cover image
Eightfold AI

Eightfold AI

eightfold.ai

1 Job

853 Employees

About the Company

Eightfold AI's market-leading Talent Intelligence Platform™ helps organizations retain top performers, upskill and reskill their workforce, and recruit talent efficiently. Eightfold's patented deep learning artificial intelligence platform is available in more than 155 countries and 24 languages, enabling cutting-edge enterprises to transform their talent into a competitive advantage.

For more information, please visit our website.

Listed Jobs

Company background Company brand
Company Name
Eightfold AI
Job Title
Director/Sr. Director, Security and Compliance
Job Description
**Job Title** Director/Senior Director, Security and Compliance **Role Summary** Lead enterprise‑wide security, risk management, and compliance programs for a fast‑growing AI‑powered talent platform. Develop strategy, build and scale a high‑performance team, embed secure‑by‑design into product and engineering, and ensure regulatory and vendor compliance while driving customer trust and sales enablement. **Expectations** - Own end‑to‑end security and compliance lifecycle across cloud, SaaS, data, identity, infrastructure, and third‑party risk. - Align security initiatives with business goals, global expansion, and enterprise/government customer requirements. - Deliver audit readiness for SOC 2, ISO 27001/27001, ISO 27701/42001, NIST CSF 2.0, FedRAMP, IL 4, and similar frameworks. - Partner with sales, product, engineering, and customer success on security messaging, RFPs, and audits. - Produce regular risk reports, metrics, and recommendations to senior leadership. **Key Responsibilities** 1. Design and execute long‑term security and compliance strategy. 2. Build, lead, and scale GRC, security operations, risk management, incident response, vendor risk, and audit readiness teams. 3. Define and maintain policies, procedures, and controls for cloud (AWS, Azure, GCP), SaaS, endpoints, data, IAM, and third‑party risk. 4. Collaborate with Engineering/Product on secure‑by‑design and DevSecOps practices across SDLC and infrastructure deployments. 5. Manage vendor risk due diligence, audits, and continuous monitoring. 6. Oversee incident response, vulnerability management, threat intelligence, business continuity, and crisis communications. 7. Ensure compliance with SOC 2, ISO 27001/28201, ISO 27701/42001, NIST CSF, FedRAMP, IL 4, and applicable government acquisition frameworks. 8. Lead enterprise risk reporting, risk metrics, and mitigation prioritization. 9. Drive organization-wide security awareness and training initiatives. 10. Monitor emerging threats, technology trends, regulatory changes and advise on posture adjustments. **Required Skills** - Extensive experience (12+ years) in information security, risk, compliance, and GRC. - Leadership of security/compliance teams in a cloud‑first tech startup, with proven ability to scale. - Deep knowledge of AWS, Azure, GCP, SaaS architectures, IAM, encryption, endpoint & network security, and zero‑trust design. - Proven audit and certification experience (SOC 2, ISO 27001/42001, FedRAMP, etc.) and regulatory risk management for enterprise/government clients. - Strong stakeholder management, executive communication, and ability to translate technical risk into business impact. - Experience in incident response, vulnerability management, threat intelligence, BCP/DR, and crisis communications. - Portfolio of vendor risk management, procurement, and budget stewardship. **Required Education & Certifications** - Bachelor’s degree in Computer Science, Information Security, Business, or related field (or equivalent experience). - Preferred certifications: CISSP, CISM, CCSP, or cloud‑security specialty (e.g., AWS Certified Security Specialty). - U.S. Person status required for regulatory compliance.
Santa clara, United states
Hybrid
Junior
05-02-2026