IT Security Manager

IT Security Manager

Location: Bay Area, USA
On-site: Palo Alto

Position Type: Full-Time

Help us translate breakthrough neuro-nanotechnology into life-changing products.

About Subsense

Subsense is a deep-tech company developing the world’s first non-surgical, bidirectional brain-computer interface powered by plasmonic and magnetoelectric nanoparticles. Our mission is to unlock direct communication between the human brain and AI — starting with medical applications such as stroke recovery and moving toward cognitive enhancement for healthy users. Headquartered in Palo Alto, Subsense brings together leading scientists and engineers to redefine the future of human–machine interaction.

The Opportunity

We are seeking an experienced and proactive IT Security Manager to build and lead the security foundation that protects Subsense’s people, data, research, and systems. This role is responsible for designing and operationalizing our security infrastructure from the ground up, ensuring that all environments — corporate, cloud, and laboratory — are secure, compliant, and resilient.

You will partner closely with the Operations team to implement best-in-class security practices aligned with the sensitivity of our scientific work and long-term product roadmap. This position is ideal for someone who thrives in early-stage environments, combines strategic security leadership with hands-on implementation, and can scale systems and processes as the company grows.

Key Responsibilities

  • Design, implement, and maintain foundational IT security systems, including identity and access management, endpoint protection, secure networking, vulnerability scanning, and logging/monitoring.
  • Develop and enforce access protocols for cloud systems, lab equipment, AI tools, research data, and corporate systems; ensure least-privilege principles and secure provisioning/deprovisioning.
  • Assess requirements for biotech, R&D, and enterprise compliance frameworks (SOC 2, ISO 27001, HIPAA, FDA/GLP-adjacent expectations). Build documentation and begin phased rollout.
  • Establish a formal incident response plan, define escalation pathways, and run tabletop exercises to validate readiness and resilience.
  • Evaluate security posture across SaaS, cloud providers, university partners, and R&D tools. Maintain an up-to-date risk register with remediation plans.
  • Deploy security training and ongoing reminders tailored to a hybrid scientific and corporate environment.
  • Work closely with R&D, Operations, and Product to ensure security is part of workflows, cloud systems, and device management.
  • Provide structured plans, metrics, and updates to the CEO and leadership team around major risks, system maturity, and security investments.

What You Bring

Must-have experience

  • 5+ years of experience in IT security, cybersecurity engineering, or security operations.
  • Ability to design and run security programs in early-stage or high-growth technical environments.
  • Experience securing cloud infrastructure (AWS, GCP, or Azure) and modern SaaS environments.
  • Strong understanding of identity and access management, endpoint security, and secure networking.
  • Proven ability to implement security controls that balance risk reduction, usability, and speed.
  • Experience building documentation for audits and compliance frameworks (SOC 2, ISO 27001, or similar).
  • Skilled in incident response, root-cause analysis, and risk assessment.
  • Excellent communication skills, with the ability to partner across scientific, engineering, and business teams.
  • Startup mindset – adaptable, resourceful, hands-on, and highly execution-focused.
  • Fluent in written and spoken English.

Critical competencies
Security architecture and systems design · Risk assessment and mitigation · Identity and access management · Incident response leadership · Cloud and SaaS security expertise · Operational rigor and follow-through · Cross-functional collaboration · Executive communication · Vendor and third-party security evaluation · Policy creation and documentation · Prioritization under ambiguity · High-growth and startup mindset

Why Subsense

  • Mission with massive impact – Help invent and deliver a first-in-class neuromodulation platform
  • Ownership – Shape strategy, team, and culture from an early stage
  • World-class advisors & investors – Work with leading neuroscientists, clinicians, and deep-tech VCs
  • Speed & autonomy – Small, senior team shipping on three-month sprint cycles
  • Competitive package – Market-aligned salary, meaningful equity and generous benefits

Subsense is an equal-opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

apply now

Max file size 10MB.
© Subsense 2024-2025
Subsense products are not authorized, cleared, or approved by the FDA for marketing in the US Performance claims have not yet been evaluated by the FDA.