Chief Information Security Officer (CISO) - Austin
About the role
This is not a traditional enterprise CISO role where you inherit a legacy infrastructure, manage a large team, and maintain the status quo. This is a hands-on, entrepreneurial builder role. You are joining at the frontier of AI security — designing systems that don't yet exist, solving problems the industry is only beginning to name, and treating security not as a cost center but as a strategic and commercial advantage.
Responsibilities
- Define and execute our security strategy from the ground up. Architect our internal security posture across infrastructure, data, and AI systems, establish governance models for how we deploy agents safely, and ensure we're prepared for compliance frameworks like SOC 2, ISO, and potentially FedRAMP as we scale into enterprise and government clients.
- Build security into AI agent systems as a first-class product feature. Design guardrails, monitoring, and policy enforcement for autonomous agents — ensuring they operate within defined boundaries, audit their own actions, and surface anomalies in real time. Implement these systems in production environments where they directly impact client outcomes.
- Develop and potentially commercialize security products. The security tooling you build internally may become standalone offerings. Identify what's missing in the market, prototype solutions, and work with our product and engineering teams to turn internal infrastructure into revenue-generating products.
- Lead incident response, threat modeling, and adversarial testing. Build and run red team exercises against our AI systems, model attack vectors that don't yet have names, and develop response frameworks for risks unique to agentic AI — things like prompt injection at scale, model extraction, or adversarial manipulation of agent behavior.
- Serve as the public face of AI security for Human Agency. Represent us in client conversations, partner discussions, and industry forums. Publish, speak, and help shape the broader conversation around AI risk, alignment, and governance. Define new security practices and standards for autonomous AI agents.
- Deploy and operate security infrastructure hands-on. Implement zero-trust architectures, secure multi-agent systems, deploy monitoring and detection tools, and build secure data pipelines. Write code, configure systems, and debug in production when necessary.
Requirements
- You've served as a CISO, VP of Security, or Head of Security at a high-growth tech company, ideally one building or deploying AI systems at scale.
- You have deep, hands-on experience securing AI and machine learning systems — not just theoretical knowledge, but real work protecting LLM architectures, model training pipelines, and inference infrastructure.
- You've built and operated cloud-native security programs across AWS, GCP, or Azure, including zero-trust frameworks, identity and access management, and secure multi-tenant architectures.
- You understand threat modeling and red teaming deeply, and you've led adversarial exercises against complex systems — ideally including AI-specific attack vectors like prompt injection, model inversion, or data poisoning.
- You've designed and implemented security monitoring, incident response, and compliance programs that scale — you know what good looks like at every stage from startup to enterprise readiness.
- You have a track record of building or contributing to security products, not just internal programs — something you shipped that customers used, or tooling that became infrastructure for others.
Qualifications
- Experience with cloud platforms such as AWS, GCP, or Azure.
- Hands-on experience with security tools and technologies relevant to AI and machine learning, such as intrusion detection systems, security orchestration and automation, and security analytics.
- Experience with security architecture and design, including zero-trust frameworks, identity and access management, and secure multi-tenant architectures.
- Experience with threat modeling and red teaming, including adversarial exercises against complex systems.
- Experience with security monitoring, incident response, and compliance programs that scale from startup to enterprise readiness.
- Experience with security product development and commercialization.
Skills
- Strong understanding of security principles and practices, particularly as they apply to AI and machine learning systems.
- Experience with cloud-native security programs and zero-trust frameworks.
- Deep understanding of threat modeling and red teaming, including adversarial exercises against complex systems.
- Experience with security monitoring, incident response, and compliance programs that scale from startup to enterprise readiness.
- Experience with security product development and commercialization.
Benefits
We offer a competitive compensation package, including a comprehensive benefits program that includes health insurance, retirement savings plans, and paid time off.
Pay
Compensation will be commensurate with experience and qualifications.
Schedule
The position is remote (U.S. or Canada).
Equal Opportunity Commitment
Human Agency is an Equal Opportunity Employer. We value diverse perspectives and are committed to building inclusive, high-performing teams where everyone can do their best work.