Head of Security

Protege

About The Position

We are building Protege to solve the biggest unmet need in AI — getting access to the right training data. The process today is time intensive, incredibly expensive, and often ends in failure. The Protege platform facilitates the secure, efficient, and privacy-centric exchange of AI training data. Solving AI’s data problem is a generational opportunity. We’re backed by world-class investors and already powering partnerships with some of the most ambitious teams in AI. The company that succeeds will be one of the largest in AI — and in tech. We’re a lean, fast-moving, high-trust team of builders who are obsessed with velocity and impact. Our culture is built for people who thrive on ambiguity, own outcomes, and want to shape the future of data and AI. We're hiring our first Head of Security to own security end-to-end: strategy, architecture, operations, and culture. This is a hands-on leadership role and you won't have a large team beneath you (yet), so you need to be comfortable building the program from the ground up while still getting into the technical weeds. You'll report directly to the VP of Engineering and work closely with engineering, product, and legal. This is a high-impact role where you'll shape how we earn and keep the trust of AI companies and our data partners.

Requirements

8+ years in security roles, with at least 2 years in a leadership capacity
Deep technical foundation: you've worked as or alongside engineers and can credibly review architecture, infrastructure, and code
Experience building or significantly maturing a security program at an early-stage or high-growth company (not just maintaining one at a large enterprise)
Strong understanding of cloud security (AWS, GCP, or Azure), identity/access management, and data protection at scale
Hands-on experience with compliance frameworks (SOC 2, ISO 27001). You’ve maintained certifications and know how to expand scope without over-engineering the problem
Hands-on experience with HIPAA compliance
Comfort operating as an individual contributor and a leader simultaneously

Nice To Haves

Experience securing data pipelines or working with data-intensive platforms
Experience working in a data infrastructure company
Background in AI/ML or companies selling to technical buyers
Experience with data provenance, lineage tracking, or data governance in ML contexts
Familiarity with supply chain security
Prior experience as a customer-facing security leader

Responsibilities

Mature the Security & Compliance Program: Audit and improve the existing security program by identifying gaps, prioritizing improvements, and bringing more structure to what exists.
Formalize security policies and frameworks appropriate for our stage
Own and evolve our compliance posture. We have SOC 2 Type II in place and you'll maintain it, improve our controls, and provide automation wherever needed
Ensure compliance with HIPAA and other healthcare data regulations, and build a robust PHI protection program
Protect the Data Pipeline: Secure the end-to-end lifecycle of training data which includes ingestion, processing, storage, preparation, and delivery
Partner with engineering to embed security into CI/CD pipelines, cloud infrastructure, and data workflows
Be Technical and Hands-On: Conduct threat modeling, architecture reviews, and code-level security assessments
Lead incident response when things go wrong
Evaluate and deploy security tooling
Enable the Business: Translate security risks into business language for the executive team and board
Serve as the security face to customers, fielding security questionnaires, supporting sales cycles, and building trust with AI company partners and customers
Build a security-aware culture across the company through training and lightweight processes that don't slow teams down
Scale the Function: Decide what to build, what to buy, and what to outsource
Set the roadmap for how security evolves from Series A through a rapid growth stage