Skip to content
ProtegeProtegeUnited States

Head of Security

Leads end-to-end security strategy, architecture, operations, and culture for AI training data platform. Builds compliance programs (SOC 2, HIPAA), secures data pipelines, conducts technical reviews, and fosters security-aware culture. Requires 8+ years security experience with 2+ in leadership.

Salary not listed
Remote8+ YOESecurity Engineering

About the role

What You’ll Do

Mature the Security & Compliance Program

  • Audit and improve the existing security program by identifying gaps, prioritizing improvements, and bringing more structure to what exists.
  • Formalize security policies and frameworks appropriate for our stage
  • Own and evolve our compliance posture. We have SOC 2 Type II in place and you'll maintain it, improve our controls, and provide automation wherever needed
  • Ensure compliance with HIPAA and other healthcare data regulations, and build a robust PHI protection program

Protect the Data Pipeline

  • Secure the end-to-end lifecycle of training data which includes ingestion, processing, storage, preparation, and delivery
  • Partner with engineering to embed security into CI/CD pipelines, cloud infrastructure, and data workflows

Be Technical and Hands-On

  • Conduct threat modeling, architecture reviews, and code-level security assessments
  • Lead incident response when things go wrong
  • Evaluate and deploy security tooling

Enable the Business

  • Translate security risks into business language for the executive team and board
  • Serve as the security face to customers, fielding security questionnaires, supporting sales cycles, and building trust with AI company partners and customers
  • Build a security-aware culture across the company through training and lightweight processes that don't slow teams down

Scale the Function

  • Decide what to build, what to buy, and what to outsource
  • Set the roadmap for how security evolves from Series A through a rapid growth stage

What You Bring

Must Haves

  • 8+ years in security roles, with at least 2 years in a leadership capacity
  • Deep technical foundation: you've worked as or alongside engineers and can credibly review architecture, infrastructure, and code
  • Experience building or significantly maturing a security program at an early-stage or high-growth company (not just maintaining one at a large enterprise)
  • Strong understanding of cloud security (AWS, GCP, or Azure), identity/access management, and data protection at scale
  • Hands-on experience with compliance frameworks (SOC 2, ISO 27001). You’ve maintained certifications and know how to expand scope without over-engineering the problem
  • Hands-on experience with HIPAA compliance
  • Comfort operating as an individual contributor and a leader simultaneously

Nice to Haves

  • Experience securing data pipelines or working with data-intensive platforms
  • Experience working in a data infrastructure company
  • Background in AI/ML or companies selling to technical buyers
  • Experience with data provenance, lineage tracking, or data governance in ML contexts
  • Familiarity with supply chain security
  • Prior experience as a customer-facing security leader

Skills

SOC 2ISO 27001HIPAAAWSGCPAzureCI/CDThreat ModelingIncident ResponseIdentity/Access ManagementData ProtectionCloud SecurityData PipelinesSupply Chain Security
GameChanger

Director, Information Security & Technology

GameChangerNew York, NY

Lead GameChanger's Information Security and IT Operations as Director. Own multi-year security strategy, lead multidisciplinary teams across product security, cloud/AI security, SecOps, GRC, and internal tech support. Partner with executive leadership and parent company DSG while building security culture. Requires 10+ years security experience including people management.

220k – 240k/yr
Remote10+ YOESecurity Engineering
Casca

Head of Security & Compliance

CascaSan Francisco, CA

Lead security and compliance for an AI-native banking startup. Build security tooling, manage a team of appsec engineers, own compliance (SOC 2, ISO 27001), and secure AI agent workflows.

200k – 255k/yr
On-site5+ YOESecurity Engineering
Harvey

Head of Security Engineering

HarveySan Francisco, CA +1

Lead and scale the security engineering organization, owning IAM strategy, security tooling, and foundational security platforms that enable rapid, secure product development.

285k – 350k/yr
Hybrid10+ YOESecurity Engineering
Fable Security

Head of IT & Information Security

Fable SecurityUnited States

Lead security, compliance, and IT functions including SOC 2, ISO 27001, privacy, risk management, and external industry presence. Requires 7+ years in security/compliance/IT with direct experience leading compliance programs.

160k – 225k/yr
Remote7+ YOESecurity Engineering
DuckDuckGo

Privacy Engineering Director

DuckDuckGoUnited States

Lead privacy engineering initiatives across private browsing, search, and agentic products. Own complex privacy projects from definition to delivery, evolve review processes, and grow privacy engineering talent.

244k – 244k/yr
Remote10+ YOESecurity Engineering