Job Description
Eightfold was founded with a vision to solve for employment in our society. For decades, the connection between individuals and opportunities has been based on who they are and their network's strength vs. their potential. Eightfold leverages artificial intelligence to transform how to think about skills and capabilities for individuals and how jobs and career decisions are made. Eightfold offers the industry's first AI-powered Talent Intelligence Platform to transform how organizations plan, hire, develop and retain a diverse workforce, enabling individuals to transform their careers.
To date, Eightfold AI has received more than $410 million in funding and a valuation of over $2B from leading investors to further our mission of finding the right career for everyone in the world. If you are passionate about solving one of the most fundamental challenges of our society - employment, working on hard business problems, and being part of an amazing growth story - Eightfold is the place to be!
About the Role The Director/Sr. Director, Security & Compliance will own our company-wide and global security, risk management, and compliance programs. You will set the strategic vision, build and scale the team, and partner deeply across teams like Product, Engineering, Sales, and Customer Success to embed security and compliance as enablers of growth-not just as a cost center. You will also play a key role in sales motions and customer trust discussions with Fortune 500 and government customers.
Responsibilities - Develop and execute the long-term security and compliance strategy that aligns with our business goals, growth plans, global expansion, and enterprise/government customer requirements.
- Build, lead, and scale a high-performing security & compliance team (including GRC, security and enterprise risk management, audit readiness, vendor risk, incident response).
- Define and maintain security policies, standards, procedures, and controls (covering cloud/SaaS, infrastructure, endpoints, data, identity, third-party risk).
- Partner with Engineering/Product to embed "secure by design" and DevSecOps practices in the software development lifecycle (SDLC) and infrastructure deployment.
- Lead vendor and third-party risk management, including due diligence, audits, ongoing monitoring.
- Oversee enterprise-grade incident response, vulnerability management, threat intelligence, business continuity/disaster recovery, and crisis communications.
- Ensure compliance with relevant regulatory, contractual, and customer frameworks (e.g., SOC 2, ISO 27001, ISO 27701, ISO 42001, NIST CSF 2.0, FedRAMP, IL4, and government/acquisition requirements).
- Responsible for oversight and approval of the Eightfold SSP, SAP/SAR, POA&M, Continuous Monitoring, and security controls.
- Support and engage in sales and customer trust processes: respond to security questionnaires/RFPs, participate in customer audits or security reviews, present to management.
- Owns enterprise risk, and regular risk reporting including frequent communication with senior leadership on security posture, key metrics, risk thresholds, and risk mitigation priorities.
- Drive a culture of security awareness across the organization-training, communication, incident simulation, and cross-functional collaboration.
- Monitor emerging threats, technology trends, regulatory changes, and benchmark best practices-advise on their relevance and our posture.
Qualifications - 12+ years of progressive experience in information security, risk and compliance, including at least 4 years leading teams at a tech company and preferably with experience working in a fast-growth cloud-based startup.
- Prior experience in cloud operations, with enterprise and government customer engagements (including audits, security reviews, contractual commitments).
- Deep technical understanding of cloud platforms (AWS, Azure, GCP), SaaS application architectures, identity and access management, encryption/data protection, endpoint & network security, zero-trust models.
- Strong track record of leading audit/certification programs (e.g., SOC 2, ISO 27001, FedRAMP or similar) and managing regulatory/compliance risk in enterprise and/or public sector contexts.
- Excellent communication and stakeholder management skills-comfortable presenting to executives, customers, and technical teams.
- Ability to translate technical risk into business impact, and to integrate security/compliance into go-to-market and product strategies.
- Experience managing and building teams, budgeting, vendor selection/oversight, and setting metrics/roadmaps in a lean or scaling environment.
- Certifications such as CISSP, CISM, CCSP, or cloud security specialty are strongly preferred.
- Nice to Have: Experience with government acquisition/regulatory environments, global data privacy/regulation (e.g., GDPR, CCPA), and enterprise/government contract vehicles.
- Due to regulatory requirements and potential access to controlled information, this role requires U.S. Person Status (i.e. U.S. citizen, lawful permanent resident, refugee, or asylee).
We are a team of self-starters who excel in their fields. We believe in giving you responsibility, not a task. We want you to have ownership and pride in your work and see your work's positive impact on your colleagues, our customers, and the world. We believe in providing transparency and support so you can do the best work of your career.
Hybrid Work @ Eightfold: We embrace a hybrid work model that aims to boost collaboration, enhance our culture, and drive innovation through a blend of remote and in-person work. We are committed to creating a dynamic and flexible work environment that nurtures the collaborative spirit of our team. Starting May 1, 2025, employees residing near Santa Clara, California, will return to the office
three times a week. Employees residing near our London, Bangalore, and Noida offices will return to the office twice a week with the goal of transitioning to three times per week within the year.
Eightfold.ai provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran or disability status.
Experience our comprehensive benefits with family medical, vision and dental coverage, a competitive base salary, and eligibility for equity awards and discretionary bonuses or commissions.
Please note that this role is only available in our HQ office in Santa Clara, CA. This role is hybrid and requires at least 3x per week in office. *Please note this role is open to our HQ office in Santa Clara, CA and categorized as hybrid. The base salary range below is provided for pay transparency. Base pay is only one piece of our total compensation package as this role may be eligible for bonuses and equity awards. Compensation varies depending on a number of factors including qualifications, skills, competencies, and experience. Zone is determined by location.
Zone A (SF Bay Area): Base Salary Range: $200,000 to $325,000
**The compensation range above includes both Director and Sr. Director level**
Our customer stories-
Press-
Job Tags
Permanent employment, Contract work, Work at office, Remote work, Flexible hours,