Manager, Network Security

About The Position

Requirements

• 7+ years of progressive experience in network security, with at least 2 years in a lead or management capacity, in a cloud-native or hybrid environment.
• Demonstrated track record of building or maturing a network security program, including policy development, tooling evaluation, team building, and cross-functional stakeholder management.
• Direct experience with network security platforms such as Cloudflare (WAF, Workers, Rulesets, Terraform provider), Zscaler (ZIA, ZPA), Palo Alto, or equivalent tier-one solutions.
• Experience with infrastructure-as-code (Terraform, CloudFormation) and CI/CD-driven infrastructure provisioning.
• Experience with leading teams that leverage agentic coding tools and workflows (Claude Code, Cursor, or equivalent) or demonstrated eagerness and aptitude to adopt them as a primary development methodology.
• Demonstrated ability to lead, develop, and hold accountable a technical engineering team, setting expectations, managing performance, and building a high-trust team culture.
• Deep expertise in network security fundamentals: firewall policy design, micro-segmentation, ZTNA, SD-WAN, DDoS mitigation, traffic analysis, DNS security, and certificate/PKI management.
• Thorough understanding of identity-aware network security—designing controls that authenticate and authorize not just users but services, workloads, and autonomous agents.
• Demonstrated ability to write clear, precise engineering specifications and technical documentation that can drive AI-assisted development workflows; comfortable operating on a distributed, async-first team where written clarity drives outcomes.
• Sound engineering judgment: able to evaluate software outputs for correctness, security implications, and maintainability; able to architect systems for reliability and observability.
• Strong cross-functional communication skills: able to translate network security requirements into actionable engineering work and influence peers across Security, SRE, and Platform teams.
• Proven ability to lead through ambiguity—comfortable inheriting an incomplete program, building structure around it, and navigating organizational transitions.

Nice To Haves

• Experience in fintech, banking, payments, or other regulated financial services environments (PCI-DSS, SOC 2, ISO 27001) strongly preferred.
• Preferred certifications: CCNP Security, PCNSE (Palo Alto), AWS Solutions Architect, AWS Certified Security, Cloudflare certifications, or equivalent. Relevant certifications are valued but not required if depth of hands-on experience is demonstrated.
• Bachelor’s degree in Computer Science, Information Security, Network Engineering, or a related technical field, or equivalent combination of education and experience.
• Experience building or overseeing real-time telemetry, monitoring, and threat detection pipelines for network traffic.
• Familiarity with agent-to-agent authentication, service mesh architectures, and securing AI/ML workload communications.
• Experience building or overseeing the integration of threat intelligence feeds and automating indicator-of-compromise enrichment into network defense workflows.
• Scripting ability (Python, Bash) for automation of network security tasks and log analysis.

Responsibilities

• Build, lead, and mentor a team of senior Network Security Software Engineers, including managing the hiring process, setting role expectations, and onboarding engineers into a newly established function.
• Define and continuously mature the network security program by establishing policies, standards, runbooks, and roadmaps for cloud infrastructure, corporate IT, and third-party connectivity; own network segmentation strategy across product and environment boundaries.
• Serve as the primary escalation point for architectural decisions and cross-functional scope disputes, maintaining clear lines of authority as the function establishes itself within the broader engineering organization.
• Partner with the Director of Risk Engineering to communicate program status, risk posture, and investment needs; contribute to security strategy reporting to senior leadership.
• Own Lumin's network security architecture strategy and change management model across cloud, SD-WAN, and ZTNA layers, designing identity-aware, policy-driven controls that secure both human and machine (agent) identities, and setting the standard for fully automated, audit-ready change delivery.
• Serve as the program-level authority for the team's network security tooling and automation initiatives, writing, reviewing, and iterating on engineering specifications that drive AI-assisted coding workflows; validating software outputs for correctness and security soundness, applying hands-on expertise that engineering tools alone cannot provide.
• Own the strategy for network-layer detection and response, including IDS/IPS management, firewall rule governance, WAF configuration, DDoS mitigation, and real-time telemetry, ensuring the SOC has high-fidelity, actionable network security signals.
• Serve as the network security subject matter expert for compliance audit and assessment activities; own network risk assessments, penetration test scoping, remediation tracking, and network diagram inventory across cloud and corporate environments.
• Embed network security requirements into SOC, SRE, and IT/Corporate Engineering workflows; manage third-party and vendor network connectivity to ensure all external connectivity meets security policy and compliance standards.
• Perform other duties as assigned.

Benefits

• Competitive salary
• Health insurance
• Dental insurance
• Vision insurance
• Paid holidays
• Paid volunteer time
• Professional development opportunities