Head of Security & Compliance

AerospikeMountain View, CA
$300,000 - $350,000Hybrid

About The Position

Aerospike is seeking a Head of Security & Compliance to mature and scale its existing corporate security, product and application security, and compliance programs. This role is responsible for building the internal program the business runs on, protecting the company's systems and its customers' data, and serving as the technical authority for the board and customers. This is a ground-floor opportunity with direct visibility to the executive team and board, offering room for growth as the function and company expand.

Requirements

  • 10-12 years in security roles, with deep, hands-on experience in corporate and product security, including 3-5 years managing a team; a strategic thinker who is still comfortable doing the work directly given the team's current size.
  • Deep understanding of cloud security architecture and tooling, and familiarity with emerging AI-specific security risk.
  • Working fluency in compliance frameworks, particularly SOC 2 Type II, sufficient to hire, direct, and evaluate a compliance-focused direct report.
  • Experience presenting security posture and risk to a board or executive audience.
  • Track record of partnering with engineering and GTM teams as an enabler.

Nice To Haves

  • Experience at a B2B infrastructure or database company preferred, given the technical sophistication of our prospects and customers.

Responsibilities

  • Own endpoint, identity, and network security across a ~300-person, largely remote and hybrid organization.
  • Manage core security tooling, including SIEM, EDR, and identity and access management, and the vendor relationships behind them.
  • Run employee security awareness training and phishing simulation programs.
  • Identify and assess security risks within the organization in real time and implement security measures to mitigate risks.
  • Own incident response planning and execution for corporate systems, including business continuity and disaster recovery.
  • Define security policies, standards, and procedures aligned with business objectives and industry best practices.
  • Partner with engineering in a way that keeps security a natural part of how engineering ships rather than a separate gate.
  • Own the secure development lifecycle for Aerospike's database and cloud products.
  • Manage third-party penetration testing and the vulnerability disclosure program.
  • Own vulnerability management and patching SLAs across the product line, including emerging risks specific to AI infrastructure workloads.
  • Own SOC 2 Type II and lead the path toward ISO 27001 as the sales pipeline requires it, hiring and managing a compliance lead to run the program day to day.
  • Respond to customer security questionnaires and support technical due diligence during enterprise procurement.
  • Conduct regular security assessments and internal/external audits to ensure compliance and effectiveness.
  • Own customer-facing incident communication and disclosure when a security event triggers contractual notification obligations.
  • Maintain the security portion of vendor risk assessments and data processing agreements.
  • Serve as the primary point of contact for customer security teams during the sales cycle.
  • Manage a team of security and compliance professionals, with a hiring plan tied to company growth.
  • Own a security risk register and risk appetite framework, and report posture, incident trends, and compliance status against it to executive leadership and the board.
  • Serve as the primary technical voice on security for executive leadership and customers during procurement, translating risk into terms both audiences can act on.
  • Own the security budget and prioritize spend against risk.

Benefits

  • Salary Range for California Based Applicants: [$300,000 - $350,000 ]
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service