Sr. Director Information Security
VIAVI Solutions · Chandler, AZ · 4 wk ago
HybridInformation TechnologyFull-time
Duties & Responsibilities
- Define and execute the company’s global information and cybersecurity strategy aligned with business objectives, risk appetite, and growth plans.
- Serve as the primary cybersecurity advisor to the CIO, executive leadership team, and Board of Directors on cyber resilience, threat landscape, and program maturity.
- Partner with the CTO, CIO, CFO, General Counsel, and other senior leaders to align security investments with enterprise strategy, product direction, and operational priorities.
- Embed security into VIAVI’s products and AI initiatives, extending secure-by-design principles to hardware, firmware, and software offerings.
- Champion a security-first culture across VIAVI’s global workforce through training, clear policies, and executive engagement.
Security Governance, Risk and Compliance
- Lead enterprise-wide security governance, policy development, standards, and oversight mechanisms.
- Own and maintain the enterprise cyber risk register, including identification, prioritization, treatment, and reporting of material information security risks.
- Establish and maintain security programs aligned to leading frameworks and regulatory requirements, including ISO 27001, CMMC/DFARS, FedRAMP, EU CRA, UK CEP, and other applicable standards.
- Develop metrics and reporting to assess security program effectiveness, risk reduction, compliance status, and operational maturity.
- Establish and lead a comprehensive third-party cybersecurity risk management program to assess, monitor, and mitigate risks associated with vendors, cloud providers, SaaS platforms, outsourced service providers, and strategic technology partners.
Security Operations, Incident Management & Business Continuity
- Lead security operations across monitoring, detection, triage, escalation, containment, and remediation activities.
- Oversee and optimize the company’s use of SIEM, DLP, endpoint security, vulnerability management, attack surface management, zero trust, SSE and related technologies.
- Ensure strong cloud security architecture and operations, including identity and access management, network security, logging, data encryption, secrets management, posture management, and cloud-native controls.
- Own and continuously test the company’s incident response plan, playbooks, escalation procedures, stakeholder communications, and cyber incident preparedness through executive tabletop exercises, cross-functional simulations, and lessons-learned remediation.
- Direct crisis response during security incidents and ensure effective executive communications and stakeholder coordination.
- Oversee coordination of business continuity and disaster recovery planning in partnership with IT and business leaders.
Product and AI security
- Embed security into the software development lifecycle by partnering with Engineering, Product, and DevOps teams on Threat modeling, Secure design & coding practices, Vulnerability remediation, Penetration testing, and Secure release processes.
- Ensure security is designed into the company’s products, platforms, and AI initiatives, with appropriate controls for data protection, model security, access governance, and responsible use.
Pre-Requisites / Skills / Experience
- Required Qualifications:
- 15+ years of experience in information security, cybersecurity, risk management, or IT leadership roles, with at least 5+ years in senior security leadership positions.
- Bachelor’s degree in Computer Science, Information Security, Information Systems, or a related discipline; Master’s degree preferred.
- Proven success building, transforming, or maturing security programs in high-growth, global technology environments, including establishing a Security Operations Center.
- Deep understanding of information security frameworks, technologies, and architectures, including cloud security, data protection, network security, and enterprise identity.
- Experience/knowledge of the following technologies such as SIEM tools, DLP, Firewalls, EDR technologies, VPNs, authentication tools, etc.
- Experience with ISO 27001, CMMC, FedRAMP, ITAR/EAR, and related compliance or regulatory environments.
- Background in industrial technology, hardware/IoT security, manufacturing, defense, aerospace, or government-regulated sectors.
- Professional certifications such as CISSP, CCISO, or equivalent is desirable.
About the role
- VIAVI is a company with a 90+ year history of technical innovations that have evolved to keep pace and address our customer’s most pressing business issues.
- We make equipment, software, and systems that help to plan, deploy, certify, monitor, and optimize all kinds of networks - like those for mobile phones, service providers, large businesses and data centers.
- We are also a leader in high performance thin film optical coatings and engineered diffusers, providing light management solutions to anti-counterfeiting, consumer electronics, automotive, defense and instrumentation markets.
- We are the people behind the products that help keep the world connected – at home, school, work, at play, and everywhere in between.
- VIAVI employees are fierce about supporting customer success and we welcome people who bring their best every day to the company - to question, to collaborate and to push for solutions that will delight our customers.