Chief Information Security Officer

San Francisco, California

 Lumentum
Apply for this Job

We are seeking a highly experienced and strategic Chief Information Security Officer to lead our cybersecurity program and safeguard Lumentum's digital assets. The ideal candidate will bring extensive hands-on experience in cybersecurity operations and be knowledgeable in U.S. SEC (Securities and Exchange Commission) regulations and other relevant compliance frameworks. This leadership role requires a proactive approach to cybersecurity risk management, continuous improvement in defense strategies, and the ability to align the security posture with the organization's business objectives.

Key Responsibilities:

  • Strategic Leadership:
  • Lead the development and implementation of cybersecurity strategy in alignment with business goals and regulatory requirements.
  • Collaborate with executive leadership to ensure cybersecurity initiatives support the overall risk management strategy.
  • Ensure adherence to all cybersecurity policies, standards, and procedures while fostering a culture of security awareness.
  • Operational Oversight:
  • Oversee day-to-day cybersecurity operations, including threat detection, vulnerability management, incident response, and security operations center (SOC) activities.
  • Direct the development and execution of technical security controls, including firewalls, encryption, and access control mechanisms.
  • Manage and optimize tools for monitoring, detection, and prevention of threats to ensure a resilient security infrastructure.
  • Compliance & Regulatory Adherence:
  • Ensure compliance with U.S. SEC regulations related to cybersecurity disclosures, incident reporting, and governance practices.
  • Lead audits, assessments, and remediation efforts related to regulatory frameworks such as SOX, NIST, ISO 27001, GDPR, and CCPA.
  • Advise executive leadership on evolving SEC cybersecurity guidelines and their implications for corporate governance and financial reporting.
  • Risk Management:
  • Conduct ongoing risk assessments, identify vulnerabilities, and lead efforts to mitigate risks that could impact the organization's operations, reputation, and compliance.
  • Collaborate with the enterprise risk management team to prioritize cybersecurity risks in alignment with broader business risks.
  • Develop and oversee business continuity and disaster recovery plans with a focus on cyber resilience.
  • Incident Response & Forensics:
  • Lead incident response strategy, ensuring swift and effective resolution of cyber threats and breaches.
  • Coordinate investigations, root cause analysis, and post-incident reviews to prevent future occurrences and strengthen defensive postures.
  • Team Leadership & Development:
  • Build and manage a high-performing cybersecurity team, fostering a culture of continuous learning, innovation, and collaboration.
  • Provide mentorship, training, and career development opportunities to ensure the team stays at the forefront of cybersecurity trends and technologies.
  • Cultivate strong partnerships across IT, legal, compliance, and other business units to ensure an integrated security approach.
  • Vendor & Third-Party Management:
  • Evaluate and manage relationships with cybersecurity vendors, service providers, and partners.
  • Ensure that third-party products and services meet the organization's security standards and integrate seamlessly into the existing security architecture.

Qualifications:

  • Bachelor's degree in Information Security, Computer Science, or related field; Master's degree preferred.
  • Minimum of 10 years of progressive experience in cybersecurity, with at least 5 years in a CISO leadership role.
  • Extensive hands-on experience with security technologies, including firewalls, IDS/IPS, encryption, SIEM, and endpoint protection.
  • In-depth knowledge of U.S. SEC cybersecurity regulations and compliance requirements, including incident disclosure and risk governance.
  • Experience with frameworks such as NIST, ISO 27001, and SOX, as well as familiarity with GDPR and CCPA.
  • Proven track record of managing complex cybersecurity programs in large organizations or highly regulated industries.
  • Strong understanding of current and emerging cybersecurity threats, vulnerabilities, and mitigation strategies.
  • Exceptional leadership and team-building skills with the ability to lead cross-functional teams.
  • Strong analytical and problem-solving abilities, with a focus on strategic and long-term planning.
  • Relevant certifications such as CISSP, CISM, CISA, or equivalent.

Preferred Skills:

  • Experience with cloud security (AWS, Azure, or GCP).
  • Previous experience working with public companies or organizations in highly regulated industries.
  • Familiarity with artificial intelligence (AI) and machine learning (ML) security applications

Date Posted: 02 May 2025
Apply for this Job
Show me similar jobs
Send me jobs by email