Chief Information Security Officer

Supabase is an Open Source and fully remote company building developer tools for databases.

We are looking for an experienced Chief Information Security Officer (CISO) to lead and improve the security of our hosted cloud offering. We manage over 1 million Postgres databases for our users and are growing fast. We are custodians of user data and securing their data is fundamental in ensuring users continue to trust us.

You will be responsible for securing the Supabase Cloud offering. Here’s what you’ll be working on:

• Security engineering: improve the baseline security of our product suite by evaluating features from a security perspective and making security a core part of our software development lifecycle

• Security as a Product: Design and develop platform security features like user-configurable firewalls, audit logs, alerting mechanisms and other tools that empower users to manage their own security.

• Security Training: Strengthen the security culture in the company by running through attack simulations and workshops.

• Governance and compliance: Ensure compliance with laws, regulations, and frameworks such as GDPR, PCI DSS, SOC2 and HIPAA

• Incident response: Lead efforts to mitigate attacks on our platform and operationalize a robust security incident response plan.

• Security Automation: Streamline security processes by automating controls with tools like MDM, SIEM, and other tools.

• Be the security expert in conversations with key customers.

• Risk management: Identify and mitigate risks through risk assessments, audits and training sessions.

You are:

• Passionate about securing systems and building trust through robust security practices.

• Worked as a CISO or similar leadership role for 4+ years.

• Comfortable working in a fully remote environment and collaborating closely with engineers

• Skilled at scaling up security programs within B2B SaaS companies

• Experience working for developer tools or platform companies is a plus

• An excellent communicator to both technical and non-technical audiences

We offer:

• 100% remote work from anywhere in the world. No location-based adjustment to your salary.

• Autonomous work. We work collaboratively on projects, but you set your own pace.

• Health, Vision and Dental benefits. Supabase covers 100% of the cost for employees and 80% for dependants

• Generous Tech Allowance for any office setup you need

• Annual Education Allowance

• Annually run off-sites.

About the team

• We're a startup. It's unstructured.

• Collectively founded more than 30 startups.

• Globally distributed team with more than 30 different nationalities.

• We deeply believe in the efficacy of collaborative open source. We support existing communities and tools, rather than building "yet another xx".

• We "dogfood" everything. If you use it in your project, we use it in Supabase.

Process

• The entire process is fully remote and all communication will happen over email or via video chat.

• Once you've submitted your application, the team will review your submission and may reach out for a short screening interview over a video call.

• If you pass the screen you will be invited to up to four follow-up interviews.

• The calls:

  • usually take between 20-45 minutes each depending on the interviewer.

  • most of the time, are all 1:1.

  • will be with the founders, a member of either the growth or engineering team (depending on the role) and usually one other person from your immediate team or function.

• Once the interviews are over, the team will meet to discuss several roles and candidates and may:

  • ask one or two follow-up questions over email or a quick call.

  • go directly to making an offer.