Chief Information Security Officer
Starburst
San Francisco, CA
Starburst is the data platform for analytics, applications, and AI, unifying data across clouds and on-premises to accelerate AI innovation. Organizations—from startups to Fortune 500 enterprises in 60+ countries—rely on Starburst for fast data access, seamless collaboration, and enterprise-grade governance on an open hybrid data lakehouse. Wherever data lives, Starburst unlocks its full potential, powering data and AI from development to deployment. By future-proofing data architecture, Starburst helps businesses fuel innovation with AI.
About the role
The Chief Information Security Officer (CISO) will be responsible for developing and leading Starburst’s information security strategy, ensuring the confidentiality, integrity, and availability of our platform, infrastructure, and customer data. This is an engineering-centric security leadership role, embedding security into the way we design, build, and deliver our products while also meeting the compliance and regulatory expectations of our enterprise and government customers.
The CISO will partner closely with engineering, product, sales, legal, and operations teams to integrate security into business operations and technology projects. They will be the executive face of security for customers, investors, and regulators, preparing Starburst for FedRAMP authorization and public-company-level security readiness.
As a Chief Information Security Officer at Starburst, you will:
• Strategic Leadership
o Define and execute a long-term, engineering-aligned security vision and strategy.
o Build and scale a security organization that proactively enables business growth.
• Engineering & Product Security
o Embed security into engineering processes (cloud architecture, DevSecOps, data governance, AI/ML feature security).
o Drive adoption of secure development lifecycle practices without slowing innovation velocity.
• Regulatory Compliance
o Lead Starburst’s compliance programs including FedRAMP, SOC 2, ISO 27001, GDPR, and other relevant standards.
o Ensure security controls meet the requirements of large enterprise and government customers.
• Operational Security
o Oversee Security Operations, Incident Response, Threat Detection, and Vulnerability Management.
o Manage Governance, Risk, and Compliance (GRC), vendor risk for 200+ partners, and mitigation of all tracked risks.
• Executive & Customer Engagement
o Serve as the security representative to enterprise customer CISOs, procurement teams, and boards.
o Support sales and customer success teams in closing and retaining high-value accounts.
• AI & Data Governance
o Define and lead AI security and governance initiatives to protect and monitor metadata and cached data.
o Establish guardrails for secure AI-powered features.
Some of the things we look for:
• 10+ years in information security leadership, ideally in high-growth SaaS or platform companies.
• Proven track record integrating security into engineering and product workflows.
• Experience with FedRAMP, SOC 2, ISO 27001, GDPR, and similar regulatory frameworks.
• Deep technical knowledge in cloud infrastructure security, encryption, identity, and AI/ML security.
• Excellent executive communication skills and presence; able to convey complex risks to non-technical audiences.
• Startup mindset: urgency, adaptability, ownership, and willingness to operate hands-on when needed.
Preferred Qualifications
• Prior experience as a CISO or senior security leader in a data platform or AI-driven product company.
• Background in data governance, privacy engineering, or secure multi-cloud deployments.
• Relevant security certifications (CISSP, CISM, CCSP).