Workstreet

Compensation

Full Description

Why This Role is Unique: Work directly with some of the most innovative unicorns as their trusted CISO. Dive deep into technical security challenges. Be the hands-on security expert that fast-growing companies desperately need, and put your fingerprint on rapidly expanding security programs. Shape security strategies for companies disrupting entire industries. Responsibilities: Hands-On Security Leadership: Embed directly with 7-10 high-growth clients as their fractional CISO, becoming an integral part of their leadership team. Roll up your sleeves to architect security solutions, analyze infrastructure, and configure security tools. Work side-by-side with client engineering teams to implement security controls. Be the go-to expert who can jump into Slack, customer calls, etc., and provide immediate security guidance. Collaborating with GTM teams to unblock deals because of security questionnaires. Direct Client Engagement: Build deep, trusted relationships with CTOs, VPs of Engineering, and founders. Participate in daily standups, sprint planning, and engineering discussions as needed. Provide real-time security guidance during product development and feature releases. Be available for impromptu security consultations and "quick questions" that prevent major issues. Serve as the calm, knowledgeable voice during security incidents and critical decisions. Compliance & Risk Management: Personally guide clients through SOC 2, ISO 27001, and other certifications/compliance frameworks. Write and review policies, create risk registers, and manage third-party risk for clients. Conduct hands-on gap assessments and build remediation roadmaps. Work directly with auditors, answering technical questions and providing evidence. Transform compliance from a checkbox exercise into meaningful security improvements. Security Engineering Support: Review infrastructure-as-code for security best practices. Analyze cloud configurations and recommend hardening measures. Evaluate and implement security tools, often doing the initial setup yourself. Create security runbooks and automation scripts. Provide code-level guidance on secure development practices. Must-Have Qualifications: 10+ years of hands-on information security experience with deep technical expertise, client-facing and/or consulting experience. Proven track record as a CISO or senior security leader at high-growth technology companies. Expertise in cloud security (AWS, Azure, GCP) with the ability to review Terraform/CloudFormation. Hands-on experience with security tools (SIEM, CSPM, vulnerability scanners, etc.). Deep understanding of modern development practices (CI/CD, containerization, Kubernetes). Experience working directly with engineering teams in fast-paced startup environments. Track record of implementing security programs at companies scaling from Series A to IPO. Excellent technical communication skills with the ability to explain complex issues clearly. Preferred Qualifications: Background in software engineering or DevOps before moving to security. Hands-on experience with security automation and infrastructure-as-code. Active in the security community (bug bounties, research, open source contributions). Professional certifications (CISSP, OSCP, AWS Security) backed by real-world experience. Workstreet Is An Equal Opportunity Employer As an equal opportunity employer, Workstreet is committed to providing employment opportunities to all individuals. All applicants for positions at Workstreet will be treated without regard to race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, or any other basis prohibited by applicable law.