Director of Database Security and Platform Protection

New York City

Applications have closed


Search through billions of items for similar matches to any object, in milliseconds. It’s the next generation of search, an API call away.

View company page

About Pinecone

Pinecone is pioneering a vector database to power modern AI/ML applications. We provide customers with capabilities that until now have only been in the hands of a few tech giants - such Google’s Search and Facebook’s feed ranking. Our team consists of multiple startup founders, including the core team that created Amazon SageMaker, and is backed by some of Silicon Valley’s prominent investors.

We value integrity, passion, pushing boundaries, real-world problem solving, and a sense of humor. We work in collaboration and encourage new ideas and initiatives.

About the Role:

As the Director of Database Security and Platform Protection at Pinecone, you will be passionate about safeguarding cutting-edge technology products, driving security initiatives, and fostering a security-conscious culture. You will lead and oversee a team responsible for safeguarding the organization's data assets, focusing on data and memory protection within the database environment. You will have broad experience solving complex and highly exposed cyber security issues, as well as leading teams across security disciplines including penetration testing, security operations, encryption, or identity and access management. They need a deep understanding of the inner workings of the security department’s software and how these applications are effective against external threats, both for Pinecone and our external customers. They are “the point of contact” for various external customers when it comes to information security matters. You will report to the VP of Engineering, and you will work closely with your counterparts in Finance, Product, and Sales.


  • Lead and drive the development of Pinecone security strategy, policies, and best practices.

  • Conduct thorough security assessments, including code reviews, vulnerability assessments, and penetration testing, to identify potential weaknesses and risks.

  • Develop and enforce data memory protection strategies to prevent memory-based vulnerabilities, buffer overflows, and injection attacks within the database systems.

  • Implement and manage memory protection mechanisms and secure coding practices.

  • Oversee encryption protocols for securing data at rest and in motion within the database systems.

  • Ensure that sensitive data is adequately protected when transferred to and from the database internally and externally.

  • Oversee network security measures, including firewall configurations, intrusion detection and prevention systems, VPNs, and network segmentation.

  • Ensure that network traffic is protected and secure, both internally and externally.

  • Collaborate with engineering teams to integrate security practices into the software development lifecycle, ensuring secure coding standards are followed.

  • Design, implement, and maintain advanced security features, such as encryption, authentication, access controls, and logging mechanisms.

  • Monitor and respond to security incidents and vulnerabilities, performing root cause analysis and recommending corrective actions.

  • Stay up-to-date with the latest security threats, vulnerabilities, and industry trends, and apply this knowledge to enhance's security posture.

  • Lead security training and awareness programs for engineering teams to promote a security-first mindset.

  • Collaborate with external partners and customers to address security concerns and provide guidance on secure implementation.


  • Bachelor's or higher degree in Computer Science, Information Security, or a related field.

  • Proven experience in a Director Security role with a track record of designing and implementing security solutions.

  • In-depth knowledge of database security, memory protection mechanisms, secure coding practices, encryption, and database access control.

  • Extensive experience in database security and platform security, with a strong focus on data memory protection.

  • In-depth understanding of application security, network security, cryptography, and secure coding practices.

  • Proficiency in programming languages such as Python, Java, or C++, and familiarity with web application frameworks.

  • Hands-on experience with security tools and technologies, including vulnerability scanners, intrusion detection/prevention systems, and SIEM solutions.

  • Strong knowledge of cloud security principles and practices, preferably in AWS or similar cloud platforms.

  • Industry certifications such as CISSP, CISM, or CEH are a plus.

  • Excellent problem-solving skills and the ability to think creatively to address complex security challenges.

  • Exceptional communication skills, both written and verbal, with the ability to convey technical concepts to non-technical stakeholders.

We will consider exceptional candidates for remote work outside our main locations

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Application security AWS C CEH CISM CISSP Cloud Computer Science Cryptography Encryption Finance Firewalls IAM Intrusion detection Java Network security Pentesting Python SDLC Security assessment Security strategy SIEM Strategy VPN Vulnerabilities

Perks/benefits: Startup environment

Region: North America
Country: United States
Job stats:  6  1  0
Category: Leadership Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.