Lumentum
Senior IT Security Analyst

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
It's fun to work in a company where people truly BELIEVE in what they're doing!
We're committed to bringing passion and customer focus to the business.
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!
Role purpose
The postholder provides advanced technical security analysis, leads complex investigations, improves the maturity of security controls and advises stakeholders on cyber risk. The role combines hands-on security operations with control ownership, specialist guidance, assurance and continual improvement.
Role scope and level
Senior technical practitioner with authority to lead complex operational security work within agreed governance.
- Responsible for risk-based recommendations, improvement of procedures and subject-matter advice for incidents, vulnerabilities, identity controls, data protection and security tooling.
- Expected to coach colleagues, influence technical teams and translate threat, control and risk information into clear management updates.
- Focuses on control maturity, assurance quality, repeatable processes and measurable reduction of cyber security risk.
Key responsibilities
Security operations leadership
- Lead complex security investigations across endpoint, network, identity, email, cloud and application data sources.
- Define triage criteria, alert handling standards, escalation paths and quality checks for security operations.
- Review high-impact alerts and incidents, ensure proportional response and remove barriers to containment and remediation.
- Develop and improve detection logic, playbooks, dashboards and operational procedures.
Incident response leadership
- Coordinate response to significant cyber security incidents in line with the incident management process.
- Lead technical analysis for malware, phishing, credential compromise, insider risk, data exposure, privilege misuse and suspicious network activity.
- Ensure evidence handling, incident timelines, decisions, lessons learned and remediation actions are complete and auditable.
- Produce post-incident reviews and track corrective actions through to closure.
Risk, governance and assurance
- Translate technical findings into risk statements, control weaknesses and prioritised remediation plans.
- Support risk assessment, risk acceptance, audit and assurance activity with clear evidence and professional judgement.
- Advise on relevant information security legislation.
- Contribute to security standards, control testing, supplier assurance and management reporting.
Data Loss Prevention and Multi-Factor Authentication control ownership
- Own or act as technical lead for Data Loss Prevention (DLP) monitoring, rule tuning, alert quality, exception handling and escalation.
- Own or act as technical lead for Multi-Factor Authentication (MFA) control performance, exception governance, break-glass account checks, privileged access enforcement and conditional access design.
- Analyse Data Loss Prevention (DLP) and Multi-Factor Authentication (MFA) trends to identify control gaps, user behaviour issues, data handling risks and improvement opportunities.
- Ensure control documentation, operating procedures and evidence packs are complete, current and aligned to policy.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Vulnerability, threat and configuration management
- Lead vulnerability prioritisation using exploitability, asset criticality, exposure and business impact.
- Challenge and support remediation plans for high-risk vulnerabilities, insecure configurations and unsupported systems.
- Develop recurring reporting on vulnerability trends, control gaps and remediation performance.
- Use threat intelligence to improve detection, hardening and risk prioritisation.
Security architecture and technical assurance
- Review proposed changes, projects and new services for security risks and control requirements.
- Advise on secure design for identity, endpoint, network, cloud, logging, data protection and resilience controls.
- Validate that logging, monitoring, access control, encryption, backup and recovery requirements are included in project delivery.
- Recommend improvements to security tooling and integration, including automation where proportionate.
Metrics, reporting and continual improvement
- Produce clear management information on incidents, vulnerabilities, Data Loss Prevention (DLP), Multi-Factor Authentication (MFA), control exceptions, detection coverage and remediation performance.
- Define Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for security operations and control assurance.
- Identify process inefficiencies, repeat incidents and control weaknesses, then lead improvement actions.
- Maintain a forward view of emerging threats, technology changes and relevant good practice.
Leadership, coaching and stakeholder management
- Coach colleagues on investigation quality, evidence standards, tooling, communication and risk-based decision-making.
- Provide clear guidance to infrastructure, application, cloud, data protection, service desk and business teams.
- Present security findings, risks and recommendations to technical and non-technical stakeholders.
- Promote a constructive security culture focused on proportionate risk management and business enablement.
Required Knowledge, Skills And Experience
Essential technical skills
- Advanced security investigation using Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), endpoint protection, identity, email, web, network and cloud data.
- Strong Data Loss Prevention (DLP) policy design, tuning, investigation and exception management.
- Strong Multi-Factor Authentication (MFA) implementation, exception governance, conditional access and privileged access control.
- Vulnerability management, secure configuration assessment and remediation prioritisation.
- Incident command, evidence handling, root cause analysis and post-incident review.
- Security architecture assurance for identity, endpoint, network, cloud, application and data protection controls.
- Detection engineering and automation using scripts, queries or workflow tools where appropriate.
- Understanding of control frameworks and standards, including the National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF), National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), Center for Internet Security (CIS) Critical Security Controls and International Organization for Standardization and International Electrotechnical Commission (ISO/IEC) 27001.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Essential knowledge
- Cyber security risk governance, control design and assurance principles.
- Advanced incident response, including evidence preservation, decision logging, containment strategy and recovery planning.
- Threat-informed defence, including common attack tactics, techniques, procedures and defensive control mapping.
- Identity and access control principles, including privileged access, conditional access, authentication assurance and access recertification.
- Data handling, information classification, privacy considerations and insider risk indicators.
- Secure architecture principles for cloud, endpoint, network, application, logging and resilience controls.
Experience And Qualifications
- Typically five or more years in cyber security operations, incident response, security engineering, assurance, infrastructure security or a comparable environment, or equivalent demonstrable experience.
- Experience leading complex investigations, coordinating stakeholders, improving controls and presenting risk-based recommendations.
- Relevant professional certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or equivalent.
- A degree, apprenticeship or professional training in cyber security, information security, computer science or a related discipline is desirable but not essential where equivalent experience can be demonstrated.
Behavioural skills
- Sound judgement, professional integrity and commitment to confidentiality.
- Ability to prioritise under pressure and make proportionate, risk-based recommendations.
- Strong written and verbal communication with the ability to explain complex issues clearly.
- Constructive leadership style that develops capability and supports collaboration across technical and business teams.
- Commitment to continual improvement and practical security outcomes.
Measures of success
- Complex incidents are led effectively, with clear decisions, defensible evidence and timely corrective actions.
- Security controls are improved through tuning, process enhancement, automation and measurable risk reduction.
- Data Loss Prevention (DLP) and Multi-Factor Authentication (MFA) control performance is visible, governed and aligned to policy.
- High-risk vulnerabilities and configuration weaknesses are prioritised and remediated using a risk-based approach.
- Management reporting is clear, accurate and useful for decision-making.
- Colleagues and stakeholders receive credible guidance that improves security capability and confidence.
We are an equal opportunity employer and value diversity at our company.
We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment.
Please contact us to request accommodation.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills