Head of Information Security

Security at most companies is reactive. A checkbox for auditors. A speed bump for engineers. A department that says no. That's not what we're building.

Sendbird is the #1 CPaaS platform for in-app communications — an enterprise-grade infrastructure company that gives businesses the APIs and SDKs to embed real-time chat, voice, and video directly into their own products. Over 4,000 brands trust us. Seven billion messages flow through our platform every month. 300 million monthly active users.

We powered conversations for DoorDash, Match Group, Noom, Yahoo Sports, Rakuten, and thousands more. We were good at what we did. Really good.

So we asked what comes next. With decades of leadership in communications infrastructure, the answer was clear: AI. In February 2025, we launched our AI agent for enterprise CX. Later that year, we introduced Delight.ai — and the name says everything about what we believe. AI's real promise isn't efficiency. It isn't cost savings. It's restoring what customer experience lost somewhere along the way: the feeling of being understood, of being genuinely cared for. We don't want customers to feel satisfied. We want them to feel delighted.

Delight.ai is the AI concierge for customer experience. Most AI agents forget you the moment the conversation ends. Ours doesn't. Delight.ai builds memory over time, learns preferences, and connects context across every channel—chat, SMS, email, voice, WhatsApp—without losing the thread. We're building AI that makes customers feel understood, seen, and remembered.

We're an AI company handling enterprise-grade conversations at global scale, and our customers trust us with data that matters. That trust isn't a nice-to-have. It's a competitive differentiator. It's why DoorDash and Match Group chose us. It's why we've earned certifications that our competitors are still chasing.

Security here means being a partner to the business, not a blocker. It means building systems that scale as fast as we do. It means someone who understands that being a 24/7 global platform demands proactive security thinking—not just incident response. And it means someone who recognizes that AI doesn't just change our product—it changes the threat surface too.

We're not looking for someone who manages security from a distance. We're looking for a practitioner who rolls up their sleeves, builds programs that work well, and earns trust across the engineering org by being someone people want to work with.

This reports to the CFO. You'll lead a high-functioning, mature, and global team located in the United States and South Korea, with end-to-end accountability for Security, IT, and Compliance, ensuring these functions work in harmony to support our global scale.

You'll inherit a world-class program that's already SOC 2, HIPAA, ISO 27001, and ISO 42001 compliant. Your job is to take it further. You'll own Sendbird's comprehensive information security programs, manage and evolve our compliance frameworks, partner with engineering, and continuously build a security culture that's embedded in how we work — not bolted on as an afterthought. You'll champion defense-in-depth philosophy, ensuring a multi-layered approach to security that protects our customers, our data, and our reputation.

You'll also own global IT Operations — managing our IT infrastructure, networks, servers, and data, while supporting our expanding use of AI technology across internal systems and how we work. As the primary executive responsible for safeguarding our AI-first innovation, you'll scale our global internal business systems and maintain our position as the most trusted platform for the world's most demanding enterprises.

You'll lead the team, own how we secure our infrastructure, respond to incidents, and hold our position against an increasingly complex threat landscape. This is a hands-on builder role — not a talking-head role.

• You've built and run security programs at a B2B SaaS or cloud company—not just inherited them.
• You can walk an engineer through a threat model and walk a CFO through a risk summary—without losing either of them.
• You are well versed in compliance frameworks (ISO 27001, SOC 2, HIPAA, GDPR).
• You've managed or mentored a global security team and taken genuine pride in developing the people around you.
• You are organized and methodical with strong attention to detail and an ability to analyze and interpret information.
• You thrive in ambiguity and build structure where none existed.
• Your instinct when something goes wrong is to fix, document, and improve—not assign blame.
• You treat security as a conversation with the business, not a monologue at it.
• You've started using AI tools to work faster—and you're curious about what that means for the security programs you're building.

• 10+ years of combined experience across security management, IT operations, compliance, or consulting.
• 3+ years leading or managing a team including information security planning, scheduling, assignment, and monitoring of staff resources in an IT function.
• Hands-on experience with audit frameworks: ISO 27001, SOC 2, and/or HIPAA/GDPR.
• Background in global B2B technology, SaaS, or cloud-based businesses.
• Proven track record managing security incidents end-to-end.
• Strong understanding of security and compliance challenges unique to AI/LLMs.
• Bachelor's degree in Information Security, Computer Science, MIS, or related field.

• Maintain and continuously improve Sendbird's information security program—policies, processes, and controls that hold up under scrutiny.
• Drive continuous control monitoring to ensure we stay aligned with our chosen audit frameworks.
• Translate complex compliance requirements (HIPAA, GDPR, CCPA) into practical, actionable programs.
• Evaluate and adopt AI-powered security tooling to stay ahead of a threat landscape that's evolving faster than traditional defenses.

• Work directly with the CTO and engineering teams to embed security into the product development lifecycle, not just review it at the end.
• Raise risk awareness across business stakeholders without crying wolf or creating friction.
• Be the person other teams want to work with—because you solve problems, not just flag them.
• Work with senior leaders to ensure our data privacy protocols are appropriate with our use of AI tools.

• Manage and develop a global lean security team, making sure each hire reflects and advances the goals of the program.
• Be a player-coach—this isn't a delegator role. You're in the work.

• Establish and maintain incident response protocols that are fast, clear, and practiced—not just documented.
• Continuously strengthen the security posture of a platform that never sleeps.
• Turn every incident into a lesson. Turn every lesson into a control.

• Security certifications: CISM, CISA, CISSP, or equivalent.
• Experience at a global company operating across multiple time zones and regulatory environments.

We're a team of builders and thinkers that refuse to optimize for comfort. We're building the AI agent platform for customer experience—and we intend to own the category.

For cash compensation, we set standard ranges for all roles based on function, level, and geographic location. To determine our ranges, we utilize a variety of compensation data benchmarked against similar-stage growth companies. A reasonable estimate of the current salary range for this role is $280,000 – $320,000. This range is specific to the San Francisco Bay market. We consider several factors when making final compensation decisions including, but not limited to, skill sets, experience and training, licensure and certifications, and other business and organizational needs which may cause your specific offer to vary from the amount listed above.

We offer a flexible work schedule at Sendbird. We also value collaboration and relationship building. With those values in mind, we require all employees within an hour's commute range of their local office to gather with their team in the office three days per week as a minimum. Some of our roles require a more frequent in-office schedule. Please work with your manager to understand the office time requirements for your position.

There is no such thing as a perfect candidate and the best employees come from a wide range of backgrounds, experiences, and skill sets. Sendbird is a place where everyone can learn and grow. We respect, promote, and encourage diversity for equal employment opportunities and encourage you to apply if this role excites you.

Sendbird is building the AI workforce of tomorrow, and we hire that way too. Learn more about our interview process, how we evaluate candidates, and the role AI plays along the way.