Chief Information Security Officer (CISO)

QualityAI•Santa Clara, CA

18d•$210,000 - $220,000•Onsite

About The Position

Qualitest is seeking a Chief Information Security Officer (CISO) to join their growing team. The CISO will be responsible for establishing, implementing, and maintaining the organization’s information security strategy. This role ensures the protection of company data, systems, and infrastructure against cyber threats while aligning security initiatives with business objectives. The CISO will directly own enterprise IT security, internal security operations, and overall cyber risk posture for the organization.

Requirements

Bachelor’s or Master’s degree in Computer Science, Information Security, or related field
15+ years of experience in information security, with 5+ years in leadership roles
Strong knowledge of cybersecurity frameworks and standards
Experience in risk management, compliance, and incident response

Nice To Haves

CISSP (Certified Information Systems Security Professional)
CISM (Certified Information Security Manager)
CISA, CEH, or equivalent.

Responsibilities

Develop and execute a comprehensive enterprise cybersecurity strategy
Align security initiatives with business goals and risk appetite
Advise executive leadership on security risks and mitigation plans
Extend the enterprise security strategy to include AI / Generative AI risk management, covering emerging areas like LLMs, agentic frameworks and intelligent automation systems
Incorporate evolving guidance from frameworks such as the NIST AI Risk Management Framework
Own and provide executive leadership for threat detection, incident response, and vulnerability management delivered through internal IT teams.
Conduct regular risk assessments and penetration testing
Establish disaster recovery and business continuity plans
Ensure compliance with industry standards and regulations (ISO 27001, NIST, GDPR, etc.)
Develop and enforce security policies, procedures, and controls
Lead internal and external security audits and remediation tracking
Oversee security architecture including IAM, SIEM, endpoint protection, and cloud security
Evaluate and implement security tools and technologies
Monitor emerging threats and adapt enterprise defenses accordingly
Promote a culture of security awareness across the organization
Conduct employee training and awareness programs
Collaborate with IT, legal, compliance, and business units to embed security across enterprise operations.
Act as the primary point of contact for security incidents
Report security posture to senior leadership
Lead enterprise security strategy for internal AI / Generative AI usage, including LLMs, AI-assisted tools, and automation platforms used across business functions, ensuring governance and risk oversight
Define and enforce AI governance policies for internal adoption, covering data usage, access control, model consumption, and third-party AI platforms
Align AI security posture with enterprise risk frameworks and regulatory standards (NIST AI RMF, ISO, GDPR, EU AI Act, etc.)
Establish and operationalize security guardrails for AI consumption, including prompt safety, input/output controls, access management, and secure integrations across enterprise systems
Monitor and mitigate AI-specific risks within enterprise usage, including prompt injection, data leakage, model misuse, bias exposure, and compliance violations
Lead security responses for RFPs, RFIs, and client due diligence processes.
Provide authoritative responses on AI security, data protection, and model risk
Support large deals through direct client interactions, security briefings, and trust discussions with client stakeholders
Advise clients on AI security, governance, and risk management best practices
Support client AI risk assessments and security evaluations
Develop reusable security artifacts (policies, whitepapers, AI risk frameworks) to support sales enablement and client assurance