Head of IT & Information Security

AI-driven threats and human error are today’s biggest enterprise security risks. Cybercriminals don’t hack systems—they exploit people. Human errors drive 70% of security breaches, making human behavior the primary and growing attack surface. At Fable, we believe that the right tools can convert people from targets to another layer of defense.

Fable is the human risk platform that directly shapes employee behavior. Designed for simplicity and enterprise scale, our agentic platform synthesizes complex employee data, pinpoints risky behaviors, and deploys highly relevant interventions to people automatically, in real time, right where they work.

Backed by Redpoint Ventures and Greylock Partners and founded by early Abnormal Security team members, Fable is solving cybersecurity’s biggest challenge in a multi-billion-dollar market. Our team includes alumni from Meta, Twitter, Flexport, and top-tier universities like Waterloo, Columbia, Berkeley, Purdue, CMU, Stanford, UCLA, and USC. We are experiencing explosive growth, making this a career-defining opportunity to join and shape the future of security.

Fable Security is hiring a Head of IT & Security to lead our security, compliance, and IT functions. Reporting to the CISO, this leader will own our compliance and certification programs, advance our risk and privacy practices, and represent Fable Security externally as part of the broader security community.

This is a high-ownership role for a leader who operates with excellence both inside and outside the organization.

• Own our compliance program, including SOC 2 and ISO 27001, and the ISMS that supports them

• Assist with operational privacy processes in support of GDPR and adherence to privacy laws across all US states and international requirements

• Assist the CISO with privacy program implementation

• Lead the third-party risk management program

• Lead AI risk management and governance

• Drive our top focus areas: identity and access management, product security, and internal IT operations

• Contribute to security research and thought leadership

• Drive and attend industry events in partnership with the go-to-market team, representing Fable Security's leadership

• Submit to and speak at conferences, building the company's presence in the security community

• An owner. You take full responsibility for outcomes across multiple domains without close direction

• 7+ years across security, compliance, and IT, including direct experience leading ISO 27001 and SOC 2 programs

• Working knowledge of GDPR and US state and international privacy requirements

• Experienced across identity, product security, risk management, and IT operations

• Comfortable representing the company externally — at events, in research, and on stage

• Clear communicator who can translate technical and regulatory requirements for any audience

• CISSP, CISM, CIPP/E, ISO 27001 Lead Implementer/Auditor, or equivalent certifications

• Established presence in the security community: publications, talks, or research contributions