Senior Director, Information Security
Chandler, Arizona, United States of America
Full Time
8 hours ago
Visa Sponsor
Key skills
CloudCyber SecurityFirewallsIoTAISaaSLeadershipRisk ManagementRemote WorkPenetration TestingNetwork SecurityCloud SecurityZero Trust
About this role
Role Overview
- Define and execute the company’s global information and cybersecurity strategy aligned with business objectives, risk appetite, and growth plans.
- Serve as the primary cybersecurity advisor to the CIO, executive leadership team, and Board of Directors on cyber resilience, threat landscape, and program maturity.
- Partner with the CTO, CIO, CFO, General Counsel, and other senior leaders to align security investments with enterprise strategy, product direction, and operational priorities.
- Embed security into VIAVI’s products and AI initiatives, extending secure-by-design principles to hardware, firmware, and software offerings.
- Champion a security-first culture across VIAVI’s global workforce through training, clear policies, and executive engagement.
- Lead enterprise-wide security governance, policy development, standards, and oversight mechanisms.
- Own and maintain the enterprise cyber risk register, including identification, prioritization, treatment, and reporting of material information security risks.
- Establish and maintain security programs aligned to leading frameworks and regulatory requirements, including ISO 27001, CMMC/DFARS, FedRAMP, EU CRA, UK CEP, and other applicable standards.
- Develop metrics and reporting to assess security program effectiveness, risk reduction, compliance status, and operational maturity.
- Establish and lead a comprehensive third-party cybersecurity risk management program to assess, monitor, and mitigate risks associated with vendors, cloud providers, SaaS platforms, outsourced service providers, and strategic technology partners.
- Lead security operations across monitoring, detection, triage, escalation, containment, and remediation activities.
- Oversee and optimize the company’s use of SIEM, DLP, endpoint security, vulnerability management, attack surface management, zero trust, SSE and related technologies.
- Ensure strong cloud security architecture and operations, including identity and access management, network security, logging, data encryption, secrets management, posture management, and cloud-native controls.
- Own and continuously test the company’s incident response plan, playbooks, escalation procedures, stakeholder communications, and cyber incident preparedness through executive tabletop exercises, cross-functional simulations, and lessons-learned remediation.
- Direct crisis response during security incidents and ensure effective executive communications and stakeholder coordination.
- Oversee coordination of business continuity and disaster recovery planning in partnership with IT and business leaders.
- Embed security into the software development lifecycle by partnering with Engineering, Product, and DevOps teams on Threat modeling, Secure design & coding practices, Vulnerability remediation, Penetration testing, and Secure release processes.
- Ensure security is designed into the company’s products, platforms, and AI initiatives, with appropriate controls for data protection, model security, access governance, and responsible use.
Requirements
- 15+ years of experience in information security, cybersecurity, risk management, or IT leadership roles, with at least 5+ years in senior security leadership positions.
- Bachelor’s degree in Computer Science, Information Security, Information Systems, or a related discipline; Master’s degree preferred.
- Proven success building, transforming, or maturing security programs in high-growth, global technology environments, including establishing a Security Operations Center.
- Deep understanding of information security frameworks, technologies, and architectures, including cloud security, data protection, network security, and enterprise identity.
- Experience/knowledge of the following technologies such as SIEM tools, DLP, Firewalls, EDR technologies, VPNs, authentication tools, etc.
- Experience with ISO 27001, CMMC, FedRAMP, ITAR/EAR, and related compliance or regulatory environments.
- Background in industrial technology, hardware/IoT security, manufacturing, defense, aerospace, or government-regulated sectors.
- Professional certifications such as CISSP, CCISO, or equivalent is desirable.
Tech Stack
- Cloud
- Cyber Security
- Firewalls
- IoT
Benefits
- Health insurance
- 401(k) matching
- Flexible work hours
- Paid time off
- Remote work options