Chief Information Security Officer (CISO)

We are seeking a highly experienced and strategic Chief Information Security Officer to lead our cybersecurity program and safeguard Lumentum's digital assets. The ideal candidate will bring extensive hands-on experience in cybersecurity operations and be knowledgeable in U.S. SEC (Securities and Exchange Commission) regulations and other relevant compliance frameworks. This leadership role requires a proactive approach to cybersecurity risk management, continuous improvement in defense strategies, and the ability to align the security posture with the organization's business objectives.

Key Responsibilities:

• Strategic Leadership:
• Lead the development and implementation of cybersecurity strategy in alignment with business goals and regulatory requirements.
• Collaborate with executive leadership to ensure cybersecurity initiatives support the overall risk management strategy.
• Ensure adherence to all cybersecurity policies, standards, and procedures while fostering a culture of security awareness.
• Operational Oversight:
• Oversee day-to-day cybersecurity operations, including threat detection, vulnerability management, incident response, and security operations center (SOC) activities.
• Direct the development and execution of technical security controls, including firewalls, encryption, and access control mechanisms.
• Manage and optimize tools for monitoring, detection, and prevention of threats to ensure a resilient security infrastructure.
• Compliance & Regulatory Adherence:
• Ensure compliance with U.S. SEC regulations related to cybersecurity disclosures, incident reporting, and governance practices.
• Lead audits, assessments, and remediation efforts related to regulatory frameworks such as SOX, NIST, ISO 27001, GDPR, and CCPA.
• Advise executive leadership on evolving SEC cybersecurity guidelines and their implications for corporate governance and financial reporting.
• Conduct ongoing risk assessments, identify vulnerabilities, and lead efforts to mitigate risks that could impact the organization's operations, reputation, and compliance.
• Collaborate with the enterprise risk management team to prioritize cybersecurity risks in alignment with broader business risks.
• Develop and oversee business continuity and disaster recovery plans with a focus on cyber resilience.
• Lead incident response strategy, ensuring swift and effective resolution of cyber threats and breaches.
• Coordinate investigations, root cause analysis, and post-incident reviews to prevent future occurrences and strengthen defensive postures.
• Build and manage a high-performing cybersecurity team, fostering a culture of continuous learning, innovation, and collaboration.
• Provide mentorship, training, and career development opportunities to ensure the team stays at the forefront of cybersecurity trends and technologies.
• Cultivate strong partnerships across IT, legal, compliance, and other business units to ensure an integrated security approach.
• Vendor & Third-Party Management:
• Evaluate and manage relationships with cybersecurity vendors, service providers, and partners.
• Ensure that third-party products and services meet the organization's security standards and integrate seamlessly into the existing security architecture.

Qualifications:

• Bachelor's degree in Information Security, Computer Science, or related field; Master's degree preferred.
• Minimum of 10 years of progressive experience in cybersecurity, with at least 5 years in a leadership or senior management role.
• Extensive hands-on experience with security technologies, including firewalls, IDS/IPS, encryption, SIEM, and endpoint protection.
• In-depth knowledge of U.S. SEC cybersecurity regulations and compliance requirements, including incident disclosure and risk governance.
• Experience with frameworks such as NIST, ISO 27001, and SOX, as well as familiarity with GDPR and CCPA.
• Proven track record of managing complex cybersecurity programs in large organizations or highly regulated industries.
• Strong understanding of current and emerging cybersecurity threats, vulnerabilities, and mitigation strategies.
• Exceptional leadership and team-building skills with the ability to lead cross-functional teams.
• Strong analytical and problem-solving abilities, with a focus on strategic and long-term planning.
• Relevant certifications such as CISSP, CISM, CISA, or equivalent.

Preferred Skills:

• Experience with cloud security (AWS, Azure, or GCP).
• Previous experience working with public companies or organizations in highly regulated industries.
• Familiarity with artificial intelligence (AI) and machine learning (ML) security applications