This position is open to candidates based in Israel or New York City. If you have previously applied for our NYC Director of Security Engineering role, there is no need to reapply.

About Pinecone

Pinecone is pioneering search and database technology that's revolutionizing how developers build search systems. Our managed vector database provides customers with easy-to-use capabilities that until now have only been in the hands of a few tech giants. The demand for vector databases is growing incredibly fast, and it shows in our user base. We have a large audience of ML engineers, software engineers, data scientists, and technical architects who are eager to build with our product.

Pinecone is a distributed team with clusters in New York, San Francisco, and Tel Aviv. You will be part of a world-class team from companies like Amazon, Google, Databricks, and Splunk. The company emerged from stealth in January 2021 with $10M in seed funding — led by the same legendary investor as Snowflake — followed by $28M Series A funding announced in March 2022 and $100 Series B funding announced in April 2023.

About the Role

As our first Director of Security, you will play a foundational role in helping us build Pinecone. You will be responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. Essentially, you will own all aspects of operating an advanced information security ecosystem and be responsible for protecting our products, systems, and customers. You will report directly to the VP of Finance & Ops.

In this role, you will:

• Develop and execute a comprehensive information security strategy and roadmap to ensure the confidentiality, integrity, and availability of our data, systems, and networks and reduce the risk of data breaches.
• Establish and maintain information security policies and procedures to ensure compliance with applicable laws, regulations and frameworks (e.g., GDPR, HIPAA, SOC 2).
• Conduct regular risk and vulnerability assessments to identify and mitigate security risks.
• Implement and manage security controls, technologies, and solutions to protect sensitive data and secure network infrastructure.
• Monitor, analyze and respond to security incidents and breaches (IR).
• Develop and deliver security awareness and training programs.
• Stay up to date with the latest industry trends, solutions and emerging threats.
• Collaborate with cross-functional teams (R&D, Legal, Product, Ops and Sales) to achieve a secure and compliant environment.
• Manage the company's IT.

We’re looking for someone with:

• 8+ years of experience in the space, including with:
• Security tools
• IT System administration (Windows, Mac and Linux).
• Networking
• 5+ years in a role similar to Director of Security or CISO.
• Experience in GCP, AWS or Azure Cloud Infrastructure as well as Kubernetes, Docker, and production environments.
• Bachelor's degree in technical fields (Master's degree is a plus).
• Relevant professional certifications such as CISS, CISM or similar.
• Extensive knowledge of security technologies and solutions, such as firewalls, intrusion detection/prevention systems, identity and access management, data encryption, etc.
• Experience in vulnerability management and mitigation.
• Inside-out understanding of cybersecurity concepts, technologies, best practices, and frameworks (e.g., ISO 27001, NIST SOC 2).
• Familiarity with regulatory requirements (e.g., GDPR, HIPAA, PCI DSS) and experience in ensuring compliance.
• Excellent leadership skills and extreme attention to detail.

You’ll be a good fit if you:

• Enjoy a fast-growth environment and taking on responsibility.
• Are a self-starter that shines when tasked with navigating ambiguous situations.
• Have a proven track record of driving cross-functional partnership.
• Are excited by the prospect of eventually growing and leading a team of your own.
• Care as much as we do about building a vibrant and healthy company.