Role Overview
Panthalassa is hiring a Director of Information Security. This is a full-time role in Portland. Full responsibilities, required qualifications, and the apply link are listed in the description below.
Resume Keywords to Include
Make sure these keywords appear in your resume to improve ATS scoring
Job description
About the Company
We are a renewable energy and ocean technology company committed to rapidly developing and deploying technologies that will ensure a sustainable future for Earth by unlocking the vast energy potential of its oceans. Our focus is on capturing civilizational levels of ultra-low-cost renewable energy for applications including computing and affordable renewable fuels delivered to shore.
The company is a public benefit corporation headquartered in Portland, Oregon, and backed by leading venture capitalists, philanthropic investors, university endowments, and private investment offices. We operate as an idea meritocracy in which the best ideas change the company’s direction on a regular basis.
About the Job
Panthalassa is moving from prototype systems toward repeatable production, larger facilities, more connected enterprise systems, and increasingly mission-critical software, infrastructure, and operational data flows. We’re hiring a Director of Information Security to scale and mature the security foundations that will allow the company to scale quickly without losing control.
This is a hands-on, high-leverage builder role. You will own the technical direction of Panthalassa’s information security program across corporate infrastructure, cloud environments, engineering systems, identity and access management, enterprise applications, and security operations. Your job is not to create bureaucracy. Your job is to build practical guardrails, resilient architectures, and clear operating mechanisms that make the company more secure while helping engineering, manufacturing, and business teams move faster.
You’ll partner closely with IT, software, test, enterprise systems, manufacturing, and leadership to identify the highest-risk gaps, prioritize what matters, and implement controls that are robust, scalable, and usable in the real world. This role is both an individual contributor and a strategic leadership role, where you will shape the broader security organization, vendor strategy, and long-term roadmap.
Responsibilities
- Own the technical roadmap for information security across Panthalassa’s corporate, cloud, and enterprise systems environments
- Design and implement security architecture for identity, endpoint, network, SaaS, and cloud systems, with a focus on secure-by-default standards
- Scale and mature practical security guardrails into engineering and operational workflows, including source control, CI/CD, infrastructure as code, secrets management, logging, and access reviews
- Partner with IT and infrastructure teams to harden corporate networks, cloud environments, endpoints, and collaboration systems
- Define and implement identity and access management patterns, including SSO, MFA, role-based access controls, privileged access workflows, and lifecycle management
- Lead vulnerability management across internal systems and applications, including scanner tuning, prioritization, remediation guidance, and verification of fixes
- Establish detection and response capabilities appropriate for the company’s scale, including telemetry strategy, alerting, incident playbooks, and forensic readiness
- Secure enterprise systems and the digital thread that support engineering release, manufacturing, supply chain, and operations
- Perform security architecture reviews for new tools, vendors, infrastructure changes, and internal systems
- Build lightweight, durable security policies and standards that are aligned with how the company actually works
- Partner with legal, finance, IT, and business operations on audit readiness, third-party risk, and customer or partner security requirements
- Drive remediation of high-priority risks through direct implementation, automation, and close partnership with system owners
- Create clear documentation, runbooks, and training that raise the security baseline across the company
- Serve as a senior technical advisor during security incidents and significant operational events
Required Qualifications
- 8+ years of experience in security engineering, infrastructure security, platform security, or a closely related domain
- Strong hands-on experience securing cloud and enterprise environments, including identity, networking, endpoints, SaaS, and logging/monitoring systems
- Experience building and operating security controls in modern engineering environments, including CI/CD pipelines, source control platforms, infrastructure as code, and developer tooling
- Deep knowledge of identity and access management, including SSO, MFA, RBAC, provisioning/deprovisioning, and privileged access design
- Proven experience leading vulnerability management and remediation programs in a fast-moving engineering environment
- Experience designing security architectures and making high-quality tradeoff decisions in complex, ambiguous settings
- Ability to move fluidly between strategic planning and hands-on execution
- Clear written and verbal communication skills, with the ability to work effectively across technical and non-technical teams
- Good judgment, high ownership, and a practical mindset about applying security where it matters most
Desired Qualifications
- Experience as a founding or early security hire at a scaling startup
- Experience securing environments that support hardware engineering, manufacturing, lab operations, or industrial/OT-adjacent systems
- Familiarity with security requirements relevant to enterprise infrastructure, including SOC 2 and ISO 27001 control environments
- Experience with zero trust architecture, device trust, and modern endpoint management
- Experience with cloud security tooling, SIEM/log pipelines, EDR, MDM, and infrastructure policy enforcement
- Familiarity with secure software supply chain controls, including artifact integrity, dependency management, and secrets detection
- Experience evaluating and securing enterprise systems such as PLM, ERP, MRP, MES, QMS, and related integrations
- Experience with incident response, threat modeling, tabletop exercises, and security reviews for critical vendors
- Experience working in highly regulated, high-consequence, or mission-critical industries such as aerospace, defense, energy, robotics, or advanced manufacturing
The above qualifications are desired, not required. We encourage you to apply if you are a strong candidate with only some of the desired skills and experience listed.
Additional Requirements
- This role requires regular on-site presence in Portland, Oregon
- You should be comfortable working across office, lab, and industrial environments and partnering directly with teams doing hands-on technical work
- Occasional travel to vendors, partner sites, test sites, or future facilities may be required
- Intermittently able to work longer hours when supporting critical incidents, infrastructure changes, or time-sensitive operational needs
Compensation and Benefits
If hired for this full-time role, you will receive:
- Cash compensation of $200,000 - $275,000
- Equity in the company. We’re all owners and if we’re successful, this equity should be far and away the most valuable component of your compensation.
- A benefits package that helps you take care of yourself and your family, including:
- Flexible paid time off
- Health insurance (the company pays 100% of gold level PPO plan for full time employees, their partners, and dependents)
- Dental insurance (the company pays 100% for full time employees and 100% for their partners and dependents)
- Vision insurance (the company pays 100% for full time employees, their partners, and dependents)
- Disability insurance (the company pays 100% for a policy to provide long term financial support if you become disabled)
- Ability to contribute to tax-advantaged accounts, including 401(k), health FSA, and dependent care FSA
- Relocation assistance to facilitate your move to Portland (if needed).
Location
This is an on-site position with expectation of regular presence in our Portland facilities (4+ days/week). Our offices, lab, and shop are located in Portland, Oregon. This position may require occasional domestic and international travel for new office or facility buildouts.
About Panthalassa
Panthalassa
34 other open roles at Panthalassa on TryApplyNow.
Frequently Asked Questions
How do I apply for the Director of Information Security position at Panthalassa?
Use the Apply button above to submit your application directly to Panthalassa. Most applications take less than 5 minutes if your resume and contact details are ready, and you'll be routed to the employer's official application system to finish.
Where is the Director of Information Security position at Panthalassa located?
This position is based in Portland. Panthalassa has not indicated remote or hybrid options for this role, so candidates should plan for on-site work.
What does a Director of Information Security at Panthalassa earn?
Panthalassa has not disclosed a salary range in this posting. Many employers share specifics later in the interview process; you can also ask during a recruiter screen if compensation transparency is important to you.
When was the Director of Information Security role at Panthalassa posted?
This role was posted on May 4, 2026 (66 days ago). It's still listed as actively hiring; we re-confirm openings against the source system multiple times per day and remove closed roles.
More Jobs at Panthalassa
View all →Senior Compute Infrastructure Engineer
Panthalassa
Senior Technical Recruiter, Manufacturing
Panthalassa
Senior Technical Program Manager
Panthalassa
Senior Software Integration Engineer
Panthalassa
Senior Software Engineer, Core Systems
Panthalassa
AI-powered job search
Get every job scored to your resume
Upload your resume and get jobs ranked, your resume tailored, and employee contacts found automatically.
Get started freeNo credit card to start