Chief Information Security Officer
TIDB
part-time
Posted on:
Location: California, Washington • 🇺🇸 United States
Visit company websiteJob Level
Lead
Tech Stack
CloudDistributed Systems
About the role
- Lead TiDB’s global information security strategy, risk management, and compliance program to protect products, infrastructure, customers, and employees
- Define, implement, and continuously evolve TiDB’s global information security strategy and roadmap
- Partner closely with product, sales, legal, and executive leadership to embed security across core products, SaaS/cloud offerings, and enterprise engagements
- Drive adoption of best practices in application security, data security, and infrastructure hardening
- Establish and maintain a comprehensive risk management framework aligned with ISO 27001, SOC 2, GDPR, CCPA, and other relevant standards
- Work with legal and compliance teams to monitor evolving regulations in key markets
- Engage directly with enterprise customers to build trust in TiDB’s security practices and support security-related GTM activities (sales calls, due diligence)
- Lead and support incident response and crisis management when necessary
Requirements
- Proven experience as a CISO or senior security leader in a high-growth B2B SaaS environment
- Proven experience leading security at a global SaaS, cloud infrastructure, or database company
- Strong understanding of cloud security, DevSecOps, zero trust architectures, and modern compliance frameworks
- Deep understanding of distributed systems, cloud-native architectures, and DevSecOps practices
- Strong knowledge of security frameworks and regulations (ISO 27001, SOC 2, NIST, GDPR, CCPA, etc.)
- Demonstrated ability to lead incident response and crisis management
- Exceptional communicator with executive presence; comfortable interfacing with CISOs, CIOs, and security decision-makers
- Experience supporting GTM motions, including joining sales calls, handling due diligence, and presenting to security-conscious enterprise buyers
- Fluent public speaker or participates actively in a public facing security community