Chief Information Security Officer

The next frontier of AI begins with Centific

Centific is a Seattle-based tech company pioneering the future of AI one breakthrough at a time. Learn how we're transforming the world through safe and scalable AI and empowering businesses to unlock the full potential of their data.

Domain: AI Platform & Data Foundry | Sectors: Healthcare, Public Sector, Retail

Position Summary

The Chief Information Security Officer (CISO) is responsible for leading the security, privacy, and compliance strategy across a cutting-edge AI platform and data foundry product suite. This role is critical in ensuring secure AI development and deployment across regulated industries such as healthcare, public services, and retail, where data sensitivity, ethical AI use, and regulatory compliance are paramount.

Key Responsibilities

Security Strategy & Architecture

• Define and execute a comprehensive security strategy aligned with business goals, product architecture, and sector-specific regulatory requirements.
• Lead the design and implementation of secure-by-design principles across AI pipelines, including RAG, RLHF, HITL, and red teaming modules.

Governance & Risk Management

• Establish and maintain governance frameworks for AI model lifecycle management, including auditability, explainability, and safety scoring.
• Conduct regular risk assessments and threat modeling, particularly for AI-specific threats such as data poisoning and adversarial attacks.

Incident Response & Resilience

• Develop and lead the enterprise-wide incident response program, including detection, containment, investigation, and recovery.
• Coordinate cross-functional response to security incidents and ensure continuous improvement through post-incident reviews and simulations.

Compliance & Regulatory Alignment

• Ensure compliance with global and sector-specific regulations, including HIPAA, HITECH, GDPR, CCPA, PCI-DSS, FedRAMP, and the EU AI Act.
• Lead certification and audit readiness efforts (e.g., ISO 27001, SOC 2, HITRUST).

Sector-Specific Security Oversight

• Healthcare: Secure PHI/PII in AI-driven diagnostics, imaging, and patient engagement systems.
• Public Sector: Align with NIST 800-53 and FedRAMP for civic AI deployments and law enforcement use cases.
• Retail: Protect customer data used in personalization, sentiment analysis, and recommendation engines.

Security Awareness & Culture

• Champion a security-first culture through training, awareness campaigns, and executive engagement.
• Develop role-based security education programs tailored to engineering, product, and business teams.

Customer & Partner Trust

• Serve as the executive voice on security in customer engagements, RFPs, and co-sell partnerships.
• Lead responses to customer security questionnaires and ensure transparency in data handling practices.

Operational Excellence

• Build and manage a centralized Command Control Center for real-time monitoring of AI systems, infrastructure, and compliance metrics.
• Continuously improve security operations through automation, analytics, and threat intelligence integration.

Qualifications

• 10+ years in cybersecurity leadership, with 3+ years in AI/ML or data platform environments.
• Proven experience securing AI systems in healthcare, public sector, or retail domains.
• Deep understanding of cloud-native architectures (AWS, Azure, GCP), DevSecOps, and infrastructure-as-code.
• Strong knowledge of regulatory frameworks: HIPAA, GDPR, CCPA, NIST, FedRAMP, PCI-DSS.
• Certifications such as CISSP, CISM, CCSP, or emerging AI governance credentials are preferred.

Preferred Attributes

• Experience with AI-specific compliance frameworks and ethical AI principles.
• Familiarity with data marketplaces, synthetic data generation, and human-in-the-loop (HITL) systems.
• Ability to influence executive stakeholders and shape product security strategy in a fast-paced, innovation-driven environment.