Chief Information Security Officer - CISO

About the position

As the Chief Information Security Officer (CISO) at Amplitude, you will be responsible for developing and executing the security vision, strategy, and programs that protect our organization's and our customers' data. This executive leadership role is critical to ensuring that we maintain strong security measures in a dynamic, fast-paced environment. You will serve as the company's top security and privacy expert, working closely with other executive team members to embed best-in-class security practices into Amplitude's products, services, and internal operations.

Responsibilities

• Develop, implement, and maintain a comprehensive security strategy aligned with Amplitude's business goals and risk tolerance.
• Provide thought leadership on emerging threats, compliance requirements, and industry best practices.
• Communicate effectively with the executive team and Board of Directors regarding security risks, plans, and performance.
• Oversee the identification, assessment, and mitigation of security risks across the organization and its product lines.
• Ensure compliance with relevant regulations (e.g., GDPR, SOC 2, ISO 27001, HIPAA) and customer contractual requirements.
• Establish policies and procedures to meet compliance and governance standards, including documentation and ongoing audits.
• Work closely with engineering, product, and IT teams to integrate security controls into Amplitude's products and internal infrastructure.
• Evaluate and adopt security tools and technologies to strengthen Amplitude's defense posture.
• Regularly review and update technical security solutions to address new threats and vulnerabilities.
• Oversee the development and execution of incident response plans and escalation procedures.
• Lead and coordinate investigations into security incidents, ensuring timely resolution and thorough post-incident reviews.
• Stay informed on emerging threats and share relevant intelligence with internal teams to proactively address new risks.
• Build and lead the Information Security team, attracting and retaining top security talent.
• Foster a high-performance culture with an emphasis on collaboration, communication, and professional development.
• Define key performance indicators (KPIs) to measure the team's success and continuously improve security outcomes.
• Champion a culture of security awareness across the organization.
• Develop and deliver training programs for employees, contractors, and partners to ensure a high level of security hygiene.
• Promote a 'security by design' mindset within product, engineering, and operations teams.

Requirements

• Bachelor's degree in Computer Science, Information Security, or a related field; Master's degree preferred.
• 10+ years of progressive experience in information security, with a proven track record of leadership at the executive level.
• Deep understanding of security technologies, protocols, and frameworks (e.g., encryption, SIEM, IDS/IPS, Zero Trust).
• Experience with Cloud Security (AWS, GCP, Azure) and containerized environments (Kubernetes, Docker).
• Familiarity with secure software development lifecycle (SDLC) and DevSecOps methodologies.
• Exceptional leadership and team-building skills, with the ability to inspire and manage a diverse security team.
• Excellent communication skills, able to articulate complex security issues and solutions to non-technical stakeholders.
• Demonstrated ability to influence senior leadership, drive consensus, and make informed decisions under pressure.
• Experience navigating compliance frameworks (e.g., SOC 2, ISO 27001, HIPAA, PCI-DSS, GDPR) and regulatory environments.
• Strong track record of implementing risk management strategies and achieving measurable security outcomes.

Nice-to-haves

• CISSP, CISM, CISA, or other relevant industry certifications.

Benefits

• Excellent medical, dental and vision insurance coverages, with 100% employer-paid premiums for employee medical, dental, vision on select plans.
• Flexible time off, paid holidays, and more.
• Generous stipends to spend on what matters most to you, whether that's wellness (monthly), commuter transit/parking (monthly), learning and development (quarterly), home office equipment (annual), and much more.
• Excellent Parental benefits including: 12-20 weeks of Paid Parental Leave, Carrot Fertility Benefits/Adoption/Surrogacy support, Back-up Child Care support.
• Mental health and wellness benefits including no cost employee access to Modern Health coaching & therapy Sessions and high quality physician office experience via One Medical membership (select U.S. locations only).
• Employee Stock Purchase Program (ESPP).