×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Director of IT Security

Job in Irvine, Orange County, California, 92713, USA
Listing for: AVEVA Denmark
Full Time position
Listed on 2026-05-31
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 137500 - 229500 USD Yearly USD 137500.00 229500.00 YEAR
Job Description & How to Apply Below

Overview

ETAP empowers customers to make informed decisions throughout the lifecycle of their projects with innovative software solutions for electrical systems. By applying ETAP solutions, customers experience continuous intelligence during design, engineering, operations, and maintenance using a unified electrical digital twin platform. ETAP supports customers in their digital transformation and sustainable energy transitions for a green and smart future, helping them prioritize safety, maximize reliability, and stay resilient.

ETAP is an Equal Opportunity Employer.

Position Summary

The Director of IT Security serves as the company’s security hub and “quarterback”—aligning IT, Engineering/R&D, Quality, Legal, and business leadership around a clear security strategy, and coordinating end‑to‑end delivery across teams that may not sit within a dedicated security organization. The role drives prioritization, establishes clear ownership, and coordinates end‑to‑end security operations, keeping execution moving (risk management, incidents, audits, vendor/security reviews, and training), and provides timely visibility to leadership on posture, gaps, and remediation progress.

The Director owns and coordinates security obligations tied to the National Security Agreement and related federal/customer requirements, ensuring audit readiness, documentation, and evidence management while maintaining operational efficiency.

Key Outcomes
  • A practical security program that scales with clear priorities, minimal bureaucracy, and measurable risk reduction.
  • Audit‑ and customer‑ready security posture (evidence organized, controls operating, owners assigned).
  • Cross‑functional security ownership: security responsibilities embedded across IT, Engineering, and business teams rather than centralized in a large security staff.
  • Reliable incident response, monitoring, and reporting pathways that work with limited tools and people.
  • Sustained compliance with NSA obligations and related security plans with predictable cadence and governance.
Key Responsibilities
  • Security Leadership and Governance: establish and maintain the company’s security strategy, annual roadmap, and control framework aligned to business priorities and resource constraints; lead a lightweight security governance cadence, define standards, patterns, and guardrails; own security policies, exceptions, and compensating controls.
  • Risk Management:

    maintain an enterprise risk register; provide security architecture direction for cloud, endpoints, identity, networks, and corporate applications; partner with R&D to implement scalable controls.
  • Cross‑Functional Partnership: collaborate with Engineering/R&D on secure development practices; partner with QA/Quality and Legal on certifications, findings, and contractual obligations; influence leaders to embed security responsibilities into roles and objectives; align strategy with parent and sister company security teams.
  • Compliance, Audit Readiness & Evidence Management: lead planning for internal, customer, third‑party, parent‑company, and government‑related audits; support ISO 27001 and other applicable certifications; maintain an evidence program with procedures, test results, access reviews, training completion, incident records, and corrective actions.
  • National Security Agreement (NSA) & Federal/Controlled Data Responsibilities: define sustainable security controls required by the NSA; protect classified, controlled unclassified information (CUI), export‑controlled, and NSA‑governed data; maintain alignment with NIST, ISO, GDPR, and related frameworks; support FOCI mitigation requirements.
  • Incident Response, Monitoring & Business Continuity: own and run incident response planning and execution; coordinate NSA/customer notifications; ensure pragmatic monitoring and logging coverage; partner with business functions on continuity and disaster recovery planning.
  • Third‑Party/Vendor Security: build a right‑sized vendor risk management program; assess risk, review contracts, and track remediation; ensure critical vendors meet baseline security requirements.
  • Security Awareness & Training: deliver role‑based security training; build a…
    • To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
    (If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
     
     
     
    Search for further Jobs Here:
    (Try combinations for better Results! Or enter less keywords for broader Results)
    Location
    Increase/decrease your Search Radius (miles)
    0
    200
    Filters
    Education Level
    Experience Level (years)
    Posted in last:
    Salary
    Advanced Search