Logo for Ceribell │ Point-of-Care EEG

Cyber Security Program Manager

Role overview

Qualifications

  • 10+ years of progressive experience in cybersecurity, FedRAMP, or IT program management with a proven track record of leading large-scale security or compliance programs.
  • Demonstrated leadership in Program Management related activities, including continuous monitoring, documentation, and third-party assessments.
  • Deep expertise in NIST frameworks (800-53, 800-30, 800-161) with the ability to advise teams and influence policy and control implementation.
  • Experience overseeing multiple compliance programs (e.g., SOC 2 Type 2, HIPAA, SOX ITGC) and ensuring cross-functional coordination for audit readiness.

Responsibilities

  • Lead coordination efforts with Information Security and Governance Risk Compliance (GRC) leadership to plan, execute, and oversee cybersecurity initiatives.
  • Direct and refine ongoing continuous monitoring requirements to ensure effectiveness and audit readiness.
  • Help lead and participate in FedRAMP audits, driving documentation strategy, POAM tracking, and interdepartmental reporting.
  • Guide the team in identifying and prioritizing improvements for NIST 800-53 control effectiveness and maturity.

Key facts

Other skills

  • Program Management
  • Problem Solving
  • Strategic Thinking
  • Decision Making
  • Collaboration
  • Time Management

About the company

Ceribell │ Point-of-Care EEG logo

Ceribell │ Point-of-Care EEG

Ceribell is a fast growing venture-backed medical device start-up company founded by two faculty members at Stanford University. Our primary mission is to improve neurological care for emergency and ICU patients. Ceribell is focused on making EEG widely accessible, more efficient, and more cost-effective to improve the diagnosis and treatment of patients at risk for seizures. The System can be set up by any healthcare provider within minutes. Now with Clarity, Ceribell offers 24/7 continuous bedside EEG monitoring and alert.

Company details

Company typeScaleup
Company size51 - 200

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

About Ceribell

Ceribell is a medical technology company focused on transforming the diagnosis and management of patients with serious neurological conditions. The Ceribell System is a novel, point-of-care electroencephalography (“EEG”) platform specifically designed to address the unmet needs of patients in the acute care setting, and is being used in hundreds of community hospitals, large academic facilities and major IDN's across the country. Our entire team is driven by a shared commitment to transforming the landscape of critical care through our rapid seizure detection technology, come join the movement!

Position Overview:

Cybersecurity Program Management

  • Lead coordination efforts with Information Security and Governance Risk & Compliance (GRC) leadership to strategically plan, execute, and oversee cybersecurity initiatives, ensuring alignment with company-wide objectives and regulatory compliance.
  • Direct and refine ongoing continuous monitoring requirements to ensure effectiveness and audit readiness.
  • Help lead and participate in FedRAMP audits, driving documentation strategy, POA&M tracking, and interdepartmental reporting between vendors, internal teams, and Security leadership.
  • Guide the team in identifying and prioritizing improvements for NIST 800-53 control effectiveness and maturity.
  • Coordination of risk assessments, vulnerability management activities, and security training schedules in collaboration with key stakeholders

IT Program Management

  • Partner and collaborate across the organization to align on strategic objectives and shape roadmaps IT and Security navigating complex, high-impact projects, with agility to re-prioritize as needed.
  • Drive initiatives to streamline operational efficiency, and maximize software utilization across the enterprise.

Governance, Risk, and Compliance (GRC)

  • Collaboration with the GRC team to ensure policies, procedures, and standards are proactively updated to maintain alignment with evolving compliance frameworks.
  • Facilitate security risk assessments, ensuring thorough documentation of critical risks and establishing measurable strategies to drive risk mitigation and accountability

Incident Response

  • Provide strategic input in incident response planning and execution, contributing to the design of response processes and assisting in escalation and resolution of security incidents as needed.

Project Management

  • Drive delivery of complex, cross-functional projects—from requirements gathering through implementation—defining schedules, scopes, and mitigation plans for enterprise-level initiatives.
  • Demonstrate expert-level capability in managing multiple, concurrent initiatives with conflicting priorities and tight deadlines, ensuring alignment with organizational goals.
  • Optimize use of project management tools such as Jira or Notion to enhance transparency, reporting, and collaboration.

What We're Looking For: 

  • 10+ years of progressive experience in cybersecurity, FedRAMP, or IT program management with a proven track record of leading large-scale security or compliance programs.
  • Demonstrated leadership in Program Management related activities, including continuous monitoring, documentation, and third-party assessments.
  • Deep expertise in NIST frameworks (800-53, 800-30, 800-161) with the ability to advise teams and influence policy and control implementation.
  • Experience overseeing multiple compliance programs (e.g., SOC 2 Type 2, HIPAA, SOX ITGC) and ensuring cross-functional coordination for audit readiness.
  • Strong executive communication skills with the ability to present complex security topics to both technical and non-technical audiences.
  • Advanced problem-solving, strategic thinking, and decision-making abilities in complex IT environments.
  • U.S. citizenship required due to federal compliance.
  • Must meet identification verification requirements prior to start.
  • Demonstrated ability to thrive in high-pressure, fast-paced environments while managing competing priorities.
  • Open to Remote candidates. 

Preferred

  • Industry-recognized certifications such as CISA, CISSP, or PMP.
  • Experience with security and monitoring tools such as Jira, Splunk, Tenable, and Trend Micro.
  • Strong knowledge of cloud architectures, especially AWS and associated services.

 

 

 

Compensation Range
$144,000$195,000 USD

A candidate’s final salary offer will be based on their skills, education, work location and experience, and thus it may differ from the posted range. Compensation may also include bonuses consistent with Ceribell’s corporate compensation plan. Note, the above description is not all-encompassing and Ceribell reserves the right to change or modify job duties and assignments at any time.

In addition to your base compensation, Ceribell offers eligible employees the following:

  • Performance-based incentive compensation (varies by role)
  • Equity opportunities
  • 100% Employer paid Health Benefits for Employees
  • 50% - 70% Employer paid Health, Dental & Vision for dependents (depending on plan selection)
  • 100% paid Life and Long-Term Disability Insurance 
  • 401(k) with a generous company match
  • Employee Stock Purchase Plan (ESPP) with a discount
  • Monthly cell phone stipend
  • Flexible paid time off
  • 13 Paid Holidays + 3 Company Wellness Days
  • Excellent parental leave policy
  • Fantastic culture with tremendous career advancement opportunities
  • Joining a mission-minded organization!

Application Deadline: Ongoing

Other Job Details
Ceribell reports transfers of value to health care providers (HCPs) as required by federal and state transparency laws. These laws and implementing regulations require Ceribell to provide government agencies with HCPs’ names, addresses and the type of payments or other value received, generally for public disclosure. If you are an HCP and we pay or reimburse your recruiting expenses as a result of interviewing with Ceribell, your name, address and the amount of payments made may be reported to the government.

Equal Opportunity Employer
Ceribell is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth and related medical conditions), sexual orientation, gender identity or expression, national origin, age, marital status, disability, veteran status or any other characteristic protected by law. Ceribell complies with all applicable national, state and local laws governing nondiscrimination in employment as well as work authorization and employment eligibility verification requirements of the Immigration and Nationality Act and IRCA. Ceribell is an E-Verify employer. Any applicant with a disability who requires an accommodation during the application process should contact talent@ceribell.com to request reasonable accommodation.

Privacy Statement
For information on how Ceribell processes personal data of job applicants, please review our Privacy Policy.

Compliance Disclaimer
If you believe this job posting is non-compliant, please submit a report to legal@ceribell.com. Please note that we will not respond to inquiries unrelated to job posting compliance.

Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
·

Program Manager Related jobs

Other jobs at Ceribell │ Point-of-Care EEG

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.