Cybersecurity Manager

About the Role at Lumenalta

We are seeking a seasoned Cybersecurity Manager with a proven ability to drive organizational change and safeguard our long-term success. In this role, you will lead risk assessment and communication strategies for software and infrastructure vulnerabilities while working cross-functionally to detect, prioritize, and remediate risks. You will also optimize the vulnerability management lifecycle through advanced continuous scanning and rigorous patch management.

What You'll Be Doing

• Manage operational security controls, risk, and governance frameworks, and InfoSec principles to ensure the confidentiality, integrity, and availability of all data assets.
• Identify emerging threats and vulnerabilities, implementing appropriate countermeasures and mitigations through advanced detection technologies and governance frameworks.
• Provide subject matter expertise to internal stakeholders and collaborate with security partners to stay ahead of industry technologies and evolving threats.
• Remove team impediments by working collaboratively with stakeholders to proactively manage risks, issues, or delays.
• Deliver the InfoSec technology roadmap, ensuring all regulatory obligations (such as DPA, GDPR, PCI DSS, SOC1/2, and ISO27001) are met in line with industry best practices.
• Shape ongoing cybersecurity strategy and oversee comprehensive programs for vulnerability and patch management.
• Define and review key security performance indicators and develop reports for management updates using program performance metrics.
• Build, develop, and maintain cybersecurity policies and processes while optimizing tools to respond to future security threats.
• Analyze security data continuously to detect external and internal threats and prepare the business for seamless "Go Live" events.

What We’re Looking For

Experience: 5–8+ years in cybersecurity with demonstrated ownership of production systems at scale.Technical Skills: Strong working knowledge of AWS security services (Security Hub, Control Tower, Organizations, SCPs, IAM) and AI/ML tools like Macie and Guard Duty.Risk & Compliance: Deep understanding of risk assessment methodologies and compliance requirements, including DPA, GDPR, PCI DSS, SOC1/2, and ISO27001.Leadership: A proven track record of mentoring engineers, driving technical decisions, and raising team-wide standards.Communication: Ability to effectively convey complex technical information to non-technical stakeholders and executives through reports, policies, and training.Adaptability: Comfortable navigating ambiguity and leading through rapid iteration cycles.Third-Party Management: Experience managing third-party suppliers and maintaining corporate awareness of current InfoSec issues.

Desirable Qualifications

• Certified Information Systems Security Professional (CISSP)
• Offensive Security Certified Professional (OSCP)

Location

This is a fully remote position; however, candidates must be based in Europe or in compatible time zones.

Application Deadline

This role is an evergreen position with no predetermined start date. Applications will be accepted until March 29, 2026. As we continue to build our talent pipeline, the position may be reposted to allow us to connect with additional qualified professionals.

Key skills/competency

• Cybersecurity Strategy
• Vulnerability Management
• Risk Assessment
• AWS Security Services
• Regulatory Compliance
• InfoSec Governance
• Threat Detection
• Patch Management
• Security Policy Development
• Leadership & Mentoring