Chief Information Security Officer

Chief Information Security Officer (CISO)
Join to apply for the Chief Information Security Officer (CISO) role at Couchbase
As industries race to embrace AI, traditional database solutions fall short of rising demands for versatility, performance, and affordability. Couchbase is leading the way with Capella, the developer data platform for critical applications in our AI world. By uniting transactional, analytical, mobile, and AI workloads into a seamless, fully managed solution, Couchbase empowers developers and enterprises to build and scale applications with unmatched flexibility, performance, and cost-efficiencyfrom cloud to edge. Trusted by over 30% of the Fortune 100, Couchbase is unlocking innovation, accelerating AI transformation, and redefining customer experiences. We are seeking an experienced and forward-thinking Chief Information Security Officer (CISO) to lead our global security strategy. The CISO will define, implement, and continuously evolve Couchbase's enterprise and product security posture to protect our people, data, infrastructure, and customers across a hybrid SaaS and on-prem environment.
The ideal candidate is both a strategic thinker and handson leader who thrives in a highgrowth, engineeringdriven organization and understands the unique challenges of securing distributed database and cloud services at scale. Enterprise strategic leader responsible for defining and executing Couchbase's global information and cybersecurity strategybuilding trust as the foundation for a database company powering mission-critical applications worldwide. Lead all aspects of security governance, architecture, operations, and incident response to safeguard our data platform, products, and cloud infrastructure.
Champion a secure-by-design culture across engineering, cloud, and GTM functionsensuring that security accelerates, rather than constrains, innovation. Partner with product and R&D teams to embed advanced security capabilities into Couchbase's database, Capella cloud platform, and AIdriven initiatives. Modernize and simplify our security posture through automation, threat intelligence, and proactive risk management to support Couchbase's ongoing digital and AI transformation.
Collaborate with technology and business leaders to balance speed, trust, and complianceintegrating security into everything from software development lifecycles and infrastructure provisioning to data governance and vendor ecosystems. The CISO will position Couchbase as one of the most secure, trusted, and innovationready data platforms in the world.
Governance, Risk & Compliance
Develop, implement, and maintain an enterprise-wide information security strategy and governance framework aligned with organizational goals.
Establish and maintain information security policies, standards, and procedures that support business continuity and risk management. This includes continuing to build and enhance governance, privacy, and security frameworks to encompass AI/ML workloads and data pipelines, ensuring responsible, compliant, and secure adoption of AI technologies across the enterprise.
Oversee enterprise-wide security risk management, including assessments, and mitigation plans.
Ensure compliance with relevant information security frameworks and standards including but not limited to SOC2, HIPAA, PCIDSS, ISO.
Collaborate with Legal and Compliance on evolving data privacy regulations (GDPR, CCPA, etc.) Security Operations
Direct day-to-day security operations, including monitoring, detection, and response to threats.
Lead security incident response planning and execution, acting as the senior point of escalation during security incidents.
Serve as the primary advisor to the executive team and Board on cybersecurity strategy, risk posture, and incident readiness.
Manage key performance metrics for security maturity, leveraging automation, analytics, and AI to drive continuous improvement across detection, response, and compliance.
Review, refine and mature existing security processes and tools, including SIEM, DLP, vulnerability management, email security, endpoint security, penetration testing, threat hunting, threat analysis, security monitoring, and security incident response.
Oversee business continuity and disaster recovery planning, ensuring resilience across cloud and data center operations.
Perform security software architecture review and integrate threat modeling and abuse cases into the SDLC; advise and implement secure software architecture patterns.
Assess and architect security for SaaS/Cloud applications across AWS, GCP and Azure.
Drive the development and implementation of standard security review processes across the company that result in effective methods for reducing security risks before product releases.
Integrate application security tools within existing development, build, and deployment processes.
Assist with the planning and execution of application penetration tests.
Interface and collaborate with Engineering, Cloud, and SOC teams during security incidents.
Work with customers as needed, to explain or enhance any security policies or product related engineering.
15+ years of progressive experience in information security, risk management, or IT leadership, including at least 5 years in a senior security leadership role.
Proven track record leading enterprise-wide cybersecurity strategy and operations in a global, cloudfirst technology company.
Solid understanding of secure coding principles (e.g., OWASP Top10, OWASP SAMM) and Agile software development practices.
Demonstrated experience with security in public cloud platforms (AWS, Azure, GCP), CNAPP (Sysdig, Wiz, etc), SAST, DAST, SCA, Networking (Firewalls, Switches, Access Points, etc), Operating Systems (Linux, Mac, Windows), Secure Software Development, IAM, Key Management, Encryption, SIEM (Splunk, Rapid7, Alienvault, etc), DLP (Netskope, Checkpoint, Proofpoint, Symantec, etc), Email Security (Abnormal Security, Mimecast, etc), and Endpoint Security (SentinelOne, CrowdStrike, etc).
Strong background in application and product security, including secure software design, code analysis, penetration testing, and bug bounty management.
Bachelor's or Master's degree in Computer Science, Information Security, or related field.
We actively encourage applications from individuals of all backgroundsincluding women, people of color, LGBTQIA+ professionals, veterans, and individuals with disabilities. Wellness Benefits - A variety of worldclass medical plans to choose from, along with dental, vision, life insurance, and employee assistance programs
Financial Planning - RSU equity program , ESPP program , Retirement program
~ and Business Travel Insurance

Fun Perks - An ergonomic and comfortable inoffice / WFH setup. Food & Snacks for inoffice employees.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Join an impact initiative group and experience the amazing feeling of Couchbase cando culture.