Head of Security & Compliance

AerospikeMountain View, CA
Hybrid

About The Position

Aerospike is seeking a Head of Security & Compliance to mature and scale its existing security and compliance programs. This role is responsible for corporate security, product and application security, and compliance. The ideal candidate will build the internal program the business runs on, protect the company's systems and customer data, and serve as a technical authority for the board and customers. This is a ground-floor role with direct visibility to the executive team and board, offering opportunities for growth.

Requirements

  • 10-12 years in security roles, with deep, hands-on experience in corporate and product security.
  • 3-5 years managing a team.
  • Strategic thinker who is still comfortable doing the work directly given the team's current size.
  • Deep understanding of cloud security architecture and tooling, and familiarity with emerging AI-specific security risk.
  • Working fluency in compliance frameworks, particularly SOC 2 Type II, sufficient to hire, direct, and evaluate a compliance-focused direct report.
  • Experience presenting security posture and risk to a board or executive audience.
  • Track record of partnering with engineering and GTM teams as an enabler.

Nice To Haves

  • Experience at a B2B infrastructure or database company preferred, given the technical sophistication of our prospects and customers.

Responsibilities

  • Own endpoint, identity, and network security across a ~300-person, largely remote and hybrid organization.
  • Manage core security tooling, including SIEM, EDR, and identity and access management, and vendor relationships.
  • Run employee security awareness training and phishing simulation programs.
  • Identify and assess security risks within the organization in real time and implement security measures to mitigate risks.
  • Own incident response planning and execution for corporate systems, including business continuity and disaster recovery.
  • Define security policies, standards, and procedures aligned with business objectives and industry best practices.
  • Partner with engineering to ensure security is a natural part of the development process.
  • Own the secure development lifecycle for Aerospike's database and cloud products.
  • Manage third-party penetration testing and the vulnerability disclosure program.
  • Own vulnerability management and patching SLAs across the product line, including emerging risks specific to AI infrastructure workloads.
  • Own SOC 2 Type II and lead the path toward ISO 27001.
  • Respond to customer security questionnaires and support technical due diligence during enterprise procurement.
  • Conduct regular security assessments and internal/external audits to ensure compliance and effectiveness.
  • Own customer-facing incident communication and disclosure when a security event triggers contractual notification obligations.
  • Maintain the security portion of vendor risk assessments and data processing agreements.
  • Serve as the primary point of contact for customer security teams during the sales cycle.
  • Manage a team of security and compliance professionals, with a hiring plan tied to company growth.
  • Own a security risk register and risk appetite framework, and report posture, incident trends, and compliance status against it to executive leadership and the board.
  • Serve as the primary technical voice on security for executive leadership and customers during procurement.
  • Own the security budget and prioritize spend against risk.

Benefits

  • Health insurance
  • Dental insurance
  • Vision insurance
  • Life insurance
  • 401k
  • Paid holidays
  • Flexible scheduling
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service