Chief Information Security Officer (CISO)

Location: Remote (U.S. or Canada)

Type: US Applicants – Full-Time; Canadian Applicants – Independent Contractor

About Human Agency

We're scaling rapidly and have a growing pipeline of opportunities that demand exceptional talent across disciplines. Our mission is to bring on individuals, from creative producers to technical experts to entrepreneurial leaders, who can help us realize this next chapter of growth.

We are a company of doers. Leaders roll up their sleeves, teams work flat, and everyone contributes to what ships. Titles don't insulate us from feedback or basics. We invite critique, learn quickly, and keep raising the bar. The best ideas win here, no matter where they come from, because clients trust us to deliver the strongest outcomes every time.

Our clients' missions, products, and bottom lines are sacred. We immerse ourselves in their world, becoming stewards of their goals and partners in solving big problems. Every product, strategy, or asset we create must be both beautiful and functional; practical, usable, and designed for real-world impact.

Humans are our most valuable resource, and we only grow by hiring people who push us forward. Across strategy, engineering, design, data, and operations, we seek out teammates who raise the bar and make us better. Always hire up, never down.

We partner with organizations of all sizes to explore, design, and implement AI strategies that are secure, scalable, and human-centered. We believe AI should amplify human potential, not replace it, and we build with that conviction in every engagement. From advisory and tooling to implementation and education, we meet clients where they are and help them integrate AI in ways that align with their mission and values. Our goal is to empower teams to work smarter, move faster, and unlock new possibilities through thoughtful, responsible innovation.

And through it all, we lead with purpose, love, and adventure. We do meaningful work with people we care about, and we make the ride an adventure worth taking. Because at Human Agency, who we are and how we work are one and the same.

The Opportunity

This is not a traditional enterprise CISO role where you inherit a legacy infrastructure, manage a large team, and maintain the status quo. This is a hands-on, entrepreneurial builder role. You are joining at the frontier of AI security — designing systems that don't yet exist, solving problems the industry is only beginning to name, and treating security not as a cost center but as a strategic and commercial advantage.

We're deploying AI agents at scale across client environments, building our own AI-powered tools, and advising organizations on how to safely integrate autonomous systems into mission-critical workflows. That creates a unique security mandate: you must secure our internal operations, embed security directly into the AI products we build, and help clients deploy agents safely in regulated, high-stakes environments. You are architect, operator, and evangelist all at once.

You'll have the rare opportunity to shape how an entire category of technology gets secured. We're not asking you to retrofit old playbooks onto new problems — we're asking you to write the playbook. If you've been looking for a role where security is core to the product, where you can build things that matter, and where your work influences the broader conversation around AI safety and governance, this is it.

What You'll Own

Define and execute our security strategy from the ground up. You'll architect our internal security posture across infrastructure, data, and AI systems, establish governance models for how we deploy agents safely, and ensure we're prepared for compliance frameworks like SOC 2, ISO, and potentially FedRAMP as we scale into enterprise and government clients.

Build security into AI agent systems as a first-class product feature. You'll design guardrails, monitoring, and policy enforcement for autonomous agents — ensuring they operate within defined boundaries, audit their own actions, and surface anomalies in real time. This isn't theoretical; you'll implement these systems in production environments where they directly impact client outcomes.

Develop and potentially commercialize security products. The security tooling you build internally may become standalone offerings. You'll have the latitude to identify what's missing in the market, prototype solutions, and work with our product and engineering teams to turn internal infrastructure into revenue-generating products.

Lead incident response, threat modeling, and adversarial testing. You'll build and run red team exercises against our AI systems, model attack vectors that don't yet have names, and develop response frameworks for risks unique to agentic AI — things like prompt injection at scale, model extraction, or adversarial manipulation of agent behavior.

Serve as the public face of AI security for Human Agency. You'll represent us in client conversations, partner discussions, and industry forums. You'll publish, speak, and help shape the broader conversation around AI risk, alignment, and governance. If the industry doesn't yet have consensus on how to secure a given AI capability, you'll be one of the people defining it.

Deploy and operate security infrastructure hands-on. You'll implement zero-trust architectures, secure multi-agent systems, deploy monitoring and detection tools, and build secure data pipelines. This is not a role where you delegate all technical work — you write code, you configure systems, you debug in production when necessary.

Who You Are

Experience & Skills

• You've served as a CISO, VP of Security, or Head of Security at a high-growth tech company, ideally one building or deploying AI systems at scale.

• You have deep, hands-on experience securing AI and machine learning systems — not just theoretical knowledge, but real work protecting LLM architectures, model training pipelines, and inference infrastructure.

• You've built and operated cloud-native security programs across AWS, GCP, or Azure, including zero-trust frameworks, identity and access management, and secure multi-tenant architectures.

• You understand threat modeling and red teaming deeply, and you've led adversarial exercises against complex systems — ideally including AI-specific attack vectors like prompt injection, model inversion, or data poisoning.

• You've designed and implemented security monitoring, incident response, and compliance programs that scale — you know what good looks like at every stage from startup to enterprise readiness.

• You have a track record of building or contributing to security products, not just internal programs — something you shipped that customers used, or tooling that became infrastructure for others.

Mindset & Traits

• You think like a founder. You see security as a competitive advantage and a product opportunity, not just a compliance checkbox. You want to build things, not just manage them.

• You are comfortable with ambiguity and energized by unsolved problems. The fact that no one has secured autonomous AI agents at scale yet doesn't intimidate you — it excites you.

• You are product-minded and commercially aware. You understand that security decisions have business implications, and you can articulate trade-offs in language that non-security stakeholders understand and respect.

• You are technical enough to earn respect from engineers and pragmatic enough to earn trust from clients. You can debug a containerized agent deployment in the morning and present to a CFO in the afternoon.

• You are a teacher and a builder of institutional knowledge. You document what you learn, you share what you know, and you leave systems better than you found them.

• You care deeply about doing the right thing. You take security seriously because real people and real organizations depend on it, and you hold yourself to the highest standard even when no one is watching.

Equal Opportunity Commitment

Human Agency is an Equal Opportunity Employer. We value diverse perspectives and are committed to building inclusive, high-performing teams where everyone can do their best work.