Description

About the Role:

Ampere is seeking a Senior Director of Information Security to lead our information security function. This leader will be responsible for defining and executing Ampere's security strategy, bridging IT and InfoSec, maturing the security operating model, and protecting Ampere's most critical assets.

You will step into an environment committed to information security, and that is continuously improving our tools, processes and approach. This is a strategic role with visibility to the executive team and to all parts of our business. A core part of the role will be to standardize security strategy and architecture, improve governance, evaluate tooling, strengthen operational processes, and lead external security partnerships as required.

This role requires a pragmatic security executive who can balance business priorities, engineering productivity, infrastructure resilience, and risk reduction. You will partner closely with IT, Engineering, Lega and Compliance, HR, Finance, business and engineering leadership, and external partners. This role will advise product and engineering teams on security best practices as needed.

Ampere's Information Security team has responsibility to modernize infrastructure, consolidate tooling, strengthen governance, and build a resilient 24/7 security operations model to protect the enterprise and our primary data centers.

What You'll Achieve:

Strategic Governance & Security Architecture

• Develop and execute Ampere's enterprise information security strategy and roadmap.
• Maintain robust reporting for security initiatives using meaningful security metrics, risk indicators, maturity measures, and remediation tracking.
• Balance strategic goals of the company with key security initiatives , ensuring security enables the business while reducing material risk.
• Review, update, and enforce enterprise security policies and standards across endpoints, network, cloud, SaaS, and on-prem environments .
• Standardize Ampere's security architecture and operating model across all environments used in the business.
• Represent the security function to company leadership, auditors, customers, and external partners as needed.

Security Operations & Vendor Management

• Lead Ampere's security operations strategy, including monitoring, detection, escalation, response, and continuous improvement.
• Lead the strategic relationship with external vendors , including ongoing performance management, and service improvements.
• Serve as the primary leader and escalation point for critical cybersecurity incidents .
• Mature all aspects of the infosec system, including policies, tools and operating model.
• Standardize data collection, monitoring, and alerting across endpoints, servers, identity systems, networks, cloud platforms, SaaS applications, and data centers.
• Ensure security tooling is in place to support the continuous challenges of security in operations.
• Advise and utilize critical data and AI capabilities to aid in operations as required.

Cross-Functional Leadership & IT Alignment

• Bridge the gap between Security and IT Operations through shared processes, metrics, ownership, and operating rhythms.
• Develop and manage infosec workflows across infrastructure, endpoints, cloud, and critical applications.
• Ensure operational audits are tied to actionable plans for improvement .
• Partner with IT, Infrastructure, Engineering, and business teams to improve security while supporting business goals.
• Foster a culture of shared responsibility and collaborative risk management across the company.

Product, Infrastructure & IP Protection

• Develop and implement a security roadmap to protect Ampere's core semiconductor assets and IP.
• Support, interpret and develop policies and audit practices across all IT and related efforts.
• Advise product, firmware, platform, and engineering teams on security best practices where needed.
• Support compliance, customer assurance, and third-party security activities related to critical vendors, EDA partners, cloud providers, foundry ecosystem partners, and managed security providers.
• Develop and evolve critical AI security metrics, policies and reporting.

About You:

• Bachelor's degree in Computer Science, Information Security, or a related technical field with 15+ years progressive experience in information security, cybersecurity, security operations, security architecture, infrastructure security, or risk management; or Master's degree in a related technical field with 12+ years progressive experience in information security, cybersecurity, security operations, security architecture, infrastructure security, or risk management.
• 5+ years in a senior leadership role managing InfoSec, SecOps, architecture, engineering, or governance teams, and proven record of driving results through a team while growing and scaling individual capability.
• Experienced in using modern technologies and improving infrastructure to keep pace in a fast-paced, complex and shifting technology environment.
• Experience rolling out unified security platforms or operating models.
• Strong experience selecting, onboarding, and managing external partners.
• Strong understanding of modern security capabilities, including EDR/XDR, identity security, cloud security, modern network security, and incident response.
• Familiarity with cybersecurity frameworks such as NIST CSF, ISO 27001, SOC 2, CIS Controls, NIST 800-53
• Experience building governance models, cross-functional review boards, executive reporting, and risk-based prioritization processes.
• Strong executive communication skills, including the ability to translate complex technical risks into clear business decisions for senior leadership and the Board.
• Role model in collaborative problem solving, stakeholder management and gaining buy-in and partnership from partner organizations.
• Experience in semiconductor, hardware design, cloud infrastructure, AI infrastructure, critical technology, or other high-IP environments is strongly preferred.

Certifications We Value

Required / Strongly Preferred:

• CISSP
• CISM
• CISA
• CCSP
• GIAC security certifications

Nice to Have:

• ISO 27001 Lead Implementer or Lead Auditor
• CRISC
• CDPSE
• Cloud security certifications from AWS, Azure, or Google Cloud
• ITIL or related operational certifications

Security Skills We Value

Required / Strongly Preferred:

• Information security leadership
• Security governance and architecture
• Security operations and incident response
• MDR/MSSP vendor management
• Tooling consolidation and platform rationalization
• Vulnerability and exposure management
• Endpoint security / EDR / XDR
• Identity, ZTNA, SSO, MFA, PAM, and access governance
• Network, cloud, SaaS, and on-prem security
• Executive reporting and security metrics
• NIST CSF, ISO 27001, SOC 2, CIS Controls, and MITRE ATT&CK
• Semiconductor, EDA, hardware design, or high-IP engineering environment security experience

Nice to Have:

• Data classification, DLP, insider-risk, and IP protection experience
• Third-party risk management experience
• Customer security assurance and audit support experience
• Experience supporting global teams and hybrid on-prem/cloud environments

Equivalent practical experience will also be considered.

What We'll Offer:

At Ampere we believe in taking care of our employees and providing a competitive total rewards package that includes base pay, cash long-term incentive, and comprehensive benefits. The full base pay range for this role is between $347,000 and $520,000, except in the San Francisco Bay Area where the range is between $362,000 and $543,000.

Our benefits include health, wellness, and financial programs that support employees through every stage of life.

Benefit highlights include:

• Premium medical insurance, dental insurance, vision insurance, as well as income protection and a 401K retirement plan, so that you can feel secure in your health and financial future.
• Unlimited Flextime and 10+ paid holidays so that you can embrace a healthy work-life balance.
• A variety of healthy snacks, energizing espresso, and refreshing drinks to keep you fueled and focused throughout the day.

And there is much more than compensation and benefits. At Ampere, we foster an inclusive culture that empowers our employees to do more and grow more. We are excited to share more about our career opportunities with you through the interview process.

#LI-Hybrid