Field Chief Technology & Information Security Officer

Who we are

Socket's mission is to help developers and security teams to ship faster and spend less time on security busywork. Thousands of organizations use Socket to safely discover, audit, and manage their open source code. Our customers – from Figma to Vercel – absolutely love Socket (just read their tweetsto see for yourself!)

The company was founded by Feross Aboukhadijeh, who has worked in open source software for 10+ years writing software that receives more than a billion downloads per month. We have raised $65M in funding from the best angel investors, operators, and security leaders in the industry.

About the Role

We're searching for a Field CTO/CISO who embodies both security expertise and developer empathy. As Socket's technical authority and evangelist, you'll be the bridge between enterprise security requirements and developer experience, driving adoption by making security seamless for engineering teams while satisfying the demand of CISOs.

What You'll Do

• Lead the Technical Charge: Master Socket's product inside and out, becoming the go-to expert who can architect solutions for both security teams and developers

• Close Enterprise Deals: Lead high-stakes meetings with CTOs, CISOs, and engineering leaders, demonstrating how Socket secures the software supply chain without friction

• Travel the Circuit: Be our featured speaker at both security conferences (RSA, Black Hat) and developer events (JSConf, Node.js conferences) - expect 2-3 trips monthly

• Own the Technical Narrative: Create compelling content including documentation, integration guides, security whitepapers, and viral developer content

• Bridge Worlds: Translate between security requirements and developer needs, ensuring our product satisfies both constituencies

• Build Strategic Alliances: Forge partnerships across the security and developer ecosystems, especially with npm/GitHub

• Shape Our Brand: Establish Socket as the definitive solution for developer-first supply chain security through thought leadership

What You'll Need

• 10+ years leading and scaling security and developer platform teams at technology companies

• Deep expertise in JavaScript ecosystem and npm package management

• Proven experience with software supply chain security challenges

• Technical credibility with both security professionals and developers

• Track record of closing enterprise deals through technical leadership

• Exceptional communication across all formats (written, verbal, presentation)

• Experience building or leading developer communities

• Strategic mindset connecting technical details to business outcomes

• Excitement for extensive travel and cross-timezone customer engagement

Preferred Qualifications

• Previous experience at npm, GitHub, or major JavaScript ecosystem company

• Security certifications or recognized expertise in application security

• Open source project leadership or significant contributions

• Conference speaking experience at major industry events

At Socket, we

1. Pursue Excellence: We set ourselves apart by consistently delivering work of exceptional quality and distinction.

2. Move with urgency and focus: We prioritize swift, decisive action.

3. Think rigorously: We care about being right and it often takes reasoning from first principles to get there. We value alternative perspectives and have constructive discussions.

4. Trust and amplify: We overtrust, always assume good intent, and give specific feedback to help each other improve.

5. Feel a strong sense of ownership: We wear many hats and feel a strong sense of overall ownership of the company and we're non-territorial regarding our nominal domains.

6. Are customer obsessed: We relentlessly prioritize the needs of our customers, striving to exceed their expectations and delight them at every interaction.