Senior Cyber Security Analyst

Basic Function The Senior Cyber Security Analyst serves as a senior-level security professional responsible for protecting Lumin Digital’s corporate and public cloud environments that host financial services platforms. This role monitors and evaluates threats to cloud-hosted digital banking solutions, assesses applications and infrastructure for vulnerabilities, and operates technical controls to safeguard sensitive data. The Senior Analyst leads and supports incident response efforts using industry-standard practices and partners closely with risk management, compliance, and audit functions to continuously strengthen the organization’s information assurance posture. Success in this role requires deep technical expertise, strong independent judgment, and the ability to proactively reduce risk in complex cloud environments. Essential Functions and Responsibilities: Use and optimize monitoring, reporting, and alerting capabilities to identify, prioritize, and address threats using research, database queries, data manipulation, and technical reporting skills. Maintain and refine threat models to inform and prioritize the security team’s risk management activities. Use and maintain vulnerability scanning and penetration testing tools to identify weaknesses across multiple environments and systems at scale. Collaborate with clients, auditors, vendors, and internal teams to validate and strengthen the security posture across infrastructure, cloud, network, and application layers. Investigate reported vulnerabilities and risks to qualify findings and independently resolve issues or assign remediation actions to appropriate functional areas. Develop and implement strategies, scripts, configurations, and manual procedures to reduce security risks across cloud services, servers, network devices, and endpoints. Operate and enhance security solutions including firewalls, DLP tools, CASBs, AV/EDR systems, and other protective technologies to improve configurations and policies. Participate in and provide senior-level support during formalized security incident response procedures across all phases of the incident handling lifecycle, from preparation through lessons learned. Collect and document evidence of security program activities to satisfy client due diligence requests and support internal and external audit activities. Perform other duties as assigned. Physical Demands: While performing the duties of this Job, the employee is regularly required to sit; use hands to type, handle, or feel and talk or hear  Specific vision abilities required by this job include close vision Ability to occasionally lift/move up to 25 pounds Individuals with a disability who are otherwise able to perform the essential functions of the job may request reasonable accommodation through the Human Resources department. Other (Please specify below) Position Specifications Education:  Associate degree in Computer Science, Management Information Systems, Information Assurance, Information Security, Cybersecurity, or related field required; or equivalent self-study in cybersecurity with demonstrated command of key concepts and technologies and proficiency in digital forensics, incident response, secure application development, penetration testing, or other technical security risk management domains required. Certifications preferred (if applicable): Relevant industry certifications such as CISSP, GCIA, GCIH, Security+, AWS Security Specialty, or similar. Experience: Ten (10) years of experience in a relevant technology domain including software engineering, information technology, systems administration, technical fieldwork, or information assurance required. Six (6) years of demonstrated experience identifying threats, finding and confirming vulnerabilities, and managing remediation efforts in a team environment as a Security Analyst, Operations Analyst, DevSecOps team member, or similar role required; or practical certifications/accomplishments (e.g., cyber range or CTF competitions) demonstrating ability to identify and handle security risks relevant to a hosted digital banking environment required. Experience with AWS, Linux, Git, log aggregation platforms, issue tracking systems, and coding in Bash, Node.js, Python, or Ruby desired. Knowledge, Skills, & Abilities: In-depth technical knowledge of cybersecurity tools, techniques, and procedures to identify and analyze threats and implement safeguards to protect sensitive assets. Strong understanding of cloud security principles and enterprise security monitoring practices. Ability to prioritize tasks, exercise sound judgment, and maintain confidentiality with sensitive information. Ability to follow and enhance incident response playbooks and procedures to ensure consistent, high-quality responses. Strong client orientation and professional demeanor that earns trust and respect internally and externally. Calm, focused approach with appropriate sense of urgency during security events. Strong communication, interpersonal, and presentation skills. Ability to work remotely while maintaining high productivity, collaboration, and effectiveness with minimal supervision. Strong drive to continuously improve security posture and develop professionally in a rapidly evolving field. Must be able to pass required background checks to access sensitive information. Travel:  Minimal, generally 12 days or less per year, ~2X team get togethers a year