Skip to main content
G

Chief Information Security Officer (CISO)

Groq

Location

Remote

Salary

Not specified

Type

fulltime

Posted

Today

via linkedin

Job Description

Responsibilities \& Opportunities In This Role

This is not a policy role. Groq's CISO is a builder and an operator. You will own security strategy and execution simultaneously, sitting at the intersection of infrastructure, product, and compliance.

Key Responsibilities

  • Partner closely with Engineering, Product and Data Center Infrastructure \& Ops leadership to embed security into the design, development and operation of Groq’s platform - leveraging security as a competitive differentiator that accelerates customer adoption, enables enterprise trust, and strengthens Groq’s market position.
  • Own and drive Groq's security strategy, risk posture, and compliance roadmap across infrastructure, cloud, and product.
  • Serve as a hands-on principal security engineer at launch — architecting and implementing controls directly until the team scales.
  • Lead infrastructure and cloud security across Groq's data center fleet and platform: zero-trust architecture, network segmentation, endpoint hardening, and secrets management.
  • Own GRC from day one: design and manage our governance, risk, and compliance programs, including SOC 2 Type II readiness, ISO 27001 planning, and customer security reviews.
  • Establish and operate security detection and response capabilities — building the SIEM/SOAR foundation, defining incident response playbooks, and running tabletop exercises.
  • Partner with the DC Bring-Up \& FleetOps teams to embed security controls into the data center lifecycle — from site commissioning through ongoing operations.
  • Define and enforce security standards for hardware deployment, including supply chain integrity, firmware security, and physical access controls across Groq's colo footprint.
  • Lead vendor and third-party risk management, including security reviews for colo partners, hardware suppliers, and SaaS tools.
  • Represent security in customer and enterprise conversations — answering security questionnaires, supporting sales cycles, and building customer trust.
  • Recruit and grow the security team as the business scales, transitioning from owning some IC responsibilities to people leadership as headcount expands.

Required Qualifications \& Skills

  • 12\+ years in security, with at least 5 years in a senior hands-on technical role (security engineering, detection engineering, or security architecture).
  • Experience securing GPU compute infrastructure or high-performance computing environments.
  • Proven experience building security programs from scratch at a startup or hypergrowth company — not inheriting an existing org.
  • Deep technical fluency in:

+ Cloud and infrastructure security (AWS, GCP, or Azure at scale; Kubernetes; bare-metal environments)

+ Network security: firewalls, zero-trust, micro-segmentation, InfiniBand/GPU cluster environments a plus

+ Identity and access management: SAML, OAuth, SSO, PAM, secrets management

+ Detection and response: SIEM, EDR, alerting pipelines, incident handling

  • Hands-on experience implementing and maintaining SOC 2 Type II compliance; ISO 27001 familiarity strongly preferred.
  • Ability to operate as both a strategic leader and individual contributor — you should be as comfortable in a board-level risk conversation as you are reviewing a firewall ruleset.
  • Strong written and verbal communication skills; able to translate technical risk into business language for executives and customers.
  • Comfortable working in a fast-moving, infrastructure-heavy environment where policies are written in parallel with execution.

Preferred (Nice-to-Have)

  • Familiarity with physical data center security: access control systems, CCTV, badge policies, and colo security requirements.
  • Prior experience supporting a company through FedRAMP, ISO 27001, ISO 42001, HIPAA, or other regulated framework certification.
  • Background in product security — threat modeling, SDLC security integration, or security for developer-facing APIs.
  • Relevant certifications: CISSP, CISM, CCSP, or equivalent. We care more about demonstrated judgment than credentials.

Desired Qualities

  • Builder First: You've built security programs from a blank page and know what corners can't be cut — and which ones can.
  • Technical Depth: You still enjoy getting hands-on. Architecture reviews and firewall rules are not beneath you.
  • Mission-Aligned: You understand that Groq's infrastructure is the foundation for next-generation AI. Protecting it is protecting the mission.
  • Risk-Calibrated: You make decisions with incomplete information and can communicate tradeoffs clearly without crying wolf.
  • Collaborative: Security doesn't work in isolation. You partner with engineering, ops, legal, and sales — and they're glad you do.

Why Join Us

  • Purposeful Hiring: You’re not here by accident, and neither is anyone else. Every teammate is handpicked with intention because who we build with matters.
  • Builders Wanted: You’re not just riding the rocket ship, you’re building it. Your work directly shapes the trajectory of our company.
  • Mission-Driven Work: We’re here to make a real impact. Our mission fuels everything we do.
  • Tackling Hard Problems: If easy isn’t your thing, you’re in the right place. We solve some of the most complex and exciting challenges in our space.
  • Excellence Is The Standard: High performance isn’t just encouraged, it’s the baseline. And it’s contagious.

If this sounds like you, we’d love to hear from you!

Compensation

Groq is committed to providing competitive compensation through our Total Cash philosophy, which incorporates potential bonus value directly into base pay. The total cash salary range for this position, which is inclusive of the potential bonus value, is TBD, with individual placement determined by your geographic location, experience, skills, and alignment with internal compensation standards. This range is specific to candidates located in the United States. Compensation for international candidates will vary based on local market dynamics. Beyond cash compensation, Groq currently offers a quarterly bonus as an interim alternative to equity, with plans to introduce long term incentive program participation in the near term future. Employees also receive a robust suite of benefits.

US Job Posting

This position may require access to technology and/or information subject to U.S. export control laws and regulations, including the Export Administration Regulations (EAR). To comply with these requirements, candidates for this role must meet certain citizenship or residency criteria. Specifically, they must qualify as U.S. Persons for export control purposes (i.e., U.S. citizen, U.S. lawful permanent resident (Green Card holder), or a protected individual under 8 U.S.C.

  • 1324b(a)(3) such as a refugee or asylee), or otherwise be eligible for an applicable export license.

Looking for more opportunities?

Browse thousands of graduate jobs and entry-level positions.

Browse All Jobs