A BIT ABOUT SIBEL HEALTH:

With headquarters based in Chicago, Illinois and an international office in Seoul, South Korea, Sibel Health is an award-winning digital health startup with a mission to deliver Better Health Data for All®. We were founded with a specific focus on our most vulnerable patients—pregnant persons and babies—where we believe wireless monitoring has the potential to do the most good worldwide. We achieve this by providing a complete monitoring solution of advanced wireless wearables, best in class software, and novel AI/ML algorithms all linked to the cloud. To date, we’ve launched our technologies in 20 countries from the most advanced hospitals in the world to the most resource constrained locations. We work with some of the most respected healthcare organizations in the world from major philanthropies to large medical technology and pharmaceutical companies. With numerous FDA clearances and a recently completed fundraising round, we are poised for growth and expansion. We are seeking mission-driven individuals with a strong sense of purpose who believe that technology can improve the lives of our most vulnerable patients.

THE OPPORTUNITY:

We are looking for a Head of IT and Security. You will work closely with Engineering, Operations, Regulatory, and other cross-functional teams to articulate Sibel’s cybersecurity strategy, vendor management and regulatory compliance of the company’s internal and external IT resources. This role will bring together various engineering disciplines to create a streamlined and efficient approach to code deploy, release management, CI/CD, and other internal technology processes. Sibel is a dynamic organization where we value merit and results above all else, and provide the necessary tools for individual growth and successes.

JOB SUMMARY:

The Head of IT and Security is responsible for overseeing all technology-related operations, including cloud infrastructure, IT and security. This role aligns technology strategy with business objectives, enhances operational efficiency, ensures security compliance, and develops processes across departments.

WHAT YOU WILL BE WORKING ON:

• Develop, implement, and maintain IT and security policies, procedures, and standards.
• Oversee internal IT operations, including employee support, device management (MDM), and vendor coordination.
• Ensure secure and stable deployment, release, and infrastructure operations across environments.
• Oversee security and architectural reviews for internal platforms and third-party systems.
• Lead efforts to ensure compliance with HIPAA, ISO 27001, FDA cybersecurity requirements, GDPR, and EU MDR, in close collaboration with QA and Regulatory teams.
• Support compliance with HIPAA, ISO 27001, and FDA cybersecurity expectations in alignment with internal QMS.
• Oversee and manage application performance monitoring and the underlying cloud and on-prem infrastructure, ensuring reliability, scalability, and security across all systems.
• Maintain company-wide visibility into IT and security posture through metrics, dashboards, and reporting.
• Provide support during external audits by presenting access logs, system documentation, configuration reviews, and evidence of adherence to internal IT and security processes.
• Oversee ongoing security training and awareness programs for employees and contractors
• Oversee the cybersecurity activities for product development following medical device cybersecurity guidelines.
• Develop and enforce policies for incident management and service recovery, ensuring high availability for critical systems.
• Review and assess system architecture for compliance, security, and performance and advise teams on best practices.
• Lead quarterly internal IT audits covering access management, asset inventory and configuration, system logging and monitoring, and policy compliance.

ABOUT YOU:

• 8+ years of experience in IT and cybersecurity, including 3+ years in a leadership role
• Strong understanding of HIPAA, ISO 27001, SOC 2, NIST CSF, and relevant medical device standards
• Experience implementing and managing incident response, access controls, and separation of duties
• Hands-on experience with vulnerability management, incident response, and security operations
• Hands-on knowledge of Google Workspace, AWS, and enterprise MDM or endpoint security tools
• Strong communication, documentation, and cross-functional collaboration skills

YOU MAY THRIVE IN THIS ROLE IF:

• Experience in a regulated industry (medical devices, pharma, digital health, etc.)
• You’re familiar with frameworks such as IEC 62304, ISO 14971, and FDA cybersecurity guidance, and hold certifications like CISSP, CISM, or ITIL that reflect your expertise in both information security and IT governance.
• You’ve led internal IT audits, managed access controls, and built scalable IT processes to support growing teams.

BENEFITS:

• Medical, dental, vision, life, and disability insurance
• "Take as much time as you need" policy
• Simple IRA plan with employer matching
• Company sponsored events and lunches
• Stipend for professional development
• Opportunity to be part of a dedicated and driven team that is here to disrupt and revolutionize wireless monitoring