IT Security Manager

Subsense•Palo Alto, CA

About The Position

About Subsense Subsense is a deep-tech company developing the worldâs first non-surgical, bidirectional brain-computer interface powered by plasmonic and magnetoelectric nanoparticles. Our mission is to unlock direct communication between the human brain and AI - starting with medical applications such as stroke recovery and moving toward cognitive enhancement for healthy users. Headquartered in Palo Alto, Subsense brings together leading scientists and engineers to redefine the future of humanâmachine interaction. The Opportunity We are seeking an experienced and proactive IT Security Manager to build and lead the security foundation that protects Subsenseâs people, data, research, and systems. This role is responsible for designing and operationalizing our security infrastructure from the ground up, ensuring that all environments â corporate, cloud, and laboratory â are secure, compliant, and resilient. You will partner closely with the Operations team to implement best-in-class security practices aligned with the sensitivity of our scientific work and long-term product roadmap. This position is ideal for someone who thrives in early-stage environments, combines strategic security leadership with hands-on implementation, and can scale systems and processes as the company grows.

Requirements

5+ years of experience in IT security, cybersecurity engineering, or security operations.
Ability to design and run security programs in early-stage or high-growth technical environments.
Experience securing cloud infrastructure (AWS, GCP, or Azure) and modern SaaS environments.
Strong understanding of identity and access management, endpoint security, and secure networking.
Proven ability to implement security controls that balance risk reduction, usability, and speed.
Experience building documentation for audits and compliance frameworks (SOC 2, ISO 27001, or similar) and experience in Penetration Testing (PenTest).
Skilled in incident response, root-cause analysis, and risk assessment.
Excellent communication skills, with the ability to partner across scientific, engineering, and business teams.
Startup mindset â adaptable, resourceful, hands-on, and highly execution-focused.

Nice To Haves

Familiarity with medical device cybersecurity standards and regulatory expectations (FDA premarket/postmarket guidance, IEC 62443, or similar) is a strong plus.

Responsibilities

Design, implement, and maintain foundational IT security systems, including identity and access management, endpoint protection, secure networking, vulnerability scanning, and logging/monitoring.
Develop and enforce access protocols for cloud systems, lab equipment, AI tools, research data, and corporate systems; ensure least-privilege principles and secure provisioning/deprovisioning.
Assess requirements for biotech, R&D, and enterprise compliance frameworks (SOC 2, ISO 27001, HIPAA, FDA/GLP-adjacent expectations, ISO 42001 AI Governance). Build documentation and begin phased rollout.
Collaborate with R&D to translate IT-centric security frameworks into technical requirements, and to maintain secure connectivity between Class III medical devices and enterprise IT infrastructure â including cloud platforms, hospital networks, and remote monitoring portals.
Establish a formal incident response plan, define escalation pathways, and run tabletop exercises to validate readiness and resilience.
Evaluate security posture across SaaS, cloud providers, university partners, and R&D tools. Maintain an up-to-date risk register with remediation plans.
Deploy security training and ongoing reminders tailored to a hybrid scientific and corporate environment.
Work closely with R&D, Operations, and Product to ensure security is part of workflows, cloud systems, and device management.
Provide structured plans, metrics, and updates to the CEO and leadership team around major risks, system maturity, and security investments.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume