×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Project Manager IT Support

Senior Manager, Information Security

Job in Bloomington, Hennepin County, Minnesota, USA
Listing for: Onto Innovation Inc.
Full Time position
Listed on 2026-01-13
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Project Manager, IT Support
Job Description & How to Apply Below
Senior Manager, Information Security page is loaded## Senior Manager, Information Security locations:
Bloomington-MN:
Wilmington-MA (Jonspin) time type:
Full time posted on:
Posted 3 Days Agojob requisition :
R-5281

Onto Innovation is a leader in process control, combining global scale with an expanded portfolio of leading-edge technologies that include: 3D metrology spanning the chip from nanometer-scale transistors to micron-level die-interconnects; macro defect inspection of wafers and packages; metal interconnect composition; factory analytics; and lithography for advanced semiconductor packaging. Our breadth of offerings across the entire semiconductor value chain helps our customers solve their most difficult yield, device performance, quality, and reliability issues.

Onto Innovation strives to optimize customers’ critical path of progress by making them smarter, faster and more efficient.
** Job Summary & Responsibilities
** The Senior Manager of Information Technology is responsible for IT governance, risk, compliance, and operational readiness across Onto Innovation’s global environment. Reporting to the Senior Director of IT and Security, this role leads regulatory compliance initiatives, cybersecurity posture management, incident response readiness, business continuity and disaster recovery programs, vulnerability management, vendor and partner risk management, and contributes to Onto’s multi-year IT and security strategy.##

Key Responsibilities ### Compliance & Governance
* Lead IT compliance programs aligned to ISO/IEC 27001, CMMC Level 2, SEMI E187, and SOX IT controls.
* Translate regulatory requirements into actionable policies, standards, procedures, and audit evidence.
* Drive audit readiness, internal assessments, remediation activities, and continuous compliance improvement.
* Partner with Legal, HR, Compliance, Finance, Facilities, Operations, Service, and Engineering teams on enterprise risk initiatives.### Cybersecurity Posture & Vulnerability Management
* Own and mature cybersecurity posture management practices across infrastructure, endpoints, and cloud services.
* Oversee vulnerability management programs, including risk-based prioritization, remediation tracking, and executive reporting.
* Partner with Infrastructure, Security Operations, and Engineering teams to reduce attack surface and improve resilience.
* Drive our IT Security program forward with a defense in depth and continuous improvement mindset.
* Continuously assess and validate security controls effectiveness and drive improvements based on threat intelligence and risk trends.### Incident Response & Readiness
* Own incident response planning and execution for IT and cybersecurity incidents.
* Design and lead tabletop exercises, purple team drills, and post-incident reviews.
* Maintain incident response playbooks, escalation paths, and executive communications.
* Drive continuous improvement through lessons learned and after-action reviews.### Business Continuity & Disaster Recovery
* Own and mature Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP).
* Define and validate RTO/RPO objectives across hybrid on-prem and cloud environments.
* Lead and coordinate DR testing, recovery exercises, and continuous improvement efforts.### Vendor, Partner & Supply-Chain Risk Management
* Lead vendor, partner, and supply-chain IT and cybersecurity risk management programs.
* Define security requirements for vendors, contract manufacturers, and extended factory partners.
* Oversee onboarding assessments, remediation tracking, and ongoing risk reviews.
* Support vendor audits, security reviews, and contractual security obligations in partnership with Procurement and Legal.### Strategic Planning & Continuous Improvement
* Contribute to the development and execution of Onto’s 3-year IT and Security strategic roadmap.
* Apply a continuous improvement mindset to compliance, security posture, incident readiness, and resilience programs.
* Identify capability gaps, emerging risks, and investment priorities across people, process, and technology.
* Support annual planning, budgeting, and executive reporting tied to multi-year…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search