Manager, Network Security

Basic FunctionLumin Digital is standing up a dedicated Network Security function within its Risk Engineering group to protect a growing product suite that handles sensitive financial data across multiple product lines. This role exists because the landscape has shifted: in a cloud-native, infrastructure-as-code environment, network security is no longer about managing router ACLs—it is about designing identity-aware policy enforcement, automating end-to-end change management, and building real-time visibility into network activity across both workforce and hosted contexts.As the Manager, Network Security, you will set the technical direction, own the program, and ensure that the network security function operates as a genuine force multiplier for the business—breaking it out of the existing Security Engineering and SOC functions and building the specialization from the ground up. You will lead a team of engineers who combine deep network security expertise with hands-on software development skills, building automated, lights-off pipelines—using agentic development practices and tools like Claude Code—that turn around security changes faster, go deeper than port and protocol in our defense-in-depth story, and extend coverage to the agents our teams create, not just the people who create them.We are looking for a leader who will teach us what great network security looks like in a modern, highly automated fintech environment. Essential Functions and Responsibilities:Build, lead, and mentor a team of senior Network Security Software Engineers — owning the hiring process, setting role expectations, and onboarding engineers into a newly established function.Define and continuously mature the network security program — establishing policies, standards, runbooks, and roadmaps across cloud infrastructure, corporate IT, and third-party connectivity; own network segmentation strategy across product and environment boundaries.Serve as the primary escalation point for architectural decisions and cross-functional scope disputes — maintaining clear lines of authority as the function establishes itself within the broader engineering organization.Partner with the Director of Risk Engineering to communicate program status, risk posture, and investment needs; contribute to security strategy reporting to senior leadership.Own Lumin's network security architecture strategy and change management model across cloud, SD-WAN, and ZTNA layers — designing identity-aware, policy-driven controls that secure both human and machine (agent) identities, and setting the standard for fully automated, audit-ready change delivery.Serve as the program-level authority for the team's network security tooling and automation initiatives — writing, reviewing, and iterating on engineering specifications that drive AI-assisted coding workflows; validating software outputs for correctness and security soundness, applying hands-on expertise that engineering tools alone cannot provide.Own the strategy for network-layer detection and response — including IDS/IPS management, firewall rule governance, WAF configuration, DDoS mitigation, and real-time telemetry — ensuring the SOC has high-fidelity, actionable network security signals.Serve as the network security subject matter expert for compliance audit and assessment activities; own network risk assessments, penetration test scoping, remediation tracking, and network diagram inventory across cloud and corporate environments.Embed network security requirements into SOC, SRE, and IT/Corporate Engineering workflows; manage third-party and vendor network connectivity to ensure all external connectivity meets security policy and compliance standards.Perform other duties as assigned. Physical Demands:While performing the duties of this job, the employee is regularly required to sit; use hands to type, handle, or feel and talk or hear.Specific vision abilities required by this job include close vision.Ability to occasionally lift/move up to 25 pounds.Individuals with a disability who are otherwise able to perform the essential functions of the job may request reasonable accommodation through the Human Resources department. Supervisory Responsibility:Directly manages a team of Network Security Software Engineers. Position Specifications Education:Bachelor’s degree in Computer Science, Information Security, Network Engineering, or a related technical field, or equivalent combination of education and experience.Preferred certifications: CCNP Security, PCNSE (Palo Alto), AWS Solutions Architect, AWS Certified Security, Cloudflare certifications, or equivalent. Relevant certifications are valued but not required if depth of hands-on experience is demonstrated. Experience:7+ years of progressive experience in network security, with at least 2 years in a lead or management capacity, in a cloud-native or hybrid environment.Demonstrated track record of building or maturing a network security program — including policy d