Apply on Employer Site

Couchbase · 1 day ago

Chief Information Security Officer (CISO)

Santa Clara, CA

Full-time

Hybrid

Director/Executive

$217K/yr - $255K/yr

15+ years exp

Couchbase is leading the way with Capella, the developer data platform for critical applications in our AI world. The Chief Information Security Officer (CISO) will lead the global security strategy, define and implement the enterprise and product security posture, and ensure the protection of data and infrastructure across a hybrid SaaS and on-prem environment.

Big DataCloud Data ServicesDatabaseEnterprise Software

Growth Opportunities

H1B Sponsor Likely

Responsibilities

Enterprise strategic leader responsible for defining and executing Couchbase’s global information and cybersecurity strategy—building trust as the foundation for a database company powering mission-critical applications worldwide

Lead all aspects of security governance, architecture, operations, and incident response to safeguard our data platform, products, and cloud infrastructure

Champion a “secure-by-design” culture across engineering, cloud, and GTM functions—ensuring that security accelerates, rather than constrains, innovation

Partner with product and R&D teams to embed advanced security capabilities into Couchbase’s database, Capella cloud platform, and AI-driven initiatives

Modernize and simplify our security posture through automation, threat intelligence, and proactive risk management to support Couchbase’s ongoing digital and AI transformation

Collaborate with technology and business leaders to balance speed, trust, and compliance—integrating security into everything from software development lifecycles and infrastructure provisioning to data governance and vendor ecosystems

Develop, implement, and maintain an enterprise-wide information security strategy and governance framework aligned with organizational goals

Establish and maintain information security policies, standards, and procedures that support business continuity and risk management

Oversee enterprise-wide security risk management, including assessments, and mitigation plans

Ensure compliance with relevant information security frameworks and standards including but not limited to SOC 2, HIPAA, PCI DSS, ISO

Collaborate with Legal and Compliance on evolving data privacy regulations (GDPR, CCPA, etc.) and integrate privacy by design across systems and products

Direct day-to-day security operations, including monitoring, detection, and response to threats

Lead security incident response planning and execution, acting as the senior point of escalation during security incidents

Serve as the primary advisor to the executive team and Board on cybersecurity strategy, risk posture, and incident readiness

Drive the identification and remediation of security vulnerabilities within defined SLAs

Manage key performance metrics for security maturity, leveraging automation, analytics, and AI to drive continuous improvement across detection, response, and compliance

Review, refine and mature existing security processes and tools, including but not limited to SIEM, DLP, vulnerability management, email security, end point security, penetration testing, threat hunting, threat analysis, security monitoring, and security incident response

Oversee business continuity and disaster recovery planning, ensuring resilience across cloud and data center operations

Perform security software architecture review and integrate threat modeling and abuse cases into the SDLC; Advise and implement secure software architecture patterns

Assess and architect security for SaaS/Cloud applications across AWS, GCP and Azure

Drive the development and implementation of standard security review processes across the company that result in effective methods for reducing security risks before product releases

Integrate application security tools within existing development, build, and deployment processes

Oversee the execution of dynamic & static code scan reviews and run-time tests

Own and manage the bug bounty program

Assist with the planning and execution of application penetration tests

Interface and collaborate with Engineering, Cloud, and SOC teams during security incidents

Work with customers as needed, to explain or enhance any security policies or product related engineering

Drive the remediation of security vulnerabilities in the products within defined SLAs

Assist in completing RFP security questionnaires

Qualification

Cybersecurity strategyCloud securityRisk managementSecure coding principlesIncident responseGovernance frameworkSecurity operationsApplication securityIndustry certificationsCollaborative skillsGrowth mindset

Required

15+ years of progressive experience in information security, risk management, or IT leadership, including at least 5 years in a senior security leadership role

Proven track record leading enterprise-wide cybersecurity strategy and operations in a global, cloud-first technology company

Solid understanding of secure coding principles (e.g., OWASP Top10, OWASP SAMM) and Agile software development practices

Demonstrated experience with security in public cloud platforms (AWS, Azure, GCP), CNAPP (Sysdig, Wiz, etc), SAST, DAST, SCA, Networking (Firewalls, Switches, Access Points, etc.), Operating Systems (Linux, Mac, Windows), Secure Software Development, IAM, Key Management, Encryption, SIEM (Splunk, Rapid 7, Alienvault, etc.), DLP (Netskope, Checkpoint, Proofpoint, Symantec, etc), Email Security (Abnormal Security, Mimecast, etc.), and Endpoint Security (SentinelOne, CrowdStrike, etc.)

Strong background in application and product security, including secure software design, code analysis, penetration testing, and bug bounty management

Must have strong collaborative skills, a growth mindset, and a willingness to make tomorrow better than today

Bachelor's or Master's degree in Computer Science, Information Security, or related field

Preferred

Industry Certifications such as CISSP, CISM, CCISO are preferred

Benefits

Generous Time Off Program - Flexibility to care for you and your family

Wellness Benefits - A variety of world class medical plans to choose from, along with dental, vision, life insurance, and employee assistance programs

Financial Planning - Retirement program and Business Travel Insurance

Career Growth - Be valued, Create value approach

Fun Perks - An ergonomic and comfortable in-office / WFH setup. Food & Snacks for in-office employees.

And much more!

Company

Couchbase

Glassdoor4.3

Couchbase is a NoSQL cloud platform providing scalable data solutions for applications.

Founded in 2009

Santa Clara, California, USA

501-1000 employees

http://www.couchbase.com

H1B Sponsorship

Couchbase has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (14)

2024 (16)

2023 (16)

2022 (6)

2021 (12)

2020 (17)

Funding

Current Stage

Public Company

Total Funding

$251M

Key Investors

Irenic Capital ManagementGPI CapitalSorenson Capital

2025-06-20Acquired

2025-04-30Post Ipo Equity

2021-07-22IPO

Leadership Team

Matt McDonough

SVP, Product

Ravi Mayuram

SVP Products & Engineering

Recent News

Best Data Management Software, Vendors and Data Science Platforms

Data Management News for the Week of December 12; Updates from Dremio, IBM, Salesforce & More

2025-12-13

TechTarget

Couchbase adds agentic AI development suite to Capella DBaaS

2025-12-11

PR Newswire

Couchbase AI Services Put Enterprises in Control of Agentic AI

2025-12-10

Company data provided by crunchbase