Information Security & GRC Director

Lightmatter is leading the revolution in AI data center infrastructure, enabling the next giant leaps in human progress. The company invented the world’s first 3D-stacked photonics engine, Passage™, capable of connecting thousands to millions of processors at the speed of light in extreme-scale data centers for the most advanced AI and HPC workloads.

Lightmatter raised $400 million in its Series D round, reaching a valuation of $4.4 billion. We will continue to accelerate the development of data center photonics and grow every department at Lightmatter!

If you're passionate about tackling complex challenges, making an impact, and being an expert in your craft, join our team of brilliant scientists, engineers, and accomplished industry leaders.

Lightmatter is (re)inventing the future of computing with light!

This role will be responsible for all security and compliance strategies and policies, and will help drive a risk-based approach to securing our systems. We’re looking for a security and GRC expert to build a world-class security program and keep Lightmatter safe, secure, and compliant.

Responsibilities:

• Develop and lead a comprehensive information security and risk management program, including policies, standards, procedures, and controls to mitigate risk and ensure compliance with industry regulations.
• Oversee regular security assessments (vulnerability scanning, penetration testing, and audits) to identify and address security gaps and maintain a strong security posture.
• Collaborate cross-functionally to ensure consistent security policies and standards are applied across all projects and initiatives.
• Serve as the subject matter expert and primary point of contact for information security, representing the company to internal and external stakeholders.
• Keep abreast of emerging threats, vulnerabilities, and security technologies to adapt the security program proactively.
• Develop and deliver security awareness training programs.
• Oversee incident response planning and execution.
• Manage security budgets and resources effectively.
• Establish and maintain strong relationships with key vendors and partners.

Qualifications:

• Bachelor's degree in a technical or business field.
• 10+ years of progressive experience in information security, IT risk management, and/or IT compliance.
• Strong knowledge of IT risk management methodologies and processes.
• In-depth knowledge of security frameworks, standards, and best practices (ISO/IEC 27001, NIST, SOX, CMMC/NIST).
• Proven track record of building and implementing successful security programs.
• Familiarity with cloud security concepts and technologies.

Preferred Qualifications:

• Master's degree is preferred.
• Infosec certification (CISA, CISM, CISSP, CRISC, or similar).
• ITIL/ITSM certification
• Experience working closely with IT departments
• Experience building infosec and GRC programs from the ground up.
• Excellent communication, interpersonal, and presentation skills, with the ability to effectively convey complex security concepts to both technical and non-technical audiences.

We offer competitive compensation. The base salary range for this role determined based on location, experience, educational background, and market data.

Salary Range$225,000—$260,000 USD

Benefits

• Comprehensive Health Care Plan (Medical, Dental & Vision)
• Retirement Savings Matching Program
• Life Insurance (Basic, Voluntary & AD&D)
• Generous Time Off (Vacation, Sick & Public Holidays)
• Paid Family Leave
• Short Term & Long Term Disability
• Training & Development
• Commuter Benefits
• Flexible, hybrid workplace model
• Equity grants

Lightmatter recruits, employs, trains, compensates, and promotes regardless of race, religion, color, national origin, sex, disability, age, veteran status, and other protected status as required by applicable law.

Export Control

Candidates should have capacity to comply with the federally mandated requirements of U.S. export control laws.