Senior Manager, Information Security jobs in United States
cer-icon
Apply on Employer Site
company-logo

Onto Innovation · 1 day ago

Senior Manager, Information Security

positionBloomington-MN
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$120K/yr - $180K/yr
date10+ years exp

Onto Innovation is a leader in process control, specializing in advanced technologies for the semiconductor industry. The Senior Manager of Information Security is responsible for IT governance, risk management, compliance, and operational readiness, leading initiatives in cybersecurity and incident response across the company's global operations.

3D TechnologyManufacturingSemiconductor
check
H1B Sponsor Likelynote

Responsibilities

Lead IT compliance programs aligned to ISO/IEC 27001, CMMC Level 2, SEMI E187, and SOX IT controls
Translate regulatory requirements into actionable policies, standards, procedures, and audit evidence
Drive audit readiness, internal assessments, remediation activities, and continuous compliance improvement
Partner with Legal, HR, Compliance, Finance, Facilities, Operations, Service, and Engineering teams on enterprise risk initiatives
Own and mature cybersecurity posture management practices across infrastructure, endpoints, and cloud services
Oversee vulnerability management programs, including risk-based prioritization, remediation tracking, and executive reporting
Partner with Infrastructure, Security Operations, and Engineering teams to reduce attack surface and improve resilience
Drive our IT Security program forward with a defense in depth and continuous improvement mindset
Continuously assess and validate security controls effectiveness and drive improvements based on threat intelligence and risk trends
Own incident response planning and execution for IT and cybersecurity incidents
Design and lead tabletop exercises, purple team drills, and post-incident reviews
Maintain incident response playbooks, escalation paths, and executive communications
Drive continuous improvement through lessons learned and after-action reviews
Own and mature Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)
Define and validate RTO/RPO objectives across hybrid on-prem and cloud environments
Lead and coordinate DR testing, recovery exercises, and continuous improvement efforts
Lead vendor, partner, and supply-chain IT and cybersecurity risk management programs
Define security requirements for vendors, contract manufacturers, and extended factory partners
Oversee onboarding assessments, remediation tracking, and ongoing risk reviews
Support vendor audits, security reviews, and contractual security obligations in partnership with Procurement and Legal
Contribute to the development and execution of Onto’s 3-year IT and Security strategic roadmap
Apply a continuous improvement mindset to compliance, security posture, incident readiness, and resilience programs
Identify capability gaps, emerging risks, and investment priorities across people, process, and technology
Support annual planning, budgeting, and executive reporting tied to multi-year strategy
Operate within an Agile, globally distributed IT organization
Develop metrics, dashboards, and executive reporting for compliance, cybersecurity posture, and operational readiness
Influence cross-functional teams through collaboration, leadership, and subject-matter expertise

Qualification

ISO 27001CMMC Level 2SOX IT controlsCybersecurity posture managementVulnerability managementIncident responseBusiness Continuity PlanningDisaster Recovery PlanningVendor risk managementExecutive communicationStakeholder managementContinuous improvement mindsetOperational disciplineCollaboration

Required

10+ years of progressive experience in IT leadership, cybersecurity, or enterprise risk management
Demonstrated leadership of ISO 27001, CMMC Level 2, and SOX IT control programs
Experience contributing to multi-year (3+ year) IT or security strategic planning and roadmaps
Hands-on experience with cybersecurity posture management and vulnerability management programs
Strong understanding of incident response, BCP/DRP, and operational resilience in hybrid IT environments
Experience managing vendors, partners, and supply-chain IT/security risk
Strong executive communication, stakeholder management, and continuous improvement mindset

Preferred

Experience with SEMI E187/E188 or manufacturing-focused frameworks
Familiarity with NIST CSF, NIST 800-53, or NIST 800-171
Experience supporting global operations across North America, Europe, and APAC
Background in semiconductor, advanced manufacturing, or IP-sensitive industries
Experience translating strategy into measurable OKRs, KPIs, and risk metrics

Benefits

Health, dental, and vision coverage
Life and disability insurance
PTO
401(k) with employer match
Employee Stock Purchase Program (ESPP)
Wellness initiatives

Company

Onto Innovation

twittertwitter
company-logo
Onto Innovation stands alone in process control with our unique perspective across the semiconductor value chain.
dateFounded in 2019
location
Wilmington, Massachusetts, USA
people-size1001-5000 employees
web-link
http://www.ontoinnovation.com

H1B Sponsorship

Onto Innovation has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (16)
2024 (26)
2023 (12)
2022 (18)
2021 (13)
2020 (20)

Funding

Current Stage
Public Company
Total Funding
unknown
1999-11-12IPO

Leadership Team

leader-logo
Chris Seams
Chairman Of The Board
linkedin

Recent News

Benzinga.com
Beyond The Numbers: 8 Analysts Discuss Onto Innovation Stock
2026-01-06
MarketScreener
Onto Innovation Receives TSMC Honor for “Excellent Production Support”
2025-12-22
Business Wire
Onto Innovation Completes Acquisition of Unique Materials Composition and Electrical Analysis Product Lines from Semilab International
2025-11-18
Company data provided by crunchbase