Outset is seeking a hands-on information security leader to drive its cybersecurity and technology risk management program. The ideal candidate will bring deep expertise in both on-premises and cloud security, including insights into cloud native security solutions for Microsoft 365 and AWS platforms.
Requirements
- Serve as the Security Lead and Subject Matter Expert (SME) for all environments, including cloud infrastructure, and on-premises systems.
- Continuously assess and evolve the organization's security posture—driving program maturity through strategic assessments, road mapping, stakeholder alignment, and project execution.
- Monitor the external threat landscape to identify emerging attack vectors, vulnerabilities, and adversary tactics—translating threat intelligence into actionable insights that inform security strategy, initiatives and controls.
- Ensure security practices and controls align with regulatory requirements, including FDA and HIPAA, and fulfill the requirements and obligations of the HIPAA security officer.
- Support commercial functions by responding to customer cybersecurity due diligence questionnaires and security assessments—articulating Outset's security posture, controls, and compliance practices directly to Customers.
- Lead the vendor security risk assessment process—evaluating third-party partners for compliance with Outset's security standards, identifying potential risks, and ensuring appropriate controls are in place.
- Conduct technical evaluations of system architecture with a focus on security design and compliance, leveraging frameworks such as NIST CSF and NIST SP 800-53.
- Provide strategic leadership in identifying, assessing, and mitigating information security risks; ensure alignment with internal policies and external standards.
- Monitor emerging threats and lead the organization's response to security incidents, serving as the primary control point and convening the Incident Response Team to investigate, contain, and resolve events.
- Develop, maintain, and enforce enterprise cybersecurity policies, standards, and procedures, ensuring alignment with regulatory requirements, industry frameworks, and organizational risk tolerance.
- Influence technology and architecture decisions as a key member of the IT leadership team.
Benefits
- Generous Paid Time Off
- 401k Matching
- Retirement Plan
- Tuition Reimbursement
- Relocation Assistance
