Jobs · Information Technology · Oregon

Director of Information Security

Gigascale Capital · Portland, OR · 6 days ago
Information Technology$200k–$275k/yrFull-time

Responsibilities

  • Own the technical roadmap for information security across Panthalassa’s corporate, cloud, and enterprise systems environments
  • Design and implement security architecture for identity, endpoint, network, SaaS, and cloud systems, with a focus on secure-by-default standards
  • Scale and mature practical security guardrails into engineering and operational workflows, including source control, CI/CD, infrastructure as code, secrets management, logging, and access reviews
  • Partner with IT and infrastructure teams to harden corporate networks, cloud environments, endpoints, and collaboration systems
  • Define and implement identity and access management patterns, including SSO, MFA, role-based access controls, privileged access workflows, and lifecycle management
  • Lead vulnerability management across internal systems and applications, including scanner tuning, prioritization, remediation guidance, and verification of fixes
  • Establish detection and response capabilities appropriate for the company’s scale, including telemetry strategy, alerting, incident playbooks, and forensic readiness
  • Secure enterprise systems and the digital thread that support engineering release, manufacturing, supply chain, and operations
  • Build lightweight, durable security policies and standards that are aligned with how the company actually works
  • Create clear documentation, runbooks, and training that raise the security baseline across the company
  • Serve as a senior technical advisor during security incidents and significant operational events

Requirements

  • 8+ years of experience in security engineering, infrastructure security, platform security, or a closely related domain
  • Strong hands-on experience securing cloud and enterprise environments, including identity, networking, endpoints, SaaS, and logging/monitoring systems
  • Experience building and operating security controls in modern engineering environments, including CI/CD pipelines, source control platforms, infrastructure as code, and developer tooling
  • Deep knowledge of identity and access management, including SSO, MFA, RBAC, provisioning/deprovisioning, and privileged access design
  • Prominent experience leading vulnerability management and remediation programs in a fast-moving engineering environment
  • Ability to move fluidly between strategic planning and hands-on execution

Qualifications

  • Experience as a founding or early security hire at a scaling startup
  • Familiarity with security requirements relevant to enterprise infrastructure, including SOC 2 and ISO 27001 control environments
  • Experience with zero trust architecture, device trust, and modern endpoint management
  • Familiarity with cloud security tooling, SIEM/log pipelines, EDR, MDM, and infrastructure policy enforcement
  • Familiarity with secure software supply chain controls, including artifact integrity, dependency management, and secrets detection
  • Experience evaluating and securing enterprise systems such as PLM, ERP, MRP, MES, QMS, and related integrations
  • Experience with incident response, threat modeling, tabletop exercises, and security reviews for critical vendors
  • Experience working in highly regulated, high-consequence, or mission-critical industries such as aerospace, defense, energy, robotics, or advanced manufacturing

Similar jobs

Director of Information Security

Bowie State UniversityPrince George's County, MD· 2 wk ago
Information Technology$140k–$150k/yrapply on marylandconnect.wd1.myworkdayjobs.com