Head of Information Security (Seattle)

Seattle, WA Open
Jobtailor is looking for Head of Information Security (Seattle) in Seattle, WA. This local job opportunity with ID 3753528815 is live since 2026-07-14 20:10:08.

Responsibilities
  • Own and scale the data security, compliance, and AI governance program for Humanly
  • Establish, maintain, and continuously improve the policies, procedures, and controls that protect the company and drive adoption across every function
  • Own the certification and audit roadmap and partner with engineering on secure SDLC, vulnerability management, and access governance
  • Design and run the security awareness program - onboarding, annual training, phishing simulations, and role-based training for engineers and high-risk functions
  • Own the security incident response plan and lead detection, containment, investigation, breach notification decisions, and post-incident review in partnership with legal
  • Maintain and regularly test business continuity and disaster recovery plans
  • Own the privacy program across GDPR, CCPA/CPRA, including data subject rights workflows, DPAs, and sub-processor disclosures
  • Build and operate the AI governance framework - model inventory, risk classification, review and approval, bias and fairness testing, and ongoing monitoring
  • Maintain an enterprise risk register covering security, AI, privacy, and third-party risk, and drive periodic assessments and remediation
  • Own the security and trust narrative for prospects and customers, leading responses to RFIs, RFPs, and security questionnaires alongside GTM
Requirements
  • 5+ years in information security
  • You've owned a compliance program end-to-end and not just contributed to one. You know what it takes to get to SOC 2, and what comes after
  • You've operated in a regulated environment (GDPR, CCPA, or similar) and understand privacy not as a legal checkbox but as a product and trust issue
  • Builder mindset. You can assess what's in place, decide what's worth keeping, and build what isn't there yet, without waiting for a team under you
  • Commercial orientation. You've sat in customer calls, answered security questionnaires, and know how to turn trust into a revenue lever rather than a deal blocker
  • AI governance experience, or strong familiarity with the emerging landscape. You understand the specific risks AI introduces in a data-sensitive product and have opinions on how to manage them
  • Tactical-to-strategic range. You can go from reviewing a vendor contract to advising leadership, and you're comfortable with both
  • AI fluency in your own work. You're already using AI tools to multiply your efforts, not just governing others' use of them
Hard Skills
  • information security
  • compliance program management
  • SOC 2
  • GDPR
  • CCPA
  • AI governance
  • vulnerability management
  • security incident response
  • business continuity planning
  • disaster recovery
Soft Skills
  • builder mindset
  • commercial orientation
  • tactical-to-strategic range
  • leadership
  • communication
  • problem-solving
  • collaboration
  • adaptability
  • critical thinking
  • customer engagement
#J-18808-Ljbffr

Required Skills