It's fun to work in a company where people truly BELIEVE in what they're doing!
We're committed to bringing passion and customer focus to the business.
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!
Lumentum Canada was awarded the 2022 National Capital Region’s Top Employers for the 6th consecutive year and the 2022 Career Directory Canada’s Best Employers for Recent Graduates for the 5th consecutive year.
Position Title: Senior IT Security Analyst
Employment Type: Full-time, Existing vacancy
Location: Ottawa (On-Site)
About Lumentum
At Lumentum, we’re building the tech behind the world’s fastest networks and most advanced systems. Our optical and photonic solutions power everything from AI and cloud computing to data centers, telecom, and advanced manufacturing.
We’re a global team of innovators working where light meets technology, solving big challenges that keep the world connected and moving forward. If shaping the future of connectivity excites you, you’ll fit right in.
Why You’ll Love This Role
At Lumentum, we are searching for Canada’s brightest young minds engineers and innovators who want to build the next generation of optical technology. If you are driven by curiosity, eager to solve real-world challenges, and excited about developing groundbreaking optical systems, this is your opportunity.
Join us in designing the future of optical cloud & networking technology our advanced photonic modules power the world’s voice and internet traffic, and we need your expertise to take them to the next level. This is not just another job; this is your chance to define & design what’s next in photonics.
What You’ll Be Doing
The postholder provides advanced technical security analysis, leads complex investigations, improves the maturity of security controls and advises stakeholders on cyber risk. The role combines hands-on security operations with control ownership, specialist guidance, assurance and continual improvement.
Role scope and level
-
Senior technical practitioner with authority to lead complex operational security work within agreed governance.
-
Responsible for risk-based recommendations, improvement of procedures and subject-matter advice for incidents, vulnerabilities, identity controls, data protection and security tooling.
-
Expected to coach colleagues, influence technical teams and translate threat, control and risk information into clear management updates.
-
Focuses on control maturity, assurance quality, repeatable processes and measurable reduction of cyber security risk.
Key responsibilities
1. Security operations leadership
-
Lead complex security investigations across endpoint, network, identity, email, cloud and application data sources.
-
Define triage criteria, alert handling standards, escalation paths and quality checks for security operations.
-
Review high-impact alerts and incidents, ensure proportional response and remove barriers to containment and remediation.
-
Develop and improve detection logic, playbooks, dashboards and operational procedures.
2. Incident response leadership
-
Coordinate response to significant cyber security incidents in line with the incident management process.
-
Lead technical analysis for malware, phishing, credential compromise, insider risk, data exposure, privilege misuse and suspicious network activity.
-
Ensure evidence handling, incident timelines, decisions, lessons learned and remediation actions are complete and auditable.
-
Produce post-incident reviews and track corrective actions through to closure.
3. Risk, governance and assurance
-
Translate technical findings into risk statements, control weaknesses and prioritised remediation plans.
-
Support risk assessment, risk acceptance, audit and assurance activity with clear evidence and professional judgement.
-
Advise on relevant information security legislation.
-
Contribute to security standards, control testing, supplier assurance and management reporting.
4. Data Loss Prevention and Multi-Factor Authentication control ownership
-
Own or act as technical lead for Data Loss Prevention (DLP) monitoring, rule tuning, alert quality, exception handling and escalation.
-
Own or act as technical lead for Multi-Factor Authentication (MFA) control performance, exception governance, break-glass account checks, privileged access enforcement and conditional access design.
-
Analyse Data Loss Prevention (DLP) and Multi-Factor Authentication (MFA) trends to identify control gaps, user behaviour issues, data handling risks and improvement opportunities.
-
Ensure control documentation, operating procedures and evidence packs are complete, current and aligned to policy.
5. Vulnerability, threat and configuration management
-
Lead vulnerability prioritisation using exploitability, asset criticality, exposure and business impact.
-
Challenge and support remediation plans for high-risk vulnerabilities, insecure configurations and unsupported systems.
-
Develop recurring reporting on vulnerability trends, control gaps and remediation performance.
-
Use threat intelligence to improve detection, hardening and risk prioritisation.
6. Security architecture and technical assurance
-
Review proposed changes, projects and new services for security risks and control requirements.
-
Advise on secure design for identity, endpoint, network, cloud, logging, data protection and resilience controls.
-
Validate that logging, monitoring, access control, encryption, backup and recovery requirements are included in project delivery.
-
Recommend improvements to security tooling and integration, including automation where proportionate.
7. Metrics, reporting and continual improvement
-
Produce clear management information on incidents, vulnerabilities, Data Loss Prevention (DLP), Multi-Factor Authentication (MFA), control exceptions, detection coverage and remediation performance.
-
Define Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for security operations and control assurance.
-
Identify process inefficiencies, repeat incidents and control weaknesses, then lead improvement actions.
-
Maintain a forward view of emerging threats, technology changes and relevant good practice.
8. Leadership, coaching and stakeholder management
-
Coach colleagues on investigation quality, evidence standards, tooling, communication and risk-based decision-making.
-
Provide clear guidance to infrastructure, application, cloud, data protection, service desk and business teams.
-
Present security findings, risks and recommendations to technical and non-technical stakeholders.
-
Promote a constructive security culture focused on proportionate risk management and business enablement.
What We’re Looking For
Education:
-
Relevant professional certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or equivalent.
-
A degree, apprenticeship or professional training in cyber security, information security, computer science or a related discipline is desirable but not essential where equivalent experience can be demonstrated.
Experience:
The ideal candidate will have:
-
Typically, five or more years in cyber security operations, incident response, security engineering, assurance, infrastructure security or a comparable environment, or equivalent demonstrable experience.
-
Experience leading complex investigations, coordinating stakeholders, improving controls and presenting risk-based recommendations.
Skills:
Essential technical skills
-
Advanced security investigation using Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), endpoint protection, identity, email, web, network and cloud data.
-
Strong Data Loss Prevention (DLP) policy design, tuning, investigation and exception management.
-
Strong Multi-Factor Authentication (MFA) implementation, exception governance, conditional access and privileged access control.
-
Vulnerability management, secure configuration assessment and remediation prioritisation.
-
Incident command, evidence handling, root cause analysis and post-incident review.
-
Security architecture assurance for identity, endpoint, network, cloud, application and data protection controls.
-
Detection engineering and automation using scripts, queries or workflow tools where appropriate.
-
Understanding of control frameworks and standards, including the National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF), National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), Center for Internet Security (CIS) Critical Security Controls and International Organization for Standardization and International Electrotechnical Commission (ISO/IEC) 27001.
Essential knowledge
-
Cyber security risk governance, control design and assurance principles.
-
Advanced incident response, including evidence preservation, decision logging, containment strategy and recovery planning.
-
Threat-informed defence, including common attack tactics, techniques, procedures and defensive control mapping.
-
Identity and access control principles, including privileged access, conditional access, authentication assurance and access recertification.
-
Data handling, information classification, privacy considerations and insider risk indicators.
-
Secure architecture principles for cloud, endpoint, network, application, logging and resilience controls.
Behavioural skills
-
Sound judgement, professional integrity and commitment to confidentiality.
-
Ability to prioritise under pressure and make proportionate, risk-based recommendations.
-
Strong written and verbal communication with the ability to explain complex issues clearly.
-
Constructive leadership style that develops capability and supports collaboration across technical and business teams.
-
Commitment to continual improvement and practical security outcomes.
Measures of success
-
Complex incidents are led effectively, with clear decisions, defensible evidence and timely corrective actions.
-
Security controls are improved through tuning, process enhancement, automation and measurable risk reduction.
-
Data Loss Prevention (DLP) and Multi-Factor Authentication (MFA) control performance is visible, governed and aligned to policy.
-
High-risk vulnerabilities and configuration weaknesses are prioritised and remediated using a risk-based approach.
-
Management reporting is clear, accurate and useful for decision-making.
-
Colleagues and stakeholders receive credible guidance that improves security capability and confidence.
Perks You’ll Love
-
Flexible time off
-
Health and wellness benefits (physical and mental)
-
Tuition reimbursement and career growth support
-
A workplace built for you: free gym, games room, prayer room
-
Subsidized meals, free coffee/tea
-
Employee stock options and incentive plans
-
A collaborative, innovative, and inclusive culture
Salary Range: $80,000 - $115,000 CAD (flexible).
Final compensation will be determined based on factors such as experience, skills, and qualifications. In line with our commitment to being a great place to work, Lumentum offers competitive total rewards which may include annual bonus, equity, and comprehensive health and welfare benefits.
Join a Team That’s Shaping the Future
At Lumentum, we’re more than just a workplace—we’re a launchpad for creativity and innovation. We’re committed to celebrating your unique talents and helping you grow. Our guiding principles—Innovate, Engage, Deliver, Excel, and Win—aren’t just words; they’re the heart of what we do.
Let’s Build a Brighter Future Together!
We’re committed to building an inclusive workplace where everyone feels valued and empowered. We welcome applicants from all backgrounds and provide accommodations for individuals with disabilities throughout the hiring process. Your uniqueness makes us stronger, sparks creativity, and drives our success.
Please contact us at [email protected] to request accommodation.
Join us—your future starts here!