indeed
Senior IT Security Analyst
Lumentum Operations
Ottawa, CAN
Full Time
Senior
Onsite
Yesterday
Security InvestigationSIEMEDRData Loss Prevention (DLP)Multi Factor Authentication (MFA)Incident Response
Free
Job Fit Check
Base Career helps you apply smarter for this job.
?%
Ready to ScanKey skills for this role
Security InvestigationSIEMEDR
About the Role
Lumentum seeks a Senior IT Security Analyst to lead complex security investigations, improve control maturity, and advise stakeholders on cyber risk. The role combines hands-on security operations with control ownership, specialist guidance, and assurance.
Key Skills for This Role
Security InvestigationSIEMEDRData Loss Prevention (DLP)Multi Factor Authentication (MFA)Incident Response
Responsibilities
- Lead complex security investigations across endpoint, network, identity, email, cloud and application data sources
- Define triage criteria, alert handling standards, escalation paths and quality checks for security operations
- Review high impact alerts and incidents, ensure proportional response and remove barriers to containment and remediation
- Develop and improve detection logic, playbooks, dashboards and operational procedures
- Coordinate response to significant cyber security incidents in line with the incident management process
- Lead technical analysis for malware, phishing, credential compromise, insider risk, data exposure, privilege misuse and suspicious network activity
- Ensure evidence handling, incident timelines, decisions, lessons learned and remediation actions are complete and auditable
- Produce post incident reviews and track corrective actions through to closure
- Translate technical findings into risk statements, control weaknesses and prioritised remediation plans
- Own or act as technical lead for DLP monitoring, rule tuning, alert quality, exception handling and escalation
- Own or act as technical lead for MFA control performance, exception governance, break glass account checks, privileged access enforcement and conditional access design
- Lead vulnerability prioritisation using exploitability, asset criticality, exposure and business impact
Requirements
- Typically five or more years in cyber security operations, incident response, security engineering, assurance, infrastructure security or comparable environment
- Experience leading complex investigations, coordinating stakeholders, improving controls and presenting risk based recommendations
- Advanced security investigation using SIEM, EDR, endpoint protection, identity, email, web, network and cloud data
- Strong DLP policy design, tuning, investigation and exception management
- Strong MFA implementation, exception governance, conditional access and privileged access control
- Vulnerability management, secure configuration assessment and remediation prioritisation
- Incident command, evidence handling, root cause analysis and post incident review
- Security architecture assurance for identity, endpoint, network, cloud, application and data protection controls
- Relevant professional certification (CISSP, CISM, CISA or equivalent) is desirable
- A degree in cyber security, information security, computer science or related discipline is desirable
Full Job Posting
About Lumentum
- Lumentum builds optical and photonic solutions powering AI, cloud computing, data centers, telecom, and advanced manufacturing.
- We are a global team of innovators working where light meets technology.
Why You’ll Love This Role
- We are searching for Canada’s brightest young minds engineers and innovators to build the next generation of optical technology.
- Join us in designing the future of optical cloud & networking technology.
What You’ll Be Doing
- The postholder provides advanced technical security analysis, leads complex investigations, improves the maturity of security controls and advises stakeholders on cyber risk.
- Role combines hands on security operations with control ownership, specialist guidance, assurance and continual improvement.
Key responsibilities
- Lead complex security investigations across endpoint, network, identity, email, cloud and application data sources.
- Define triage criteria, alert handling standards, escalation paths and quality checks for security operations.
- Review high impact alerts and incidents, ensure proportional response and remove barriers to containment and remediation.
- Develop and improve detection logic, playbooks, dashboards and operational procedures.
- Coordinate response to significant cyber security incidents in line with the incident management process.
- Lead technical analysis for malware, phishing, credential compromise, insider risk, data exposure, privilege misuse and suspicious network activity.
- Ensure evidence handling, incident timelines, decisions, lessons learned and remediation actions are complete and auditable.
- Produce post incident reviews and track corrective actions through to closure.
- Translate technical findings into risk statements, control weaknesses and prioritised remediation plans.
- Support risk assessment, risk acceptance, audit and assurance activity with clear evidence and professional judgement.
- Advise on relevant information security legislation.
- Contribute to security standards, control testing, supplier assurance and management reporting.
Data Loss Prevention and Multi Factor Authentication control ownership
- Own or act as technical lead for DLP monitoring, rule tuning, alert quality, exception handling and escalation.
- Own or act as technical lead for MFA control performance, exception governance, break glass account checks, privileged access enforcement and conditional access design.
- Analyse DLP and MFA trends to identify control gaps, user behaviour issues, data handling risks and improvement opportunities.
- Ensure control documentation, operating procedures and evidence packs are complete, current and aligned to policy.
Vulnerability, threat and configuration management
- Lead vulnerability prioritisation using exploitability, asset criticality, exposure and business impact.
- Challenge and support remediation plans for high risk vulnerabilities, insecure configurations and unsupported systems.
- Develop recurring reporting on vulnerability trends, control gaps and remediation performance.
- Use threat intelligence to improve detection, hardening and risk prioritisation.
Security architecture and technical assurance
- Review proposed changes, projects and new services for security risks and control requirements.
- Advise on secure design for identity, endpoint, network, cloud, logging, data protection and resilience controls.
- Validate that logging, monitoring, access control, encryption, backup and recovery requirements are included in project delivery.
- Recommend improvements to security tooling and integration, including automation where proportionate.
Metrics, reporting and continual improvement
- Produce clear management information on incidents, vulnerabilities, DLP, MFA, control exceptions, detection coverage and remediation performance.
- Define KPIs and KRIs for security operations and control assurance.
- Identify process inefficiencies, repeat incidents and control weaknesses, then lead improvement actions.
- Maintain a forward view of emerging threats, technology changes and relevant good practice.
Leadership, coaching and stakeholder management
- Coach colleagues on investigation quality, evidence standards, tooling, communication and risk based decision making.
- Provide clear guidance to infrastructure, application, cloud, data protection, service desk and business teams.
- Present security findings, risks and recommendations to technical and non technical stakeholders.
- Promote a constructive security culture focused on proportionate risk management and business enablement.
What We’re Looking For
- Relevant professional certification is desirable (CISSP, CISM, CISA or equivalent).
- A degree, apprenticeship or professional training in cyber security, information security, computer science or a related discipline is desirable but not essential.
- Typically five or more years in cyber security operations, incident response, security engineering, assurance, infrastructure security or comparable environment.
- Experience leading complex investigations, coordinating stakeholders, improving controls and presenting risk based recommendations.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career