Head of Information Security - Theona

Remote Full-time
About us

Theona is a platform for building and deploying AI agents that take real actions across a company's tools and data. As those agents move into production, governing what they can access and do becomes mission-critical, and that is what this role owns. We are a fast-moving team shipping quickly.

About the role

This is our first security leader. You own security end-to-end: strategy, how we govern what our agents can do, and the trust we earn from enterprise customers. At this stage it is a player-coach role: you set direction and ship the controls yourself today, and build the team as we grow.

What you will do

Own how we govern what our agents can do: what they can access, the trust boundaries between an agent and the systems it touches, how OAuth tokens and credentials are scoped, and multi-tenant isolation. You set both the policy and the controls. This is what lets customers run agents on sensitive systems, and what carries us through enterprise security review.

Own our security strategy and posture across the platform and its cloud infrastructure, and decide where to invest first.

Be our security face to customers: own the trust center, lead enterprise security reviews, and turn what buyers ask for into our roadmap.

Build the security function as we grow. For now, you are hands-on and ship the work yourself. Keep our SOC 2 and GDPR programs on track as they mature.

What we are looking for

6+ years in security, including owning a security program end-to-end, not only contributing to one. Deep into how modern systems grant and scope access: identity, OAuth, secrets, cloud security, and multi-tenant isolation.

Technical enough to set architecture and review controls yourself, and still get hands-on.

Genuinely interested in agent and AI security: how agents are scoped, what they are trusted to do, and where the trust boundaries sit.

Fluent in talking to engineers, auditors, and enterprise security buyers, and able to own a customer security review without help.

Comfortable building from a near-blank slate as the only security person in the room.

Nice to have

Hands-on agent or LLM security: agent authorization scoping, tool-call trust boundaries, prompt and output risk.

Experience taking SOC 2, ISO 27001, or GDPR through to audit.

Multi-tenant SaaS isolation, and experience standing up a customer trust center.

Familiarity with the agent-governance landscape (EU AI Act, NIST AI RMF, ISO 42001).

What We Offer

Contractor agreement with a US-registered legal entity.

100% remote — work from anywhere in the world.

Competitive salary in USD + stock options based on contribution and strong performance.

Opportunity to join a funded startup as an early employee, with equity and long-term upside potential.

Wide field for growth — with the flexibility to contribute to the product and influence its direction from an early stage.
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Database Administrator III

Remote

Head of Account Executives DACH (m/f/d) NEW

Remote

Sr Data Scientist, Marketing (Remote)

Remote

Apply Now: Software Engineering Manager, Machine Learning - Ad

Remote

Experienced Part-Time arenaflex Home Advisor – Entry-Level Customer Support Specialist for Innovative Technology Solutions

Remote

Retail Customer Experience Associate

Remote

Experienced Data Entry Specialist – Remote Opportunity for Detail-Oriented Professionals in Data Management and Analysis

Remote

Ohio | Mental Health Therapist | Telehealth

Remote

AWS Solutions Architect- AI/ML

Remote

**Experienced Data Entry Clerk – Remote Work Opportunity at arenaflex**

Remote
← Back