Head of Security
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Head of Security overseeing security strategies, compliance, and operations for AI training data platform. Leading security initiatives and building trust with partners in a high-growth environment.
Responsibilities:
- Mature the Security & Compliance Program
- Audit and improve the existing security program by identifying gaps, prioritizing improvements, and bringing more structure to what exists.
- Formalize security policies and frameworks appropriate for our stage
- Own and evolve our compliance posture. We have SOC 2 Type II in place and you'll maintain it, improve our controls, and provide automation wherever needed
- Ensure compliance with HIPAA and other healthcare data regulations, and build a robust PHI protection program
- Protect the Data Pipeline
- Secure the end-to-end lifecycle of training data which includes ingestion, processing, storage, preparation, and delivery
- Partner with engineering to embed security into CI/CD pipelines, cloud infrastructure, and data workflows
- Be Technical and Hands-On
- Conduct threat modeling, architecture reviews, and code-level security assessments
- Lead incident response when things go wrong
- Evaluate and deploy security tooling
- Enable the Business
- Translate security risks into business language for the executive team and board
- Serve as the security face to customers, fielding security questionnaires, supporting sales cycles, and building trust with AI company partners and customers
- Build a security-aware culture across the company through training and lightweight processes that don't slow teams down
- Scale the Function
- Decide what to build, what to buy, and what to outsource
- Set the roadmap for how security evolves from Series A through a rapid growth stage
Requirements:
- 8+ years in security roles, with at least 2 years in a leadership capacity
- Deep technical foundation: you've worked as or alongside engineers and can credibly review architecture, infrastructure, and code
- Experience building or significantly maturing a security program at an early-stage or high-growth company (not just maintaining one at a large enterprise)
- Strong understanding of cloud security (AWS, GCP, or Azure), identity/access management, and data protection at scale
- Hands-on experience with compliance frameworks (SOC 2, ISO 27001). You’ve maintained certifications and know how to expand scope without over-engineering the problem
- Hands-on experience with HIPAA compliance
- Comfort operating as an individual contributor and a leader simultaneously
- Nice to Haves: Experience securing data pipelines or working with data-intensive platforms
- Experience working in a data infrastructure company
- Background in AI/ML or companies selling to technical buyers
- Experience with data provenance, lineage tracking, or data governance in ML contexts
- Familiarity with supply chain security
- Prior experience as a customer-facing security leader
Benefits:
- Health insurance
- Flexible work arrangements
Similar Jobs
Managed Security Services Engineer I
Managed Security Services Engineer at Radian Generation focusing on renewable energy technologies. Collaborating with Managed Security Service Providers to enhance cybersecurity and IT management.
Senior Software, Security Architect – Embedded Cybersecurity Platform
Lead Security Architect for implementing embedded cybersecurity solutions for AURA Technologies. Collaborate with the Chief Architect and build a security-focused engineering team.
Security Engineer
Security Engineer managing privileged access and CyberArk technologies at Prime Therapeutics. Safeguarding systems from unauthorized access and ensuring compliance with security standards.
Security Advisor
Security Advisor consulting on information security and compliance for higher education institutions. Assessing customer environments and providing recommendations for improvement.
Lead Manager, Security Governance, Risk & Compliance
Lead Manager in Security Governance, Risk & Compliance at Make-A-Wish America. Supporting GRC and managing risks to ensure compliance with regulations and standards.
Senior Director – Cyber Security Architecture and Engineering Services
Senior Director of Cybersecurity Architecture at U.S. Financial Technology leading cloud-based security initiatives. Ensuring compliance and enhancing efficiencies in cybersecurity architecture and engineering.
Information Security Engineer
Information Security Engineer responsible for optimizing security platforms at Deel's global remote environment. Leading cybersecurity initiatives and collaborating with teams worldwide.
Workday Security Administrator – Modernization Program
Workday Security Administrator managing security configuration and access controls for WVU. Collaborating across HR, Finance, and IT to ensure system integrity and compliance.
Security Engineer, Offensive Security
Security Engineer focusing on advanced vulnerability management and Pentesting as a service at Thrive. Collaborating with clients and ensuring high security standards while fostering trust in cybersecurity capabilities.
Cyber Security Expert – Senior Director/Analyst
Senior Director Analyst supporting national defense modernization and innovation through cybersecurity expertise. Analyzing global market trends and delivering actionable insights to executive clients.
Software Engineer – Product Security
Product Security Engineer developing and operating enterprise security controls. Collaborating with product teams at Allstate to enhance security practices.
Regional Channel Lead – Security & Identity
Channel Account Manager responsible for architecting partner ecosystems and driving revenue. Joining SecureW2's mission towards passwordless security solutions.
Senior Consultant, Penetration Testing
Senior Consultant in Penetration Testing for independent IT management and cybersecurity consultancy. Engaging in web and infrastructure penetration tests and improving client IT security.
Enterprise Account Executive, Cloud Security
Enterprise Account Executive at Foresite selling Google Cloud Security solutions. Collaborating with Google and security specialists to drive revenue growth in mid-market and enterprise accounts.
Cyber Security Engineer – Contract
Cyber Security Engineer responsible for security technologies and operational initiatives at Sunshine Enterprise. Implementing, integrating, and maintaining security technologies across a large-scale environment.
Cybersecurity Architect
Cybersecurity Architect embedding security into every phase of software development lifecycle for cloud infrastructure at Castille Resources Ltd. Designing and implementing security controls and a zero-trust environment.
Network Security Engineer
Security Engineer supporting enterprise security operations and enhancing overall security monitoring across a centralized environment. Focused on designing, tuning, and maintaining security detection rules.
Principal Consultant – Cyber/Physical Security
Principal Consultant leading Cyber-Physical Security for Bureau Veritas, offering consulting services in industrial sectors. Ensuring technical delivery excellence and guiding client engagements in cyber-physical security practices.
Lead II, Cybersecurity Defense
Cybersecurity Defense professional at Kyndryl focusing on incident response, threat hunting, and vulnerability management. Monitor infrastructure security and protect organizations from cyber threats in a supportive environment.
Director – Infrastructure Security
Director of Infrastructure Security at 1Password securing its cloud-native platform and leading a team of engineers. Responsible for setting security direction and ensuring scalable security across various systems.