×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Project Manager IT Support

Manager, Information Security

Job in Minneapolis, Hennepin County, Minnesota, 55431, USA
Listing for: Onto Innovation
Full Time position
Listed on 2026-06-12
Job specializations:
  • IT/Tech
    Cybersecurity, IT Project Manager, IT Support
Job Description & How to Apply Below
Onto Innovation is a leader in process control, combining global scale with an expanded portfolio of leading-edge technologies that include: 3D metrology spanning the chip from nanometer-scale transistors to micron-level die-interconnects; macro defect inspection of wafers and packages; metal interconnect composition; factory analytics; and lithography for advanced semiconductor packaging. Our breadth of offerings across the entire semiconductor value chain helps our customers solve their most difficult yield, device performance, quality, and reliability issues.

Onto Innovation strives to optimize customers' critical path of progress by making them smarter, faster and more efficient.

Job Summary & Responsibilities

The Manager of Information Technology is responsible for IT governance, risk, compliance, and operational readiness across Onto Innovation's global environment. Reporting to the Senior Director of IT and Security, this role leads regulatory compliance initiatives, cybersecurity posture management, incident response readiness, business continuity and disaster recovery programs, vulnerability management, vendor and partner risk management, and contributes to Onto's multi-year IT and security strategy.

Key Responsibilities

Compliance & Governance

* Lead IT compliance programs aligned to ISO/IEC 27001, CMMC Level 2, SEMI E187, and SOX IT controls.

* Translate regulatory requirements into actionable policies, standards, procedures, and audit evidence.

* Drive audit readiness, internal assessments, remediation activities, and continuous compliance improvement.

* Partner with Legal, HR, Compliance, Finance, Facilities, Operations, Service, and Engineering teams on enterprise risk initiatives.

Cybersecurity Posture & Vulnerability Management

* Own and mature cybersecurity posture management practices across infrastructure, endpoints, and cloud services.

* Oversee vulnerability management programs, including risk-based prioritization, remediation tracking, and executive reporting.

* Partner with Infrastructure, Security Operations, and Engineering teams to reduce attack surface and improve resilience.

* Drive our IT Security program forward with a defense in depth and continuous improvement mindset.

* Continuously assess and validate security controls effectiveness and drive improvements based on threat intelligence and risk trends.

Incident Response & Readiness

* Own incident response planning and execution for IT and cybersecurity incidents.

* Design and lead tabletop exercises, purple team drills, and post-incident reviews.

* Maintain incident response playbooks, escalation paths, and executive communications.

* Drive continuous improvement through lessons learned and after-action reviews.

Business Continuity & Disaster Recovery

* Own and mature Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP).

* Define and validate RTO/RPO objectives across hybrid on-prem and cloud environments.

* Lead and coordinate DR testing, recovery exercises, and continuous improvement efforts.

Vendor, Partner & Supply-Chain Risk Management

* Lead vendor, partner, and supply-chain IT and cybersecurity risk management programs.

* Define security requirements for vendors, contract manufacturers, and extended factory partners.

* Oversee onboarding assessments, remediation tracking, and ongoing risk reviews.

* Support vendor audits, security reviews, and contractual security obligations in partnership with Procurement and Legal.

Strategic Planning & Continuous Improvement

* Contribute to the development and execution of Onto's 3-year IT and Security strategic roadmap.

* Apply a continuous improvement mindset to compliance, security posture, incident readiness, and resilience programs.

* Identify capability gaps, emerging risks, and investment priorities across people, process, and technology.

* Support annual planning, budgeting, and executive reporting tied to multi-year strategy.

Agile, Global IT Leadership

* Operate within an Agile, globally distributed IT organization.

* Develop metrics, dashboards, and executive reporting for compliance, cybersecurity posture, and operational readiness.

* Influence cross-functional teams through collaboration, leadership, and subject-matter expertise.

Qualifications

* 5+ years of progressive experience in IT leadership, cybersecurity, or enterprise risk management.

* Demonstrated leadership of ISO 27001, CMMC Level 2, and SOX IT control programs.

* Experience contributing to multi-year (3+ year) IT or security strategic planning and roadmaps.

* Hands-on experience with cybersecurity posture management and vulnerability management programs.

* Strong understanding of incident response, BCP/DRP, and operational resilience in hybrid IT environments.

* Experience managing vendors, partners, and supply-chain IT/security risk.

* Strong executive communication, stakeholder management, and continuous improvement mindset.

Preferred Qualifications

* Experience with SEMI E187/E188 or manufacturing-focused frameworks.

*…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search