Cybersecurity Governance Program Manager

Kla-Tencor Milpitas , CA 95035

Posted 3 months ago

Company Overview

Calling the adventurers ready to join a company that's pushing the limits of nanotechnology to keep the digital revolution rolling. At KLA, we're making technology advancements that are biggerand tinierthan the world has ever seen.

Who are we? We research, develop, and manufacture the world's most advanced inspection and measurement equipment for the semiconductor and nanoelectronics industries. We enable the digital age by pushing the boundaries of technology, creating tools capable of finding defects smaller than a wavelength of visible light. We create smarter processes so that technology leaders can manufacture high-performance chipsthe kind in that phone in your pocket, the tablet on your desk and nearly every electronic device you ownfaster and better. We're passionate about creating solutions that drive progress and help people do what wouldn't be possible without us. The future is calling. Will you answer?


The Cybersecurity group at KLA is involved in every aspect of the global business. The KLA Cybersecurity group defends against cyber-attacks and provides cybersecurity tools, incident response services and assessment capabilities to safeguard the environments that support the essential operations of KLA. We are passionate about identifying adversarial activities and anticipating a wide variety of threats to strengthen our defenses and the overall protection of KLA Intellectual Property.


In this position, you will be responsible for driving global cybersecurity policy, standard operating procedures, management of cyber risk, increasing KLA's security posture, and implementing security practices for the company.

Key responsibilities will include assessing the nature of KLA's cybersecurity needs, and maintaining an enterprise-wide cybersecurity program. This position will expertly guide and provide answers and solutions to questions related to cybersecurity and cyber risk. It is expected that this position will provide expertise, influence, and consultation within and outside the KLA Cybersecurity Organization.

This position is responsible for identifying, evaluating and reporting on information security risks on a global scale; ensuring the protection of KLA assets and data. This job will ensure KLA's cybersecurity landscape is effective, efficient, well designed and operating in a stable manner across the globe with the ability to meet evolving business risk profiles.

This individual must build and maintain strong relationships across the enterprise to implement appropriate controls to protect data, products and operations and will lead annual and cyclical cybersecurity policy and procedures assessments and enhancements.

Responsibilities include but are not limited to:

  • Review the effective operation of established security controls and make recommendations for improvements as appropriate

  • Act as a primary point of contact, respond to requests from internal and external auditors with evidence of the effective operation of relevant Cybersecurity Controls (e.g. NIST, CIS 20, CSA, SOX, etc.)

  • Promote awareness of Cybersecurity policies, tools, methodologies and best practices.

  • Direct the conduct of Cybersecurity risk assessments, and report the results to senior management

  • Manage the development and implementation of global Cybersecurity risk policy, standards, guidelines and procedures to ensure ongoing maintenance of security

  • Apply subject matter expertise and judgment on risk evaluation, risk assessments and risk mitigations for Cybersecurity, IT and Business Unit projects.

  • Responsible for bringing Cybersecurity decisions to closure and building consensus through collaboration within Cyber, IT, Business Unit colleagues and project team members.

  • Ensure that all Cybersecurity risk and control gaps are clearly documented and work with project teams to develop remediation plans to address issues.

  • Ensure IT and KLA business teams adhere to Cybersecurity policies and standards.

  • Serve as a Project Manager for key Cybersecurity initiatives.

  • Perform end to end Cybersecurity assessments on existing, new and purchased applications, systems and networks.

  • Perform due diligence in conjunction with Third Party, Merger and Acquisition activity and other external relationships.


  • Strong understanding of Security Architecture and Design, Information Security Standards and Technical Security Risk Assessment methodologies.

  • Experience with cloud (IaaS, SaaS).

  • Current security certification (e.g. CISSP, CISA, CRISC).

  • Practical experience with designing, implementing and administering cybersecurity risk programs within mid to large-sized organizations.

  • Advanced understanding of the following areas: operating system security, database security, network security, next-generation firewalls, identity and access management systems, anti-malware solutions, automated policy compliance, vulnerability scanning, SSO, Data Leak Prevention, Digital Rights Management, DRM, DLP, vulnerability assessment tools and privileged access management.

  • Experience in accommodating changing security requirements within a high-growth business environment, and advising decision makers on risk management issues.

  • Superb research, analytical, critical thinking, and problem-solving skills.

  • Excellent writing skills.

  • Strong communication and presentation skills.

  • Experience with common frameworks, such as International Standards Organization (ISO) 27001, Control Objectives for Information and Related Technology (CobiT) frameworks, NIST RMF, NIST CSF, CIS 20, OWASP Top 10 and CWE Top 25, DREAD, STRIDE and/or other risk management and threat modeling methods to improve security posture enterprise-wide.

  • Good knowledge of threat modeling methods and techniques to improve security posture enterprise-wide. Ability to provide clear and concise policy, direction and expert knowledge when queried by business on several cybersecurity issues and areas.

Minimum Qualifications

Master's Level Degree with at least 4 years of experience in Cybersecurity OR Bachelor's Level Degree with at least 5 years of experience in Cybersecurity.

Equal Employment Opportunity

KLA is an Equal Opportunity Employer. Applicants will be considered for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or any other characteristics protected by applicable law.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Benefits Program Manager


Posted 2 weeks ago

VIEW JOBS 11/6/2019 12:00:00 AM 2020-02-04T00:00 FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,500 customers across 67 countries, including more than 50 percent of the Forbes Global 2000. The Role: This role is responsible for managing all aspects of our United States employee benefits & perk programs, including associated communications, projects and events. This role also manages our Leaves of Absence program and vendor. In addition, this role manages the financial tasks of the benefits program globally, which includes requisitions, purchase orders, coordinating with internal groups, external vendors and consultants to make sure invoices and premiums are paid in a timely manner. This role will be asked to manage or participate in global implementations or projects, all with an eye on taking on management of benefit programs in other countries. The role works closely with the insurance companies, vendors and consultants who support the programs globally. We are looking for an individual with extensive benefits and 401k experience in the United States and some experience globally, who is comfortable operating at the transactional level but who can think strategically to help us streamline processes, reduce opportunities for defects, address control gaps, and reduce escalations. The role will also include assisting in planning and design, tracking and analyzing benefit costs, ensuring company compliance with local laws governing benefits, and ensuring that our benefits allow us to attract the kind of world-class talent needed to achieve our business objectives. This role reports to the Director of Global Benefits. Our benefits include health and welfare, income protection, time off and leaves of absence, financial/retirement plans, well-being, and other benefits on a global basis. Responsibilities: * Maintain benefits offering in close partnership with Finance, Legal, and HR. * Work with Finance, Accounts Payable, Accounts Receivable to ensure timely payment of global benefit program premiums and fees. * Ensure compliance of benefits plans and programs globally. In the United States, this includes all federal, state and local laws and regulations, including ERISA, HIPAA, ADA, IRS, DOL, HCR, City of San Francisco, etc. * Ensure government reporting requirements are met, including 5500 filings, SPDs, SMMs, SARs, etc. * Participate in benefit surveys and benchmarking activities. * Manage daily activity with outside consultants and brokers; maintain close working relationships and ensure smooth coordination to quickly identify solutions when outside expertise is needed. * Work closely with vendors; support and coordinate annual health fair and other well-being activities. * Develop and maintain benefits communications throughout the year, and annually for the United States open enrollment. * Manage special projects and provide ad hoc reporting. * Act as point of contact to resolve health and welfare operational problems, health and welfare escalations, claims and appeals. * Maintains benefits information on HR intranet. * Performs other duties as assigned. Requirements: * Bachelor's degree (HR, Business Administration or related area, preferred) * At least 8 years of Benefits experience – combination of United States and Global preferred * Experience within a high-tech organization preferred * Knowledge of Human Resources business processes (compensation, benefits, finance, payroll, etc.) * Computer savvy; proficient with Microsoft Office Suite, Workday, Oracle, SharePoint * CEBS and/or CBP designation desired Additional Qualifications: * Knowledge of international benefits, preferably by way of hands-on experience * Ability to think strategically; arrive at creative solutions, while balancing legal requirements with our culture * Strong interpersonal skills; ability to develop effective relationships and partnerships with HR team and internal/external business partners at all levels of the organization * Excellent written and verbal communication skills * Self-starter with a high level of attention to detail and follow-through * Good project management skills with ability to multi-task and prioritize objectives * Positive team player, cooperative, self-motivated, courteous, and professional attitude * Demonstrated confidence, credibility and good judgment * Must always be able to maintain discretion and confidentiality All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. Fireeye Milpitas CA

Cybersecurity Governance Program Manager