Aerospike

Head of Security & Compliance

Aerospike$300K — $350K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • 10-12 years of experience in security roles with hands-on expertise in corporate and product security
  • 3-5 years of team management experience, balancing strategic thinking with direct involvement
  • Deep understanding of cloud security architecture and related tooling
  • Familiarity with AI-specific security risks
  • Proficient in compliance frameworks, particularly SOC 2 Type II
  • Experience communicating security posture to executive audiences
  • History of collaboration with engineering and go-to-market teams

Responsibilities

  • Own and oversee corporate endpoint, identity, and network security for a 300-person remote organization
  • Manage security tools such as SIEM and EDR, including vendor relationships
  • Conduct employee security awareness training and phishing simulations
  • Identify and assess security risks in real-time and implement mitigation strategies
  • Define security policies aligned with business goals and best practices
  • Collaborate with engineering to integrate security in product development
  • Lead SOC 2 Type II compliance and prepare for ISO 27001
  • Manage customer security assessments and technical due diligence during procurement
  • Lead incident communication for security events impacting customers
  • Oversee a growing team of security and compliance professionals and manage the security budget

Benefits

  • Opportunity to play a pivotal role in maturing security programs
  • Direct visibility to executive leadership and board
  • Ground-floor role with growth potential as the company expands
  • Make a significant impact on customer trust and data security
  • Collaborative culture blending technology and human connection
Full Job Description
Aerospike runs mission-critical, real-time data infrastructure, which means security is core to what we deliver, not a layer on top of it. We're SOC 2 Type II certified today and are hiring a Head of Security & Compliance to mature and scale what's already in place: corporate security, product and application security, and the compliance program behind it. This person builds the internal program the business runs on, protects the company's systems and its customers' data, and stands as the technical authority both the board and our customers rely on. It's a ground-floor role with direct visibility to the executive team and board, and room to grow as the function and the company do. Key Responsibilities Corporate Security • Own endpoint, identity, and network security across a ~300-person, largely remote and hybrid organization • Manage core security tooling, including SIEM, EDR, and identity and access management, and the vendor relationships behind them • Run employee security awareness training and phishing simulation programs • Identify and assess security risks within the organization in real time and implement security measures to mitigate risks • Own incident response planning and execution for corporate systems, including business continuity and disaster recovery Product Security • Define security policies, standards, and procedures aligned with business objectives and industry best practices. • Partner with engineering in a way that keeps security a natural part of how engineering ships rather than a separate gate • Own the secure development lifecycle for Aerospike's database and cloud products • Manage third-party penetration testing and the vulnerability disclosure program • Own vulnerability management and patching SLAs across the product line, including emerging risks specific to AI infrastructure workloads Compliance and Governance • Own SOC 2 Type II and lead the path toward ISO 27001 as the sales pipeline requires it, hiring and managing a compliance lead to run the program day to day • Respond to customer security questionnaires and support technical due diligence during enterprise procurement • Conduct regular security assessments and internal/external audits to ensure compliance and effectiveness. • Own customer-facing incident communication and disclosure when a security event triggers contractual notification obligations • Maintain the security portion of vendor risk assessments and data processing agreements • Serve as the primary point of contact for customer security teams during the sales cycle Leadership • Manage a team of security and compliance professionals, with a hiring plan tied to company growth • Own a security risk register and risk appetite framework, and report posture, incident trends, and compliance status against it to executive leadership and the board • Serve as the primary technical voice on security for executive leadership and customers during procurement, translating risk into terms both audiences can act on • Own the security budget and prioritize spend against risk Requirements • 10-12 years in security roles, with deep, hands-on experience in corporate and product security, including 3-5 years managing a team; a strategic thinker who is still comfortable doing the work directly given the team's current size • Deep understanding of cloud security architecture and tooling, and familiarity with emerging AI-specific security risk • Working fluency in compliance frameworks, particularly SOC 2 Type II, sufficient to hire, direct, and evaluate a compliance-focused direct report • Experience presenting security posture and risk to a board or executive audience • Track record of partnering with engineering and GTM teams as an enabler • Experience at a B2B infrastructure or database company preferred, given the technical sophistication of our prospects and customers Join us at Aerospike and be part of a dynamic team that is shaping the future of data management. Salary Range for California Based Applicants: [$300,000 - $350,000 ](actual compensation will be determined based on experience, location, and other factors permitted by law) To keep our recruitment pipeline as high-performance as our database, Aerospike uses AI-driven tools to streamline resume reviews, scheduling, and communication. While we love smart tech, we value human connection even more. AI helps us optimize the process, but real people make 100% of the actual hiring decisions.

About Aerospike

Aerospike is a leading provider of high-performance, NoSQL database technology. The company's database platform is used by some of the world's largest enterprises to power mission-critical applications and services. Aerospike's patented Hybrid Memory Architecture? delivers the speed and scale required for real-time, data-intensive applications, while its patented Cross-Datacenter Replication? technology ensures data consistency and availability across multiple data centers. The company has received numerous awards for its innovative technology and has partnerships with major cloud providers and technology companies.
Learn more about Aerospike
Size
200 employees
Industry
Founded
2009

Similar Jobs

More Jobs at Aerospike

More Information Technology Jobs

Find similar Head of Security & Compliance jobs: