Field Chief Security Officer
Glean
Palo Alto, CA, USA
USD 260k-320k / year + Equity
Posted on Nov 26, 2025
About Glean:
Glean is the Work AI platform that helps everyone work smarter with AI. What began as the industry’s most advanced enterprise search has evolved into a full-scale Work AI ecosystem, powering intelligent Search, an AI Assistant, and scalable AI agents on one secure, open platform. With over 100 enterprise SaaS connectors, flexible LLM choice, and robust APIs, Glean gives organizations the infrastructure to govern, scale, and customize AI across their entire business - without vendor lock-in or costly implementation cycles.
At its core, Glean is redefining how enterprises find, use, and act on knowledge. Its Enterprise Graph and Personal Knowledge Graph map the relationships between people, content, and activity, delivering deeply personalized, context-aware responses for every employee. This foundation powers Glean’s agentic capabilities - AI agents that automate real work across teams by accessing the industry’s broadest range of data: enterprise and world, structured and unstructured, historical and real-time. The result: measurable business impact through faster onboarding, hours of productivity gained each week, and smarter, safer decisions at every level.Recognized by Fast Company as one of the World’s Most Innovative Companies (Top 10, 2025), by CNBC’s Disruptor 50, Bloomberg’s AI Startups to Watch (2026), Forbes AI 50, and Gartner’s Tech Innovators in Agentic AI, Glean continues to accelerate its global impact. With customers across 50+ industries and 1,000+ employees in more than 25 countries, we’re helping the world’s largest organizations make every employee AI-fluent, and turning the superintelligent enterprise from concept into reality.
If you’re excited to shape how the world works, you’ll help build systems used daily across Microsoft Teams, Zoom, ServiceNow, Zendesk, GitHub, and many more - deeply embedded where people get things done. You’ll ship agentic capabilities on an open, extensible stack, with the craft and care required for enterprise trust, as we bring Work AI to every employee, in every company.About the Role:
Glean is seeking a Field CSO to serve as Glean’s executive, customer‑facing security leader for prospects and customers. You will build trust with CISOs, CIOs, Chief Risk/Privacy Officers, and security architects by translating Glean’s security and AI governance model into their business, regulatory, and technical context. You’ll advise on secure deployments, accelerate security reviews (DPIAs/PIAs, vendor assessments), help remove risk blockers in complex deals, and become the voice of the field back to Product, Security, Legal, and GTM. This role is not our corporate CISO. It is an external‑facing, executive advisor role aimed at helping customers successfully operationalize Glean securely and at scale.
You will:
- Act as the primary executive security advisor for named strategic accounts, partnering with Sales, SE, and CS to shape security strategy, deployment patterns, and program design for Glean’s Work AI platform.
- Lead and expedite security due diligence: DPIAs/PIAs, vendor risk assessments, data flow documentation, LLM‑related risk mitigations, and control mapping to frameworks (e.g., SOC 2, ISO 27001, HIPAA, GDPR, FedRAMP‑adjacent asks, TX‑RAMP).
- Build compelling risk narratives and decision memos for C‑suite and Boards that connect security, privacy, and compliance outcomes to measurable business value and adoption.
- Serve as an executive “title match” in late‑stage cycles; join roadmap and architecture reviews to clear risk blockers and accelerate time‑to‑value.
- Security strategy, enablement, and thought leadership
- Publish and present Glean’s AI security and governance point of view (talks, webinars, whitepapers, playbooks), with pragmatic guidance on topics like single‑tenant SaaS, customer‑hosted deployments, data residency, encryption and key management, permissions mirroring, and agent guardrails.
- Develop reusable artifacts for the field: RFP/RFI security templates, reference architectures, policy/control mappings, DPIA/PIA kits, incident communications templates, SIEM export and audit logging guides.
- Partner with Glean Product, Security/Privacy, and Legal on “voice of customer” for features and policies (e.g., residency, SIEM/audit integrations, data lifecycle, model controls, red‑teaming, prompt‑injection defenses, allow/deny model policies).
- Customer outcomes and governance
- Co‑design adoption and governance programs with customer security, IT, data, and privacy teams, including role‑based access, retention, redaction, secrets and PII controls, and ongoing audit practices.
- Advise on AI governance operating models: risk tiering for use cases, human‑in‑the‑loop controls, evaluation gates, and production guardrails for agents and workflows.
- Establish success metrics tied to security and business value (e.g., security review cycle time, audit coverage, sensitive data exposure reduction, adoption growth in high‑risk teams).
- Internal collaboration
- Partner tightly with Sales Engineering, Customer Success, and Support to create repeatable guidance for regulated and complex environments.
- Inform roadmap priorities with field‑validated requirements for security posture (e.g., model hub control, connector scopes, data egress minimization, RBAC/ABAC, audit exports).
- 10+ years in information security with executive‑level customer engagement; former CISO/CSO, Deputy CISO, Security Architect/Strategist, or advisory CISO experience strongly preferred.
- Deep command of enterprise security and cloud/SaaS controls: identity/SSO, least‑privilege, encryption at rest/in transit, key management, audit logging/SIEM, data residency/sovereignty, and third‑party risk.
- Hands‑on familiarity with major frameworks and regulatory needs: SOC 2 Type II, ISO 27001, GDPR/DPAs, HIPAA, and public sector expectations (e.g., TX‑RAMP; familiarity with FedRAMP requirements helpful).
- Demonstrated experience guiding customers through DPIAs/PIAs, vendor assessments, and contractual security annexes; ability to compress complex risk into clear executive decisions.
- Practical understanding of AI/LLM security risks and mitigations: retrieval‑augmented generation (RAG) security, prompt injection defenses, jailbreak resistance, model access policies, and agent guardrails aligned to source permissions.
- Exceptional communication and storytelling skills with C‑suite and boards; proven impact in late‑stage deals and customer expansions.
- Credible thought leadership (talks, blogs, standards bodies, community contributions) and strong industry network among CISOs and security architects.
- Experience with single‑tenant SaaS and customer‑hosted deployment models; background working with GCP/AWS controls, privacy impact assessments, and regional hosting.
- Familiarity with data security posture management, sensitive data detection and remediation programs, and audit/reporting patterns for enterprise security teams.
- Relevant certifications (e.g., CISSP, CISM, CCSP, ISO 27001 Lead Implementer, CRISC). Equivalent experience will be considered.
Location:
- This role is remote
- Preferred locations in Palo Alto, San Francisco, Nashville, or New York City
The standard base salary range for this position is $260,000.00 - $320,000.00 annually. Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience. Certain roles may be eligible for variable compensation, equity, and benefits.
We offer a comprehensive benefits package including competitive compensation, Medical, Vision, and Dental coverage, generous time-off policy, and the opportunity to contribute to your 401k plan to support your long-term goals. When you join, you'll receive a home office improvement stipend, as well as an annual education and wellness stipends to support your growth and wellbeing. We foster a vibrant company culture through regular events, and provide healthy lunches daily to keep you fueled and focused.
We are a diverse bunch of people and we want to continue to attract and retain a diverse range of people into our organization. We're committed to an inclusive and diverse company. We do not discriminate based on gender, ethnicity, sexual orientation, religion, civil or family status, age, disability, or race.
#LI-REMOTE