Serve as the Security Lead and Subject Matter Expert (SME) for all environments, including cloud infrastructure, and on-premises systems.
Continuously assess and evolve the organization’s security posture—driving program maturity through strategic assessments, road mapping, stakeholder alignment, and project execution.
Monitor the external threat landscape to identify emerging attack vectors, vulnerabilities, and adversary tactics—translating threat intelligence into actionable insights that inform security strategy, initiatives and controls.
Ensure security practices and controls align with regulatory requirements, including FDA and HIPAA, and fulfill the requirements and obligations of the HIPAA security officer.
Support commercial functions by responding to customer cybersecurity due diligence questionnaires and security assessments—articulating Outset’s security posture, controls, and compliance practices directly to Customers.
Lead the vendor security risk assessment process—evaluating third-party partners for compliance with Outset’s security standards, identifying potential risks, and ensuring appropriate controls are in place.
Conduct technical evaluations of system architecture with a focus on security design and compliance, leveraging frameworks such as NIST CSF and NIST SP 800-53.
Provide strategic leadership in identifying, assessing, and mitigating information security risks; ensure alignment with internal policies and external standards.
Monitor emerging threats and lead the organization’s response to security incidents, serving as the primary control point and convening the Incident Response Team to investigate, contain, and resolve events.
Develop, maintain, and enforce enterprise cybersecurity policies, standards, and procedures, ensuring alignment with regulatory requirements, industry frameworks, and organizational risk tolerance.
Influence technology and architecture decisions as a key member of the IT leadership team.

Requirements

10+ years of industry experience in an information security function; leadership experience preferred.
B.S. or M.S. in Computer Science, Information Security, or a related field.
Professional security certifications such as CISSP, CISM, CISA, CCSP, or CEH (or equivalent).
Proven experience leading organizations through security certifications and audits, including SOC 2, HIPAA, FIPS, and HITRUST.
Demonstrated expertise with cloud security tools and telemetry platforms including experience with AWS (CloudTrail, IAM, Incognito, GuardDuty) and Microsoft 365 (Defender, Entra ID, Purview, Sentinel).
Strong knowledge of risk assessment tools, technologies, and methodologies.
Exceptional written and verbal communication skills, with the ability to influence technical and non-technical stakeholders.
Experience in highly regulated industries.

Benefits

Health insurance
401(k) matching
Paid time off
Professional development opportunities
Remote work options

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

information securitysecurity assessmentsrisk assessmentsecurity designcomplianceincident responsecybersecurity policiesthreat intelligencecloud securitysecurity controls

Soft Skills

leadershipcommunicationstakeholder alignmentinfluenceproject executionstrategic thinkingproblem-solvingcollaborationadaptabilityanalytical skills

Certifications

CISSPCISMCISACCSPCEH