Director of Database Security and Platform Protection
New York City
PineconeSearch through billions of items for similar matches to any object, in milliseconds. It’s the next generation of search, an API call away.
Pinecone is pioneering a vector database to power modern AI/ML applications. We provide customers with capabilities that until now have only been in the hands of a few tech giants - such Google’s Search and Facebook’s feed ranking. Our team consists of multiple startup founders, including the core team that created Amazon SageMaker, and is backed by some of Silicon Valley’s prominent investors.
We value integrity, passion, pushing boundaries, real-world problem solving, and a sense of humor. We work in collaboration and encourage new ideas and initiatives.
About the Role:
As the Director of Database Security and Platform Protection at Pinecone, you will be passionate about safeguarding cutting-edge technology products, driving security initiatives, and fostering a security-conscious culture. You will lead and oversee a team responsible for safeguarding the organization's data assets, focusing on data and memory protection within the database environment. You will have broad experience solving complex and highly exposed cyber security issues, as well as leading teams across security disciplines including penetration testing, security operations, encryption, or identity and access management. They need a deep understanding of the inner workings of the security department’s software and how these applications are effective against external threats, both for Pinecone and our external customers. They are “the point of contact” for various external customers when it comes to information security matters. You will report to the VP of Engineering, and you will work closely with your counterparts in Finance, Product, and Sales.
Lead and drive the development of Pinecone security strategy, policies, and best practices.
Conduct thorough security assessments, including code reviews, vulnerability assessments, and penetration testing, to identify potential weaknesses and risks.
Develop and enforce data memory protection strategies to prevent memory-based vulnerabilities, buffer overflows, and injection attacks within the database systems.
Implement and manage memory protection mechanisms and secure coding practices.
Oversee encryption protocols for securing data at rest and in motion within the database systems.
Ensure that sensitive data is adequately protected when transferred to and from the database internally and externally.
Oversee network security measures, including firewall configurations, intrusion detection and prevention systems, VPNs, and network segmentation.
Ensure that network traffic is protected and secure, both internally and externally.
Collaborate with engineering teams to integrate security practices into the software development lifecycle, ensuring secure coding standards are followed.
Design, implement, and maintain advanced security features, such as encryption, authentication, access controls, and logging mechanisms.
Monitor and respond to security incidents and vulnerabilities, performing root cause analysis and recommending corrective actions.
Stay up-to-date with the latest security threats, vulnerabilities, and industry trends, and apply this knowledge to enhance Pinecone.io's security posture.
Lead security training and awareness programs for engineering teams to promote a security-first mindset.
Collaborate with external partners and customers to address security concerns and provide guidance on secure implementation.
Bachelor's or higher degree in Computer Science, Information Security, or a related field.
Proven experience in a Director Security role with a track record of designing and implementing security solutions.
In-depth knowledge of database security, memory protection mechanisms, secure coding practices, encryption, and database access control.
Extensive experience in database security and platform security, with a strong focus on data memory protection.
In-depth understanding of application security, network security, cryptography, and secure coding practices.
Proficiency in programming languages such as Python, Java, or C++, and familiarity with web application frameworks.
Hands-on experience with security tools and technologies, including vulnerability scanners, intrusion detection/prevention systems, and SIEM solutions.
Strong knowledge of cloud security principles and practices, preferably in AWS or similar cloud platforms.
Industry certifications such as CISSP, CISM, or CEH are a plus.
Excellent problem-solving skills and the ability to think creatively to address complex security challenges.
Exceptional communication skills, both written and verbal, with the ability to convey technical concepts to non-technical stakeholders.
We will consider exceptional candidates for remote work outside our main locations
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security AWS C CEH CISM CISSP Cloud Computer Science Cryptography Encryption Finance Firewalls IAM Intrusion detection Java Network security Pentesting Python SDLC Security assessment Security strategy SIEM Strategy VPN Vulnerabilities
Perks/benefits: Startup environment
More jobs like this
New York City New York City Full TimeExecutive Executive-levelUSD 289K - 353K USD 289K+
Federal Reserve System
Program Director, Cybersecurity Risk and PolicyBanking Clearance Compliance Privacy Security Clearance Strategy
401(k) matching Career development Flex hours Flex vacation Health care +5
San Francisco, CA, United … San Francisco, CA, United States Full TimeExecutive Executive-levelUSD 269K - 329K USD 269K+
Head of Compliance, Emerging BusinessesAnalytics Banking Blockchain C Compliance Crypto +4
Career development Equity Flex hours Flexible spending account Flex vacation +7
., ., United States ., ., United States Full TimeExecutive Executive-levelUSD 48K - 90K * USD 48K+ *
Insider Threat Director - 100% US REMOTE ONLYAnalytics Compliance Governance Incident response Monitoring Risk assessment +3
401(k) matching Career development Competitive pay Equity Flex hours +5
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open o365 Security Architect jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Product Security Engineer jobs
- Open Security Researcher jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open CISM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open EDR-related jobs