Job Description

Chief Information Security Officer (CISO)

Join to apply for the Chief Information Security Officer (CISO) role at Demandbase .

Introduction

Demandbase is the only pipeline AI platform that empowers GTM teams to automate growth at scale. With a unified view of data, insights, actions, and outcomes, B2B enterprises can seamlessly align and execute their accountbased GTM strategies with confidence. Thousands of businesses trust Demandbase to maximize revenue, minimize waste, and consolidate their data and tech stacks all in one platform.

As a company, were as committed to growing careers as we are to building worldclass technology. We invest heavily in people, our culture, and the community around us. We have also continuously been recognized as One of The Best Places To Work in the San Francisco Bay Area by Fortune, and One of The 60 Best Companies To Sell For by Selling Power. Our offices are located in San Francisco, New York, Austin, Seattle, India, and the United Kingdom.

About The Role

Demandbase is seeking a forwardthinking Chief Information Security Officer to join our senior leadership team. Reporting to the CFO, this role serves as the strategic and operational leader of our global security programdriving enterprisewide security initiatives, leading worldclass talent, and safeguarding the integrity of our products, infrastructure, and data. You will be responsible for leading enterprisewide security, including product security, as well as IT.

You will shape and execute a modern security vision in alignment with our position as a categorydefining B2B marketing and advertising technology company. Were looking for an executive with deep expertise in cloudnative environments, SaaS security at scale, and a sharp eye for emerging threats and compliance challenges in 2025 and beyond.

This is a highly crossfunctional and visible rolecollaborating with engineering, legal, privacy, product, and infrastructure teams while serving as the public face of security to our customers and the broader community.

Responsibilities

• AI Productivity Strategy: Drive Demandbases AI productivity strategy by enabling responsible, highimpact adoption of AIpowered tools and platforms across the organization. Partner with crossfunctional leaders to ensure AI usage enhances efficiency, supports innovation, and aligns with security, privacy, and compliance standards.
• AI/ML Security Readiness: Anticipate and mitigate emerging risks related to AI and machine learning, including generative models, LLM usage, and automation platforms. Establish governance and technical controls to ensure safe AI adoption, protect model inputs and outputs, and maintain compliance with evolving AIrelated regulations and frameworks.
• Strategy & Execution: Develop and evolve a longterm, riskbased information security strategy that protects Demandbases digital assets, customer data, and IP across products and internal systems.
• Lead & Scale: Build, lead, and mentor a global, highperforming team of security experts across disciplines (engineering, operations, and risk). Foster a culture of innovation, accountability, and continuous improvement.
• Governance & Risk: Own the global information security governance framework and IT risk management programs. Establish and report on controls, policies, KP, and risk indicators for executive leadership and the Board.
• Cloud & Product Security: Partner with engineering and DevOps to embed security into the software development lifecycle (SDLC), CI/CD pipelines, and infrastructure. Ensure securebydesign practices for all cloudnative and customerfacing products.
• Compliance & Certifications: Partner with compliance on successful execution of global security and privacy frameworks, including SOC2, ISO27001, SOX, GDPR, CCPA, and AIspecific regulatory requirements such as the EU AI Act and NIST AIRMF.
• Privacy Collaboration: Work closely with Legal, Engineering, and Infrastructure teams to operationalize data privacy and securitybydesign principles across product and platform development.
• Executive & Customer Engagement: Act as a trusted advisor to executive leadership and a credible voice to customers, prospects, and external partners on all matters related to security, trust, and risk posture.
• Centralized Data Management: Lead centralized data management initiatives to ensure secure, compliant, and scalable handling of enterprise data across systems. Collaborate across teams to enable unified governance, improve data quality, and reduce risk exposure.
• Business Systems / Internal Tooling: Ensure strategic oversight of business systems and internal tooling, including securing critical platforms, managing thirdparty SaaS risk, and aligning internal tools with broader security and compliance goals.

Qualifications

• Leadership Experience: 12+ years in information security roles, with 5+ years at the VP/CISO level in SaaS or technologyforward companies. Proven success in leading security functions during phases of high growth and scaling.
• SaaS Security Expertise: Strong experience in securing multitenant SaaS applications running in public cloud environments (AWS, GCP, Azure), including demonstrated technical depth in public cloud architecture & best practices.
• Compliance Leadership: Track record of managing global compliance initiativesSOC2, ISO27001, SOX, GDPR, and emerging AI regulatory standards.
• Talent Builder: Demonstrated success in attracting, retaining, and developing top security talent in competitive markets.
• Product & Infrastructure Acumen: Deep understanding of secure software development practices, service ownership models, DevSecOps, and modern infrastructure security models (e.g., zero trust, SASE, identityfirst security).
• Vision + Execution: Ability to set strategy, define metrics, and lead daytoday execution with pragmatism and urgency.
• Champion for Excellence: Develop data, mechanisms, and relationships to drive individual accountability for engineering excellence and prudent risk management, in close collaboration with R&D leaders.
• Strong Communicator: Exceptional executive presence and public speaking skills; able to represent Demandbase with customers, partners, regulators, and at industry events.
• Preferred Certifications: CISSP, CCISO, or equivalent; additional certifications in risk, privacy (e.g., CIPP/US, CRISC), or cloud architecture & security (e.g., CCSK, CCSP) are a plus.

Benefits

Our benefits include options for up to 100% paid Medical and Vision premiums for employees, a flexible PTO policy, paid holidays, and access to mental health and wellness resources. We provide a 401(k) with pretax, aftertax, and Roth options, as well as shortterm/longterm disability, life insurance, and other great benefits.

Our Commitment to Diversity, Equity, and Inclusion at Demandbase

At Demandbase, we believe in creating a workplace culture that values and celebrates diversity in all its forms. We recognize that everyone brings unique experiences, perspectives, and identities to the table, and we are committed to building a community where everyone feels valued, respected, and supported. Discrimination of any kind is not tolerated, and we strive to ensure that every individual has an equal opportunity to succeed and grow regardless of gender identity, sexual orientation, disability, race, ethnicity, background, marital status, genetic information, education level, veteran status, national origin, or any other protected status. We do not automatically disqualify applicants with criminal records and will consider each applicant on a casebycase basis.

We recognize that not all candidates will have every skill or qualification listed in this job description. If you feel you have the level of experience to be successful in the role, we encourage you to apply!

We acknowledge that true diversity and inclusion requires ongoing effort, and we are committed to doing the work required to make our workplace a safe and equitable space for all. Join us in building a community where we can learn from each other, celebrate our differences, and work together.

Unsolicited Submissions

At Demandbase, we value thoughtful partnerships and direct connections with candidates. Were not accepting unsolicited resumes or outreach from thirdparty recruiting agencies. Any unsolicited submissions will not be reviewed, and no fees will be paid.

Job Tags

Similar Jobs