Chief Information Security Officer (CISO)

San Francisco, CA - USA

Monthly Salary: Not Disclosed

Posted on: Yesterday

Vacancies: 1 Vacancy

Job Summary

About Lumafield:

Lumafield was founded in 2019 to upgrade manufacturing.

We are engineers with deep experience across the product development cycle from initial ideas to shipping hardware across industries and specializations who became frustrated by the cost and complexity of modern manufacturing. So we decided to upgrade it.

Engineers make million-dollar decisions every day and they need tools that give them the greatest possible insight into their products. By offering unprecedented visibility into products as well as AI-driven tools that highlight problems and generate quantitative data Lumafield promises to revolutionize the way complex products are created manufactured and used across industries. We started with industrial CT scanning which for us was the most valuable but underutilized tool in the manufacturing toolbox enabling us to rapidly inspect essential components non-destructively.

We rebuilt the whole system from X-ray capture to computer vision analysis to web-based collaboration to the entire business model making the most advanced manufacturing tech more accessible to every industry. Our company like our platform is designed for upgrades. Were building for greater intelligence autonomy and speed. For deeper vision operational excellence and powerful insights. And then well upgrade it all again.

Lumafield is headquartered in Cambridge MA and has an office in San Francisco CA.

About the role:

As CISO you will own Lumafields security function end-to-endfrom cloud infrastructure and product security to customer data protection and regulatory compliance. This is a rare opportunity to define security culture and architecture at a high-growth company whose customers share some of the most sensitive intellectual property in the world: proprietary product designs internal manufacturing processes and competitive R&D data.

You will report directly to the CEO and partner closely with Engineering Product Operations and Sales to make sure security enables the business rather than slows it down.

What youll do:

Define and execute Lumafields multi-year information security strategy aligning it with business objectives and customer trust requirements
Own security architecture for Voyager our cloud-based CT analysis platform including data storage access controls API security and multi-tenant isolation
Embed security into the SDLC by partnering with Engineering and DevOps on threat modeling secure code review vulnerability management and penetration testing
Extend security best practices to Lumafields hardware products and firmware including the Neptune and Triton scanner families
Lead and maintain compliance certifications (SOC 2 Type II ISO 27001) and oversee ongoing adherence to ITAR/EAR requirements across our export-controlled facility and customer engagements
Be an integral part of our enterprise sales process handle security questionnaires support complex sales cycles and build trust with InfoSec teams at major manufacturers
Build and continuously test Lumafields incident response plan; own the enterprise risk register and manage third-party vendor risk
Champion a security-first culture through training clear policies and acting as a pragmatic advisor to business stakeholders

About you:

10 years of progressive experience in information security with at least 3 years in a senior leadership role (CISO VP of Security or equivalent)
Demonstrated success building or significantly maturing a security program at a high-growth technology company
Deep expertise in cloud security particularly AWS including IAM network security data encryption and cloud-native security tooling
Strong working knowledge of compliance frameworks: SOC 2 ISO 27001 CMMC FEDRAMP and ITAR/EAR
Track record of leading incident response for significant security events
Excellent communicator able to translate complex security risk into clear business terms for the leadership team customers and cross-functional partners
Experience managing security in enterprise sales cycles including responding to customer security questionnaires and participating in procurement reviews

Bonus points:

Background in industrial technology hardware/IoT security or manufacturing sectors
Experience with medical device aerospace or defense industry compliance requirements
Prior experience as a first or early CISO comfortable operating with both strategic vision and hands-on execution
Relevant certifications: CISSP CISM CCSP or equivalent

$180000 - $220000 a year

Lumafield offers both competitive cash and equity compensation as well as a health & wellness stipend 401k parental leave flexible PTO commuter benefits company wide events and more!

Lumafield is committed to building a team that represents a variety of backgrounds perspectives and skills because the more inclusive we are the better our work will be. Do you feel like your skills dont meet every single requirement listed We encourage you to apply anyway If youre excited about our technology the opportunity and are eager to learn more wed love to hear from you!

In keeping with our beliefs and goals no employee or applicant will face discrimination or harassment based on: race color ancestry national origin religion age gender marital domestic partner status sexual orientation gender identity disability genetic information or veteran status.

Reach out if you want to be a part of what we are building.

We may use artificial intelligence (AI) tools to support parts of the hiring process such as reviewing applications analyzing resumes or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed please contact us.

Required Experience:

Chief

About Lumafield:Lumafield was founded in 2019 to upgrade manufacturing. We are engineers with deep experience across the product development cycle from initial ideas to shipping hardware across industries and specializations who became frustrated by the cost and complexity of modern manufacturing. S...