
Principal Cyber Security Program Manager
About Ceribell
Ceribell is a medical technology company focused on transforming the diagnosis and management of patients with serious neurological conditions. The Ceribell System is a novel, point-of-care electroencephalography (“EEG”) platform specifically designed to address the unmet needs of patients in the acute care setting, and is being used in hundreds of community hospitals, large academic facilities and major IDN’s across the country. Our entire team is driven by a shared commitment to transforming the landscape of critical care through our rapid seizure detection technology, come join the movement!
Cybersecurity Program Management
- Lead coordination efforts with Information Security and Governance Risk & Compliance (GRC) leadership to strategically plan, execute, and oversee cybersecurity initiatives, ensuring alignment with company-wide objectives and regulatory compliance.
- Direct and refine ongoing continuous monitoring requirements to ensure effectiveness and audit readiness.
- Help lead and participate in FedRAMP audits, driving documentation strategy, POA&M tracking, and interdepartmental reporting between vendors, internal teams, and Security leadership.
- Guide the team in identifying and prioritizing improvements for NIST 800-53 control effectiveness and maturity.
- Coordination of risk assessments, vulnerability management activities, and security training schedules in collaboration with key stakeholders.
IT Program Management
- Partner and collaborate across the organization to align on strategic objectives and shape roadmaps IT and Security navigating complex, high-impact projects, with agility to re-prioritize as needed.
- Drive initiatives to streamline operational efficiency, and maximize software utilization across the enterprise.
This position will be a hybrid 2X/week at our Sunnyvale HQ office
Governance, Risk, and Compliance (GRC)
- Collaboration with the GRC team to ensure policies, procedures, and standards are proactively updated to maintain alignment with evolving compliance frameworks.
- Facilitate security risk assessments, ensuring thorough documentation of critical risks and establishing measurable strategies to drive risk mitigation and accountability
Incident Response
- Provide strategic input in incident response planning and execution, contributing to the design of response processes and assisting in escalation and resolution of security incidents as needed.
Project Management
- Drive delivery of complex, cross-functional projects—from requirements gathering through implementation—defining schedules, scopes, and mitigation plans for enterprise-level initiatives.
- Demonstrate expert-level capability in managing multiple, concurrent initiatives with conflicting priorities and tight deadlines, ensuring alignment with organizational goals.
- Optimize use of project management tools such as Jira or Notion to enhance transparency, reporting, and collaboration.
Requirements / Qualifications
- 14+ years of progressive experience in cybersecurity, FedRAMP, or IT program management with a proven track record of leading large-scale security or compliance programs.
- Demonstrated leadership in Program Management related activities, including continuous monitoring, documentation, and third-party assessments.
- Deep expertise in NIST frameworks (800-53, 800-30, 800-161) with the ability to advise teams and influence policy and control implementation.
- Experience overseeing multiple compliance programs (e.g., SOC 2 Type 2, HIPAA, SOX ITGC) and ensuring cross-functional coordination for audit readiness.
- Strong executive communication skills with the ability to present complex security topics to both technical and non-technical audiences.
- Advanced problem-solving, strategic thinking, and decision-making abilities in complex IT environments.
- U.S. citizenship required due to federal compliance.
- Must meet identification verification requirements prior to start.
- Demonstrated ability to thrive in high-pressure, fast-paced environments while managing competing priorities.
Preferred
- Industry-recognized certifications such as CISA, CISSP, or PMP.
- Experience with security and monitoring tools such as Jira, Splunk, Tenable, and Trend Micro.
- Strong knowledge of cloud architectures, especially AWS and associated services.
Create a Job Alert
Interested in building your career at Ceribell, Inc? Get future opportunities sent straight to your email.
Apply for this job
*
indicates a required field