Cyber Security Program Manager
Sunnyvale, CA - USA
Job Summary
About Ceribell
Ceribell is a medical technology company focused on transforming the diagnosis and management of patients with serious neurological conditions. The Ceribell System is a novel point-of-care electroencephalography (EEG) platform specifically designed to address the unmet needs of patients in the acute care setting and is being used in hundreds of community hospitals large academic facilities and major IDNs across the country. Our entire team is driven by a shared commitment to transforming the landscape of critical care through our rapid seizure detection technology come join the movement!
Position Overview:
Cybersecurity Program Management
- Lead coordination efforts with Information Security and Governance Risk & Compliance (GRC) leadership to strategically plan execute and oversee cybersecurity initiatives ensuring alignment with company-wide objectives and regulatory compliance.
- Direct and refine ongoing continuous monitoring requirements to ensure effectiveness and audit readiness.
- Help lead and participate in FedRAMP audits driving documentation strategy POA&M tracking and interdepartmental reporting between vendors internal teams and Security leadership.
- Guide the team in identifying and prioritizing improvements for NIST 800-53 control effectiveness and maturity.
- Coordination of risk assessments vulnerability management activities and security training schedules in collaboration with key stakeholders
IT Program Management
- Partner and collaborate across the organization to align on strategic objectives and shape roadmaps IT and Security navigating complex high-impact projects with agility to re-prioritize as needed.
- Drive initiatives to streamline operational efficiency and maximize software utilization across the enterprise.
Governance Risk and Compliance (GRC)
- Collaboration with the GRC team to ensure policies procedures and standards are proactively updated to maintain alignment with evolving compliance frameworks.
- Facilitate security risk assessments ensuring thorough documentation of critical risks and establishing measurable strategies to drive risk mitigation and accountability
Incident Response
- Provide strategic input in incident response planning and execution contributing to the design of response processes and assisting in escalation and resolution of security incidents as needed.
Project Management
- Drive delivery of complex cross-functional projectsfrom requirements gathering through implementationdefining schedules scopes and mitigation plans for enterprise-level initiatives.
- Demonstrate expert-level capability in managing multiple concurrent initiatives with conflicting priorities and tight deadlines ensuring alignment with organizational goals.
- Optimize use of project management tools such as Jira or Notion to enhance transparency reporting and collaboration.
What Were Looking For:
- 10 years of progressive experience in cybersecurity FedRAMP or IT program management with a proven track record of leading large-scale security or compliance programs.
- Demonstrated leadership in Program Management related activities including continuous monitoring documentation and third-party assessments.
- Deep expertise in NIST frameworks () with the ability to advise teams and influence policy and control implementation.
- Experience overseeing multiple compliance programs (e.g. SOC 2 Type 2 HIPAA SOX ITGC) and ensuring cross-functional coordination for audit readiness.
- Strong executive communication skills with the ability to present complex security topics to both technical and non-technical audiences.
- Advanced problem-solving strategic thinking and decision-making abilities in complex IT environments.
- U.S. citizenship required due to federal compliance.
- Must meet identification verification requirements prior to start.
- Demonstrated ability to thrive in high-pressure fast-paced environments while managing competing priorities.
- Open to Remote candidates.
Preferred
- Industry-recognized certifications such as CISA CISSP or PMP.
- Experience with security and monitoring tools such as Jira Splunk Tenable and Trend Micro.
- Strong knowledge of cloud architectures especially AWS and associated services.
Compensation Range
$144000 - $195000 USD
A candidates final salary offer will be based on their skills education work location and experience and thus it may differ from the posted range. Compensation may also include bonuses consistent with Ceribells corporate compensation plan. Note the above description is not all-encompassing and Ceribell reserves the right to change or modify job duties and assignments at any time.
In addition to your base compensation Ceribell offers eligible employees the following:
- Performance-based incentive compensation (varies by role)
- Equity opportunities
- 100% Employer paid Health Benefits for Employees
- 50% - 70% Employer paid Health Dental & Vision for dependents (depending on plan selection)
- 100% paid Life and Long-Term Disability Insurance
- 401(k) with a generous company match
- Employee Stock Purchase Plan (ESPP) with a discount
- Monthly cell phone stipend
- Flexible paid time off
- 13 Paid Holidays 3 Company Wellness Days
- Excellent parental leave policy
- Fantastic culture with tremendous career advancement opportunities
- Joining a mission-minded organization!
Application Deadline: Ongoing
Other Job Details
Ceribell reports transfers of value to health care providers (HCPs) as required by federal and state transparency laws. These laws and implementing regulations require Ceribell to provide government agencies with HCPs names addresses and the type of payments or other value received generally for public disclosure. If you are an HCP and we pay or reimburse your recruiting expenses as a result of interviewing with Ceribell your name address and the amount of payments made may be reported to the government.
Equal Opportunity Employer
Ceribell is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race color religion sex (including pregnancy childbirth and related medical conditions) sexual orientation gender identity or expression national origin age marital status disability veteran status or any other characteristic protected by law. Ceribell complies with all applicable national state and local laws governing nondiscrimination in employment as well as work authorization and employment eligibility verification requirements of the Immigration and Nationality Act and IRCA. Ceribell is an E-Verify employer. Any applicant with a disability who requires an accommodation during the application process should contact to request reasonable accommodation.
Privacy Statement
For information on how Ceribell processes personal data of job applicants please review our Privacy Policy.
Compliance Disclaimer
If you believe this job posting is non-compliant please submit a report to . Please note that we will not respond to inquiries unrelated to job posting compliance.
Required Experience:
IC
About Company
Bill.com brings smart AP and AR automation and new bill payment capabilities to your business. Harness intelligent technology to help streamline your payments process.