Manager, Incident Response

Basic Function: The Incident Response Manager at Lumin Digital leads the organization’s response to cybersecurity threats impacting both corporate systems and hosted digital banking platforms serving millions of consumers globally. This role is responsible for directing all phases of the incident response lifecycle, including preparation, identification, containment, eradication, recovery, and post-incident review. As the operational lead for security incidents, the Incident Response Manager provides decisive leadership during high-impact events, ensuring timely detection, effective containment, clear stakeholder communication, and measurable remediation outcomes. This position partners closely with SOC analysts, engineering teams, business leaders, and client stakeholders to strengthen response capabilities, enhance detection strategies, and continuously improve organizational resilience against evolving threats. Essential Functions and Responsibilities: Identify emerging industry threats, observed trends, and industry best practices guidelines to identify gaps and identify, plan, design, and enhance security controls in collaboration with other risk engineering teams. Develop comprehensive and insightful fact-based reports on SOC metrics, such as MTTD, MTTR, and coverage, and trends, and present them to internal leadership and client security teams on a regular basis. Produce and deliver job-specific education and training to SOC team members on emerging threats and technologies using structured approaches to threat and risk management. Review the technical methods and output of the SOC team to ascertain the quality and fit of solutions, and provide constructive and detailed feedback to improve team members’ ability to perform their duties. Lead formalized security incident response procedures as part of a team, including all phases of the incident handling lifecycle, from preparation through lessons learned. Collect evidence of SOC activities to satisfy client due diligence requests as well as support internal and external audit activities Perform other duties as assigned. Physical Demands: While performing the duties of this Job, the employee is regularly required to sit; use hands to type, handle, or feel and talk or hear.  Specific vision abilities required by this job include close visionAbility to occasionally lift/move up to 25 pounds. Individuals with a disability who are otherwise able to perform the essential functions of the job may request reasonable accommodation through the Human Resources department. Supervisory Responsibility: Set clear expectations, offer direction, and ensure alignment with organizational goals while fostering a supportive environment that encourages collaboration, accountability, and growth. Coach, mentor, and provide training opportunities to build team members’ skills, promote internal growth, and prepare staff for future roles and responsibilities. Manage hiring, onboarding, performance evaluations, promotions, compensation, and terminations, ensuring fair and consistent application of policies and procedures. Assess team performance regularly, address gaps, and ensure duties are completed efficiently and effectively in alignment with department and organizational objectives. Position Specifications Education:  Bachelor's degree in Information Assurance, Information Security, Cybersecurity, or related field is required; or equivalent combination of education and experience in cybersecurity with demonstrated command of key SOC concepts and technologies and proficiencies in threat modeling, detective and preventative controls, digital forensics, incident response, OSINT, network penetration testing, and other relevant technical security risk management domains. Certifications relevant to security operations or management of SOC teams, such as the GCIH, CISSP, GCIA, GSOM, or CISM, are preferred. Experience: Minimum 5 years of hands-on technical experience directly working with ... (truncated, view full listing at source)