Couchbase
Chief Information Security Officer (CISO)
Join to apply for the
Chief Information Security Officer (CISO)
role at
Couchbase
As industries race to embrace AI, traditional database solutions fall short of rising demands for versatility, performance, and affordability. Couchbase is leading the way with Capella, the developer data platform for critical applications in our AI world. By uniting transactional, analytical, mobile, and AI workloads into a seamless, fully managed solution, Couchbase empowers developers and enterprises to build and scale applications with unmatched flexibility, performance, and cost-efficiency—from cloud to edge. Trusted by over 30% of the Fortune 100, Couchbase is unlocking innovation, accelerating AI transformation, and redefining customer experiences. Come join our mission.
The Role We are seeking an experienced and forward-thinking Chief Information Security Officer (CISO) to lead our global security strategy. The CISO will define, implement, and continuously evolve Couchbase’s enterprise and product security posture to protect our people, data, infrastructure, and customers across a hybrid SaaS and on-prem environment.
The ideal candidate is both a strategic thinker and hands‑on leader who thrives in a high‑growth, engineering‑driven organization and understands the unique challenges of securing distributed database and cloud services at scale. They work collaboratively across the company to champion a “security is everyone’s job” mindset and ensure that security solutions are robust, adaptable, and enable business growth.
Key Responsibilities Enterprise strategic leader responsible for defining and executing Couchbase’s global information and cybersecurity strategy—building trust as the foundation for a database company powering mission‑critical applications worldwide. Lead all aspects of security governance, architecture, operations, and incident response to safeguard our data platform, products, and cloud infrastructure.
Champion a “secure‑by‑design” culture across engineering, cloud, and GTM functions—ensuring that security accelerates, rather than constrains, innovation. Partner with product and R&D teams to embed advanced security capabilities into Couchbase’s database, Capella cloud platform, and AI‑driven initiatives. Modernize and simplify our security posture through automation, threat intelligence, and proactive risk management to support Couchbase’s ongoing digital and AI transformation.
Collaborate with technology and business leaders to balance speed, trust, and compliance—integrating security into everything from software development lifecycles and infrastructure provisioning to data governance and vendor ecosystems. The CISO will position Couchbase as one of the most secure, trusted, and innovation‑ready data platforms in the world.
Governance, Risk & Compliance
Develop, implement, and maintain an enterprise‑wide information security strategy and governance framework aligned with organizational goals.
Establish and maintain information security policies, standards, and procedures that support business continuity and risk management. This includes continuing to build and enhance governance, privacy, and security frameworks to encompass AI/ML workloads and data pipelines, ensuring responsible, compliant, and secure adoption of AI technologies across the enterprise.
Oversee enterprise‑wide security risk management, including assessments, and mitigation plans.
Ensure compliance with relevant information security frameworks and standards including but not limited to SOC 2, HIPAA, PCI DSS, ISO.
Collaborate with Legal and Compliance on evolving data privacy regulations (GDPR, CCPA, etc.) and integrate privacy by design across systems and products.
Security Operations
Direct day‑to‑day security operations, including monitoring, detection, and response to threats.
Lead security incident response planning and execution, acting as the senior point of escalation during security incidents.
Serve as the primary advisor to the executive team and Board on cybersecurity strategy, risk posture, and incident readiness.
Drive the identification and remediation of security vulnerabilities within defined SLAs.
Manage key performance metrics for security maturity, leveraging automation, analytics, and AI to drive continuous improvement across detection, response, and compliance.
Review, refine and mature existing security processes and tools, including SIEM, DLP, vulnerability management, email security, endpoint security, penetration testing, threat hunting, threat analysis, security monitoring, and security incident response.
Oversee business continuity and disaster recovery planning, ensuring resilience across cloud and data center operations.
Product Security
Perform security software architecture review and integrate threat modeling and abuse cases into the SDLC; advise and implement secure software architecture patterns.
Assess and architect security for SaaS/Cloud applications across AWS, GCP and Azure.
Drive the development and implementation of standard security review processes across the company that result in effective methods for reducing security risks before product releases.
Integrate application security tools within existing development, build, and deployment processes.
Oversee the execution of dynamic & static code scan reviews and run‑time tests.
Own and manage the bug bounty program.
Assist with the planning and execution of application penetration tests.
Interface and collaborate with Engineering, Cloud, and SOC teams during security incidents.
Work with customers as needed, to explain or enhance any security policies or product related engineering.
Drive the remediation of security vulnerabilities in the products within defined SLAs.
Assist in completing RFP security questionnaires.
Qualifications
15+ years of progressive experience in information security, risk management, or IT leadership, including at least 5 years in a senior security leadership role.
Proven track record leading enterprise‑wide cybersecurity strategy and operations in a global, cloud‑first technology company.
Solid understanding of secure coding principles (e.g., OWASP Top10, OWASP SAMM) and Agile software development practices.
Demonstrated experience with security in public cloud platforms (AWS, Azure, GCP), CNAPP (Sysdig, Wiz, etc), SAST, DAST, SCA, Networking (Firewalls, Switches, Access Points, etc), Operating Systems (Linux, Mac, Windows), Secure Software Development, IAM, Key Management, Encryption, SIEM (Splunk, Rapid 7, Alienvault, etc), DLP (Netskope, Checkpoint, Proofpoint, Symantec, etc), Email Security (Abnormal Security, Mimecast, etc), and Endpoint Security (SentinelOne, CrowdStrike, etc).
Strong background in application and product security, including secure software design, code analysis, penetration testing, and bug bounty management.
Must have strong collaborative skills, a growth mindset, and a willingness to make tomorrow better than today.
Industry Certifications such as CISSP, CISM, CCISO are preferred.
Bachelor’s or Master’s degree in Computer Science, Information Security, or related field.
Base Pay Range $217,000—$255,000 USD
At Couchbase, we believe innovation thrives when diverse perspectives are at the table. We actively encourage applications from individuals of all backgrounds—including women, people of color, LGBTQIA+ professionals, veterans, and individuals with disabilities. If you see a role that excites you, but don’t meet every qualification, we still encourage you to apply.
Studies show underrepresented talent is less likely to apply unless they meet all the criteria. We encourage you to apply if you’re excited about the role and can bring strong contributions to our team.
If you require reasonable accommodations during the recruitment process, please let your recruiter know—we’re happy to support you.
We value diverse educational and career backgrounds. If your experience aligns with the role’s goals—even if it doesn’t follow a traditional path—we’d love to hear from you.
Benefits
Generous Time Off Program - Flexibility to care for you and your family
Wellness Benefits - A variety of world‑class medical plans to choose from, along with dental, vision, life insurance, and employee assistance programs*
Financial Planning - RSU equity program*, ESPP program*, Retirement program* and Business Travel Insurance
Career Growth - Be valued, Create value approach
Fun Perks - An ergonomic and comfortable in‑office / WFH setup. Food & Snacks for in‑office employees.
And much more!
Note: some programs are not applicable to all countries. Please discuss with a Couchbase recruiter to learn more.
Disclaimer Couchbase is committed to being an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Join an impact initiative group and experience the amazing feeling of Couchbase can‑do culture.
#J-18808-Ljbffr
Chief Information Security Officer (CISO)
role at
Couchbase
As industries race to embrace AI, traditional database solutions fall short of rising demands for versatility, performance, and affordability. Couchbase is leading the way with Capella, the developer data platform for critical applications in our AI world. By uniting transactional, analytical, mobile, and AI workloads into a seamless, fully managed solution, Couchbase empowers developers and enterprises to build and scale applications with unmatched flexibility, performance, and cost-efficiency—from cloud to edge. Trusted by over 30% of the Fortune 100, Couchbase is unlocking innovation, accelerating AI transformation, and redefining customer experiences. Come join our mission.
The Role We are seeking an experienced and forward-thinking Chief Information Security Officer (CISO) to lead our global security strategy. The CISO will define, implement, and continuously evolve Couchbase’s enterprise and product security posture to protect our people, data, infrastructure, and customers across a hybrid SaaS and on-prem environment.
The ideal candidate is both a strategic thinker and hands‑on leader who thrives in a high‑growth, engineering‑driven organization and understands the unique challenges of securing distributed database and cloud services at scale. They work collaboratively across the company to champion a “security is everyone’s job” mindset and ensure that security solutions are robust, adaptable, and enable business growth.
Key Responsibilities Enterprise strategic leader responsible for defining and executing Couchbase’s global information and cybersecurity strategy—building trust as the foundation for a database company powering mission‑critical applications worldwide. Lead all aspects of security governance, architecture, operations, and incident response to safeguard our data platform, products, and cloud infrastructure.
Champion a “secure‑by‑design” culture across engineering, cloud, and GTM functions—ensuring that security accelerates, rather than constrains, innovation. Partner with product and R&D teams to embed advanced security capabilities into Couchbase’s database, Capella cloud platform, and AI‑driven initiatives. Modernize and simplify our security posture through automation, threat intelligence, and proactive risk management to support Couchbase’s ongoing digital and AI transformation.
Collaborate with technology and business leaders to balance speed, trust, and compliance—integrating security into everything from software development lifecycles and infrastructure provisioning to data governance and vendor ecosystems. The CISO will position Couchbase as one of the most secure, trusted, and innovation‑ready data platforms in the world.
Governance, Risk & Compliance
Develop, implement, and maintain an enterprise‑wide information security strategy and governance framework aligned with organizational goals.
Establish and maintain information security policies, standards, and procedures that support business continuity and risk management. This includes continuing to build and enhance governance, privacy, and security frameworks to encompass AI/ML workloads and data pipelines, ensuring responsible, compliant, and secure adoption of AI technologies across the enterprise.
Oversee enterprise‑wide security risk management, including assessments, and mitigation plans.
Ensure compliance with relevant information security frameworks and standards including but not limited to SOC 2, HIPAA, PCI DSS, ISO.
Collaborate with Legal and Compliance on evolving data privacy regulations (GDPR, CCPA, etc.) and integrate privacy by design across systems and products.
Security Operations
Direct day‑to‑day security operations, including monitoring, detection, and response to threats.
Lead security incident response planning and execution, acting as the senior point of escalation during security incidents.
Serve as the primary advisor to the executive team and Board on cybersecurity strategy, risk posture, and incident readiness.
Drive the identification and remediation of security vulnerabilities within defined SLAs.
Manage key performance metrics for security maturity, leveraging automation, analytics, and AI to drive continuous improvement across detection, response, and compliance.
Review, refine and mature existing security processes and tools, including SIEM, DLP, vulnerability management, email security, endpoint security, penetration testing, threat hunting, threat analysis, security monitoring, and security incident response.
Oversee business continuity and disaster recovery planning, ensuring resilience across cloud and data center operations.
Product Security
Perform security software architecture review and integrate threat modeling and abuse cases into the SDLC; advise and implement secure software architecture patterns.
Assess and architect security for SaaS/Cloud applications across AWS, GCP and Azure.
Drive the development and implementation of standard security review processes across the company that result in effective methods for reducing security risks before product releases.
Integrate application security tools within existing development, build, and deployment processes.
Oversee the execution of dynamic & static code scan reviews and run‑time tests.
Own and manage the bug bounty program.
Assist with the planning and execution of application penetration tests.
Interface and collaborate with Engineering, Cloud, and SOC teams during security incidents.
Work with customers as needed, to explain or enhance any security policies or product related engineering.
Drive the remediation of security vulnerabilities in the products within defined SLAs.
Assist in completing RFP security questionnaires.
Qualifications
15+ years of progressive experience in information security, risk management, or IT leadership, including at least 5 years in a senior security leadership role.
Proven track record leading enterprise‑wide cybersecurity strategy and operations in a global, cloud‑first technology company.
Solid understanding of secure coding principles (e.g., OWASP Top10, OWASP SAMM) and Agile software development practices.
Demonstrated experience with security in public cloud platforms (AWS, Azure, GCP), CNAPP (Sysdig, Wiz, etc), SAST, DAST, SCA, Networking (Firewalls, Switches, Access Points, etc), Operating Systems (Linux, Mac, Windows), Secure Software Development, IAM, Key Management, Encryption, SIEM (Splunk, Rapid 7, Alienvault, etc), DLP (Netskope, Checkpoint, Proofpoint, Symantec, etc), Email Security (Abnormal Security, Mimecast, etc), and Endpoint Security (SentinelOne, CrowdStrike, etc).
Strong background in application and product security, including secure software design, code analysis, penetration testing, and bug bounty management.
Must have strong collaborative skills, a growth mindset, and a willingness to make tomorrow better than today.
Industry Certifications such as CISSP, CISM, CCISO are preferred.
Bachelor’s or Master’s degree in Computer Science, Information Security, or related field.
Base Pay Range $217,000—$255,000 USD
At Couchbase, we believe innovation thrives when diverse perspectives are at the table. We actively encourage applications from individuals of all backgrounds—including women, people of color, LGBTQIA+ professionals, veterans, and individuals with disabilities. If you see a role that excites you, but don’t meet every qualification, we still encourage you to apply.
Studies show underrepresented talent is less likely to apply unless they meet all the criteria. We encourage you to apply if you’re excited about the role and can bring strong contributions to our team.
If you require reasonable accommodations during the recruitment process, please let your recruiter know—we’re happy to support you.
We value diverse educational and career backgrounds. If your experience aligns with the role’s goals—even if it doesn’t follow a traditional path—we’d love to hear from you.
Benefits
Generous Time Off Program - Flexibility to care for you and your family
Wellness Benefits - A variety of world‑class medical plans to choose from, along with dental, vision, life insurance, and employee assistance programs*
Financial Planning - RSU equity program*, ESPP program*, Retirement program* and Business Travel Insurance
Career Growth - Be valued, Create value approach
Fun Perks - An ergonomic and comfortable in‑office / WFH setup. Food & Snacks for in‑office employees.
And much more!
Note: some programs are not applicable to all countries. Please discuss with a Couchbase recruiter to learn more.
Disclaimer Couchbase is committed to being an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Join an impact initiative group and experience the amazing feeling of Couchbase can‑do culture.
#J-18808-Ljbffr