Skip to main content
H

Field CISO

HeroDevs

Location

Remote

Salary

Not specified

Type

fulltime

Posted

Today

via linkedin

Job Description

About HeroDevs

HeroDevs is defining a new category: end-of-life open source risk management. Every modern application runs on a stack of OSS components, and a growing share of that stack is unmaintained. No security patches. No compatibility fixes. No one on call. At enterprise scale, “just upgrade” and “just accept the risk” both fail. Regulators are starting to notice.

We sell Never-Ending Support: drop-in secure replacements for EOL open source, plus the advisory and tooling to help security and engineering leaders manage what they cannot reasonably rip out. Hundreds of enterprises trust us today. We are building the category around the work.

Why this role exists

We are hiring a Field CISO to be the public voice of HeroDevs in the AppSec and security-leadership community.

You have sat in our buyer’s chair. You have owned an AppSec program at a company whose name people recognize. You have triaged CVEs in a framework the vendor abandoned three years ago. You have answered an auditor’s question about an unmaintained library. You have defended a budget line for technical debt nobody wants to fund. We want that lived experience showing up in every conversation we have: with prospects, with the press, on stage, and in our own product reviews.

What you’ll do

Lead the category conversation externally

  • Speak.

Headline talks at RSA, Black Hat, BSides, OWASP Global, regional CISO summits, and the podcasts our buyers actually listen to. Plan for a major speaking moment every quarter.

  • Publish.

Anchor a steady stream of original thought leadership: essays, research-backed reports, points of view. Our content and comms team supports you. The ideas and the voice are yours.

  • Convene.

Build a CISO and AppSec advisory council. Host an in-person dinner program in our top metros. We want real peer relationships.

Sell from the front

  • Take the executive seat.

Partner with our AEs and CRO on our most strategic accounts. Lead executive briefings. Sit across from CISOs and CIOs as a peer. Open doors our reps cannot open alone.

  • Translate value.

Help prospects connect EOL OSS exposure to the metrics their boards already track: audit findings, breach probability, engineering velocity, regulatory readiness.

  • No quota.

You will be a force multiplier on the deals that matter most. Influenced pipeline and win-rate lift on accounts you touch tell us it is working.

Make the inside team sharper

  • Pressure-test our positioning.

Sit in on messaging reviews, sales decks, website copy, and analyst briefings. Tell us where it sounds like vendor-speak.

  • Pressure-test our product.

Work with Product and Engineering as the voice of the buyer. Tell us what is missing, what is table stakes, and where our roadmap is a half-step behind the market.

  • Coach the field.

Train AEs, SEs, and CSMs on how to talk to security leaders. Run internal teach-ins on the AppSec landscape, the regulatory environment, and the buyer’s day-to-day.

Who you are

  • An AppSec or security leader, recently.

You have owned application security, product security, or a meaningful portion of a security program at a respected company. Likely titles: CISO, Deputy CISO, VP or Head of AppSec, VP or Head of Product Security.

  • An active voice in the community.

You already speak, write, post, or podcast. You have an audience of practitioners who take what you say seriously. You are comfortable being the named, attributable face of a point of view.

  • Operator credibility.

Your authority comes from having done the work. You want a platform that lets you use the authority you already have.

  • Commercially fluent.

You can hold an executive conversation, qualify a real opportunity, and partner cleanly with a sales team.

  • Builder’s temperament.

You want to define a category. You are energized by ambiguity, willing to write the first draft of things, and comfortable being early.

What success looks like in year one

  • HeroDevs is the named voice in EOL OSS risk management at the conferences and publications our buyers care about.
  • AppSec leaders at our top accounts know who you are and take your call.
  • Our messaging, content, and product roadmap have visibly tightened around how real security leaders talk and buy.
  • Our sales team handles executive conversations meaningfully better because of how you have coached them.
  • At least one major industry analyst recognizes us as the category leader.

Logistics

  • Reports to:

CEO.

  • Location:

Remote, US-based. Plan for 30 to 40 percent travel for events, customer meetings, and team offsites.

  • Compensation:

Executive-level base plus meaningful equity. Range shared in the first conversation.

  • Quota:

None. We measure category leadership, influenced pipeline, and internal leverage.

How to apply

Send a short note. Skip the cover letter. Tell us why this problem is worth your attention right now. Include a link or two to something you have published or a talk you have given that you are proud of.

We read everything. We move fast on the right people.

Looking for more opportunities?

Browse thousands of graduate jobs and entry-level positions.

All JobsSoftware Engineer JobsData Scientist JobsCareer Tips
Browse All Jobs
More JobsApply Now