, ensuring the integrity and resilience of our systems.
• • You will be responsible for directing all phases of the incident response lifecycle, a comprehensive process that includes meticulous preparation, swift identification of threats, effective containment strategies, thorough eradication of malicious actors, efficient recovery of compromised systems, and insightful post-incident reviews to prevent recurrence.
• • In this capacity, you will serve as the operational lead for security incidents, providing clear, confident, and timely direction during high-impact events. Your ability to ensure rapid detection, implement robust containment measures, communicate effectively with all stakeholders, and achieve measurable remediation outcomes will be paramount.
• • This position requires close collaboration with a diverse range of teams, including Security Operations Center (SOC) analysts, engineering teams, business leaders, and client stakeholders. By fostering strong partnerships, you will play a key role in strengthening our overall response capabilities, enhancing our threat detection strategies, and continuously improving our organizational resilience against an ever-evolving threat landscape.
• • A core aspect of your role will involve staying ahead of emerging industry threats, analyzing observed trends, and identifying best practices. You will leverage this knowledge to pinpoint gaps in our current defenses and proactively plan, design, and enhance security controls in close collaboration with other risk engineering teams.
• • You will be tasked with developing and presenting comprehensive, insightful, and fact-based reports on key SOC metrics. This includes metrics such as Mean Time To Detect (MTTD), Mean Time To Respond (MTTR), and coverage analysis. These reports will be presented regularly to internal leadership and client security teams, providing them with a clear understanding of our security posture and performance.
• • A significant responsibility will be to produce and deliver job-specific education and training to SOC team members. This training will focus on emerging threats and new technologies, utilizing structured approaches to threat and risk management to ensure the team remains highly skilled and knowledgeable.
• • You will also be responsible for reviewing the technical methods and output generated by the SOC team. This involves assessing the quality and suitability of solutions, and providing constructive, detailed feedback to enhance team members' abilities and performance in their duties.
• • Leading formalized security incident response procedures will be a key function. You will guide the team through all phases of the incident handling lifecycle, from initial preparation and response to thorough lessons learned analysis, ensuring a continuous improvement loop.
• • You will be responsible for collecting and organizing evidence of SOC activities. This is crucial for satisfying client due diligence requests and for supporting both internal and external audit activities, ensuring compliance and transparency.
• • In addition to these core responsibilities, you will perform other duties as assigned, demonstrating flexibility and a commitment to the overall security mission of Lumin Digital.
• • Your leadership will extend to setting clear expectations, offering strategic direction, and ensuring alignment with organizational goals. You will foster a supportive environment that champions collaboration, accountability, and professional growth among your team members.
• • You will actively coach, mentor, and provide training opportunities to build your team's skills, promote internal career development, and prepare staff for future roles and responsibilities within the organization.
• • This role involves managing the full employee lifecycle, including hiring, onboarding, performance evaluations, promotions, compensation, and terminations, always ensuring fair and consistent application of company policies and procedures.
• • You will regularly assess team performance, identify and address any performance gaps, and ensure that all duties are completed efficiently and effectively, in alignment with department and organizational objectives.
• • Your ability to work effectively in a remote environment, while sustaining high performance and team accountability, will be crucial for success in this role.
• • You will translate complex technical findings into actionable insights for business stakeholders and clients, bridging the gap between technical security and business objectives.
• • You will leverage your excellent data analysis skills, using tools such as Excel and OpenSearch, to customize reporting and measure key security metrics, providing data-driven insights into our security operations.
• • You will interpret trends in threats, vulnerabilities, and operational posture to inform strategic improvements and guide the evolution of our security defenses.
• • Your working knowledge of network security, cloud security principles (including AWS shared responsibility model and services), application security concepts, and vulnerability prioritization methodologies will be essential for developing robust detection and response strategies.
• • You will champion detection engineering principles and best practices, effectively advocating for necessary SOC monitoring and telemetry requirements to enhance our visibility and response capabilities.
• • You will manage and administer enterprise EDR and SIEM platforms, focusing on detection tuning, alert triage, investigation, and response, ensuring these tools are optimized for maximum effectiveness.
• • You will integrate and operationalize threat intelligence feeds, translating raw intelligence into actionable detection and prevention strategies that bolster our defenses against known and emerging threats.
• • Your experience operating in large-scale AWS environments will be critical for understanding and securing our cloud infrastructure.
• • You will demonstrate a calm, decisive demeanor with an appropriate sense of urgency during security events, leading with confidence and composure under pressure and uncertainty.
• • Your strong teamwork and cross-functional collaboration skills will be vital for working effectively with diverse teams across the organization.
• • You will exhibit strong client orientation and a professional presence that builds trust and credibility both internally and externally.
• • Your ability to prioritize tasks, exercise sound judgment, and maintain strict confidentiality will be fundamental to the integrity of this role.