Chief Information Security Officer (Part-time)

Join us as we scale our business by building on our tremendous success around the world. The massive database market is going to double over the next few years (the IDC estimates it to be $119B+ by 2025) and TiDB is a global player positioned as a major disruptor with TiDB Database and Database as a Service offering.  TiDB is an open-source, cloud-native, distributed SQL database for elastic scale and real-time analytics. Large and high-growth organizations in markets as varied as financial services, logistics, gaming, e-commerce and software as a service have successfully deployed and expanded their TiDB footprint on mission-critical applications. Our strong open-source community roots (37,000+ stars on GitHub), innovative products and inclusive culture draw passionate and dedicated people to our company. Learn more about TiDB careers and join our team to be at the forefront of innovation and growth.

We are seeking a part-time Chief Information Security Officer (CISO) to lead TiDB’s global security strategy. This role will be responsible for defining and executing a comprehensive information security, risk management, and compliance program that protects TiDB’s products, infrastructure, customers, and employees.

As CISO, you will partner closely with product, sales, legal, and executive leadership to ensure security is embedded into everything we do — from the core of TiDB to our SaaS/cloud offerings and enterprise engagements.

• Proven experience as a CISO or senior security leader in a high-growth B2B SaaS environment.
• Strong understanding of cloud security, DevSecOps, zero trust architectures, and modern compliance frameworks.
• Exceptional communicator with executive presence—comfortable interfacing with CISOs, CIOs, and security decision-makers.
• Experience supporting GTM motions, including joining sales calls, handling due diligence, and presenting to security-conscious enterprise buyers.
• Define, implement, and continuously evolve TiDB’s global information security strategy and roadmap.
• Drive adoption of best practices in application security, data security, and infrastructure hardening.
• Establish and maintain a comprehensive risk management framework aligned with ISO 27001, SOC 2, GDPR, CCPA, and other relevant standards.
• Work with legal and compliance teams to monitor evolving regulations in key markets.
• Engage directly with enterprise customers to build trust in TiDB’s security practices.

• Proven experience leading security at a global SaaS, cloud infrastructure, or database company.
• Deep understanding of distributed systems, cloud-native architectures, and DevSecOps practices.
• Strong knowledge of security frameworks and regulations (ISO 27001, SOC 2, NIST, GDPR, etc.).
• Demonstrated ability to lead incident response and crisis management.
• Excellent communication and executive presence; comfortable engaging with boards, regulators, and enterprise customers.
• Fluent public speaker or participates actively in a public facing security community.

We encourage people from underrepresented groups to apply. Come advance with us! In keeping with our values, no employee or applicant will face discrimination/harassment based on: race, color, ancestry, national origin, religion, age, gender, marital domestic partner status, sexual orientation, gender identity, disability status, or veteran status. TiDB also strives to prevent other, subtler forms of inappropriate behavior (e.g., stereotyping) from ever gaining a foothold in our organization. Whether blatant or hidden, barriers to success have no place at TiDB.