CrawlJobs Logo

Head of Security and Compliance

eightsleep.com Logo

Eight Sleep

Location Icon

Location:
United States

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Head of Security and Compliance will be responsible for building and leading Eight Sleep’s security strategy across physical, digital, and operational domains. This leader will ensure the confidentiality, integrity, and availability of our data, systems, and devices, while also protecting our employees and customers. This is a highly cross-functional role requiring collaboration with engineering, product, legal, operations, and executive leadership.

Job Responsibility:

  • Oversight and implementation, operation and monitoring of information security tools and processes in customer production environments
  • Responsible for conducting IT risk assessments, documenting identified threats and maintaining risk register
  • Communicates information security risks to executive leadership
  • Reports information security risks annually to Eight Sleep leadership and gains approvals to bring risks to acceptable levels
  • Define and own Eight Sleep’s end-to-end security strategy across cloud, product, corporate, and customer environments
  • Serve as the primary security advisor to the executive team—translating risk into clear business decisions and helping set the company’s security posture and risk tolerance
  • Build and scale Eight Sleep’s security program, including roadmap, processes, metrics, and future team structure
  • Oversee security architecture and practices for software, cloud infrastructure, connected devices (IoT), and data storage
  • Ensure compliance with security frameworks (e.g., SOC 2, GDPR, HIPAA)
  • Lead vulnerability management, threat detection, and incident response
  • Develop protocols for access management, disaster recovery, and crisis response
  • Partner with engineering and product teams to embed security-by-design into all Eight Sleep products
  • Guide threat modeling for cloud services, mobile apps, and hardware/firmware components
  • Implement privacy and security controls that protect customer data and build trust
  • Conduct penetration tests, risk assessments, and security audits
  • Lead Eight Sleep’s compliance programs (e.g., SOC 2, GDPR) and partner with legal on privacy obligations
  • Establish policies, training programs, and awareness initiatives across the organization
  • Lead third-party risk management and vendor security reviews
  • Stay ahead of evolving global regulations around data privacy and security

Requirements:

  • 8-10+ years of experience in security engineering, with deep expertise in mobile app security, IoT device security, or cloud infrastructure security
  • Proven expertise in cybersecurity, cloud infrastructure security (AWS), IoT device security, and corporate risk management
  • Experience in consumer technology, health tech, or regulated industries is highly desirable
  • Strong knowledge of compliance standards (SOC 2, ISO 27001, HIPAA, GDPR, etc.)
  • Excellent communication and stakeholder management skills
  • Ability to balance risk with business agility in a fast-paced startup environment

Nice to have:

  • Knowledge of embedded or firmware security, secure boot processes, firmware signing, or hardware supply chain security
  • Experience with wireless communication protocols (Bluetooth, Wi-Fi) and their security implications
  • Familiarity with data observability, automated testing frameworks, or security instrumentation for IoT systems
  • Ability to lead or review low-level security considerations in constrained environments (embedded systems, microcontrollers), even if not your primary specialty
  • Experience scaling a security function from early-stage foundations to a mature, metrics-driven program
What we offer:
  • Equity participation
  • Periodic equity refreshments based on performance
  • Every Eight Sleep employee receives a Pod

Additional Information:

Job Posted:
February 21, 2026

Employment Type:
Fulltime
Icon
Eight Sleep - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Head of Security and Compliance

Head of Security

We are looking for a hands-on security generalist to build Metronome's security ...
Location
Location
United States , New York City; San Francisco Bay Area
Salary
Salary:
196800.00 - 246000.00 USD / Year
metronome.com Logo
Metronome
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5+ years of experience in security engineering, with a strong software engineering background before
  • Hands-on experience with SOC 2 audits, compliance frameworks, and customer security assurance
  • Deep understanding of cloud security, modern security architectures and tooling
  • Track record of building relationships with engineering teams and being seen as an enabler
  • Excellent communication skills with experience presenting to customers and executives
  • Self-starter who can work independently and manage multiple security initiatives
Job Responsibility
Job Responsibility
  • Take ownership of Metronome's entire security posture, handling everything from vulnerability management to policy updates
  • Coordinate penetration testing, security assessments, and incident response as the primary security point person
  • Manage security tooling, monitoring, and the day-to-day security work
  • Balance multiple security initiatives and priorities across the organization
  • Own all customer-facing security work: questionnaires, compliance calls, security reviews, and technical due diligence
  • Manage SOC 1 & SOC 2 audits end-to-end and expand compliance framework as customer requirements grow
  • Serve as the definitive security voice for sales calls, customer meetings, and enterprise security discussions
  • Transform our customer assurance process from shared ownership to dedicated, streamlined execution
  • Partner with our engineering team to maintain security excellence while minimizing development friction
  • Review security architecture decisions and provide security guidance that accelerates rather than blocks development
What we offer
What we offer
  • Excellent medical, dental, vision, and life insurance coverage, including a One Medical membership
  • Paid parental leave
  • FSA (Flexible spending account)
  • Retirement planning - Traditional and ROTH 401(k)
  • Flexible time off
  • Employee assistance program (mental health benefits)
  • Culture where personal growth is highly valued
  • Market-benched equity
  • Sales incentive pay (for eligible roles)
  • Fulltime
Read More
Arrow Right

Head of Corporate Security

We're hiring a Head of Corporate Security to join the Atlassian Security Organiz...
Location
Location
United States , San Francisco
Salary
Salary:
209300.00 - 336200.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 10 years experience in Security Leadership roles as a direct manager
  • Experience in planning and driving direction autonomously - both as a hands-on security engineer, and as a manager
  • Maintain an area of core strength in one or more security infrastructure disciplines where you can lead through your expertise
  • Understanding for regulatory requirements and controls such as GDPR, SOX, SOC 2, FedRAMP etc.
  • Experience with security infrastructure, networking, and IT teams and ability to scale a team working across a suite of products
  • Track-record in working effectively with scaled systems and different methods for maintaining a security posture
  • Experience with Third-party Risk Management (TPRM), with an emphasis on vendor security assessments
  • Comfort in the level and speed of learning and ambiguity needed to navigate fast-evolving fields like AI
  • Experience working with both business and Development/Engineering individuals at all levels including the executive level
Job Responsibility
Job Responsibility
  • Collaborate with cross functional teams to define various security controls and translate them for engineering implementation for the Atlassian corporate environment
  • Collaborate with senior technical leadership across Atlassian infrastructure and IT teams to provide technical leadership to maintain compliance and adhere to different regulatory requirements
  • Define policies and controls for endpoints used for development such as laptops and remote development environments
  • Define policies and controls related to financial and HR data
  • Ensure security of corporate system hosting environments
  • Promote automation and drive our corporate teams to use the latest security tools, techniques and methodologies to build secure products by default
  • Identify delivery risks across the company and products and ensure they are managed
  • Escalate delivery risks and issues to make them visible and minimize their impact
  • Define and collaborate on policy, standards, and risk management with the greater Compliance organization
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Head of Security

OpenSea is the gateway to web3’s next chapter—where NFTs, fungible tokens, and e...
Location
Location
United States
Salary
Salary:
270000.00 - 350000.00 USD / Year
opensea.io Logo
OpenSea
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years in security, with experience at a crypto company that ships quickly
  • Practical knowledge of blockchain security and crypto-specific attack vectors
  • Deep expertise operating in a cloud-hosted environment (AWS preferred)
  • Experience developing and implementing large-scale security strategies in a software company
  • Expertise in risk management, incident response, and security governance within the crypto space
  • Proven ability to communicate effectively with both technical and executive stakeholders
  • Passion for improving crypto security combined with a methodical approach to solving complex security challenges
  • High ownership mentality
  • AI-forward mindset with hands-on experience adopting and integrating AI tools
Job Responsibility
Job Responsibility
  • Take hands-on ownership of all aspects of security at OpenSea including threat detection/response, infra, application & organizational security
  • Establish robust risk management processes, conducting regular assessments to identify vulnerabilities and implement mitigation strategies
  • Lead incident response and crisis management efforts, ensuring the organization can respond effectively to security threats
  • Foster a security-first culture through awareness programs and by engaging with stakeholders across all functions
  • Oversee security compliance initiatives and align with relevant industry standards while enabling our startup agility
  • Collaborate with executive leadership to ensure security initiatives support OpenSea's business goals
What we offer
What we offer
  • Health Benefits: We cover 100% Dental/Vision/Medical for employees and 90% for dependents
  • Flexible Time Off Policy
  • Parental Leave: 16 Weeks of Paid Parental Bonding & up to 8 additional weeks for the birthing parent
  • Mental Health: We offer access to Spring Health, covering 8 therapy & 8 coaching sessions per year
  • 11 Company Holidays
  • Fidelity 401K Plan
  • Internet/Mobile Reimbursement Plan
  • Reimbursement or Monthly Snack Delivery
  • Company & Team retreats
  • Team Member Co-Working and Gathering Expense
  • Fulltime
Read More
Arrow Right

Head of Cloud Compliance

Atlassian is seeking a dynamic and experienced leader for the position of Head o...
Location
Location
United States , San Francisco
Salary
Salary:
165800.00 - 266400.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 20+ years of experience in risk management, compliance management, cloud compliance, product compliance and relevant domain
  • 10+ years of experience as a people manager
  • Strong knowledge of compliance management frameworks, methodologies, and regulatory requirements
  • Proven ability to lead and inspire teams, drive cultural change, and influence stakeholders at all levels
  • Excellent analytical, problem-solving, and decision-making skills
  • Outstanding communication and presentation skills, with the ability to articulate complex risk concepts clearly and concisely
Job Responsibility
Job Responsibility
  • Develop and implement a comprehensive cloud compliance strategy that addresses both commercial and federal requirements
  • Lead the cloud compliance function, ensuring alignment with organizational goals and regulatory obligations
  • Ensure compliance with relevant federal regulations (e.g., FedRAMP, FISMA) and commercial standards (e.g., ISO 27001, SOC 2)
  • Stay informed about changes in cloud compliance regulations and assess their impact on the organization
  • Develop and maintain robust cloud compliance frameworks and controls to ensure secure and compliant cloud operations
  • Implement automated solutions for continuous monitoring and reporting of cloud compliance status
  • Identify, assess, and mitigate cloud-related compliance risks in collaboration with risk management teams
  • Develop metrics and dashboards to provide insights into cloud compliance status and risk posture
  • Work closely with IT, security, legal, and business units to integrate compliance requirements into cloud strategies and operations
  • Lead cross-functional teams to address complex compliance challenges and ensure cohesive strategies
What we offer
What we offer
  • health coverage
  • paid volunteer days
  • wellness resources
  • Fulltime
Read More
Arrow Right

Head of Cyber Security Operations Process Strategy and Optimization

The Cyber Security Operations (CSO) organization is seeking a highly motivated a...
Location
Location
Ireland , Dublin
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of professional experience in cybersecurity, technology risk management, or a related field
  • Extensive experience in Cyber Security Operations is highly preferred
  • Proven track record of leading large-scale business process re-engineering, process design, and optimization initiatives with measurable results
  • Demonstrated expertise in developing service maps, process documentation, and workflows using technologies such as Visio, JIRA, and other workflow management tools
  • Strong knowledge of continuous improvement models (e.g., Six Sigma, Lean) and their practical application in a technology or security environment
  • Experience in identifying and implementing automation and AI solutions, with a firm understanding of best practices and their impact on operational efficiency
  • Exceptional ability to identify financial and efficiency opportunities within complex operational processes
  • Proven leadership skills with the ability to influence and partner with senior stakeholders across a global organization
  • Excellent communication, presentation, and negotiation skills, with the ability to articulate complex concepts to both technical and non-technical audiences
Job Responsibility
Job Responsibility
  • Act as a direct transformation partner to CSO operational teams, driving a strategic agenda focused on operational excellence, efficiency, and scalability
  • Lead the identification, design, and execution of high-impact opportunities for process re-engineering
  • Develop, maintain, and govern a comprehensive inventory of all CSO Services, their supporting processes, and their interrelationships
  • Define, monitor, and report on strategic metrics for both operational performance and risk posture
  • Serve as the central hub for identifying, vetting, and prioritizing AI and automation candidates
  • Champion and embed methodologies like Six Sigma to foster a culture of operational excellence
  • Build and maintain strong relationships with senior leaders and operational teams across CSO
  • Appropriately assess risk when business decisions are made
  • Drive compliance with applicable laws, rules, and regulations
  • Lead business process re-engineering and operational excellence efforts
What we offer
What we offer
  • Competitive base salary, annually reviewed
  • Hybrid working model
  • Business casual workplace
  • Additional benefits to support well-being, growth, and work-life balance
  • Fulltime
Read More
Arrow Right

Security Strategy and Risk Management Head of Department

The Security Strategy and Risk Management Head of Department is a senior leaders...
Location
Location
United States , Irvine
Salary
Salary:
181240.00 - 259160.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15–20 years of progressive experience across Information Security, GRC/Risk Management, customer/vendor security management and/or strategic operations
  • Bachelor’s degree in Cybersecurity, Information Technology, Risk Management, Business Administration or a related discipline
  • Excellent stakeholder management, communication, and leadership skills
  • Demonstrated experience working across multi-disciplinary teams to achieve common objectives
  • Proficient in English for effective communication and coordination
Job Responsibility
Job Responsibility
  • Lead enterprise-wide risk assessment, risk issue management, and risk exception management
  • Maintain and enhance risk management frameworks aligned with industry best practices
  • Deliver insightful, data-driven risk reporting to senior leadership
  • Oversee the Information Security compliance and control assurance program
  • Lead coordination of internal and external audits, assessments, and certification processes
  • Lead the Third-Party Risk Management (TPRM) program
  • Oversee creation, governance, maintenance, and communication of Information Security policies, standards, and procedures
  • Direct the Information Security Training and Awareness program
  • Partner with the CISO to define and maintain the Information Security strategic roadmap
  • Lead budget planning, forecasting, tracking, and optimization for the full Information Security organization
  • Fulltime
Read More
Arrow Right

Head of Engineering - Information Protection

We are seeking an inspiring and strategic Engineering Leader to join our Informa...
Location
Location
India
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 12+ years of experience in building and scaling engineering teams with a focus on engineering strategy, infrastructure planning, and architecture
  • Demonstrated experience in developing influential relationships and trust with senior leaders across different functions
  • Proven experience hiring and mentoring high-caliber engineers with diverse technical strengths and backgrounds
  • Strong product sense with an understanding of product drivers and of how to drive value across customers
  • Exceptional communication skills, with the ability to translate technical concepts into easy-to-understand language for business partners
  • High-energy self-starter with a passion for data and enjoy working in a fast-paced environment
  • You will have strong empathy and a bias for action
  • A graduate degree in Computer Science or a related technical field
Job Responsibility
Job Responsibility
  • Lead and manage multiple engineering teams within our India based engineering organization, focused on building and scaling Information protection applications, delivering on ambitious multi-quarter roadmaps
  • Define and execute technical and product strategies aligned with Atlassian’s vision for enterprise security, data protection, and compliance
  • Foster an inclusive environment where diverse perspectives are welcomed and innovation is encouraged
  • Collaborate closely with product management, design, and global engineering leaders to deliver high-impact features and seamless customer experiences
  • Drive technical excellence, operational rigor, and continuous improvement across teams
  • Recruit, mentor, and develop top engineering talent
  • build strong succession pipelines and support career growth
  • Champion developer productivity, quality, and operational metrics
  • Partner with local and global leaders to strengthen Atlassian’s brand, talent acquisition, and retention in India
What we offer
What we offer
  • Health and wellbeing resources
  • Paid volunteer days
Read More
Arrow Right
New

Head of Security

Sentry’s users trust us to develop, ship, and operate a secure open-source produ...
Location
Location
United States , San Francisco
Salary
Salary:
260000.00 - 350000.00 USD / Year
sentry.io Logo
Sentry
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep understanding of modern security domains with expertise in at least two of: application/product security, infrastructure security, corporate/IT security
  • 10+ years relevant experience, including 5+ years in security-focused roles and prior management experience
  • Strong technical background (CS degree or equivalent software engineering experience)
  • Proven experience building and managing security programs (bug bounty, pen testing, red teaming, secure SDLC, training)
  • Demonstrated success in SaaS security (multi-tenant architecture, cloud controls, customer-facing assurances)
  • Extensive collaboration with IT & Compliance on identity/access management, endpoint posture, and policy
  • Experience working directly with auditors (e.g., SOC 2/Type II, ISO 27001) including evidence collection, remediation planning, and closing findings
  • Self-motivated owner who can both set strategy with leadership and execute through roadmaps, metrics, and teams
Job Responsibility
Job Responsibility
  • Ensure security for our SaaS platform—establish and operate the controls, guardrails, and monitoring required for a modern, high-scale, multi-tenant cloud service
  • Partner deeply with IT & Compliance on identity and access, endpoint/security baselines, vendor risk, policy, and audits
  • drive secure-by-default corporate foundations
  • Collaborate with executive leadership to fine-tune and evolve Sentry’s security strategy, set multi-year roadmaps, and communicate risks, tradeoffs, and outcomes
  • Build application and product security programs with support from the CTO and IT/Compliance orgs, including managing external parties for penetration tests and bug bounty programs
  • Prioritize automation and tooling over manual process
  • measure outcomes and continuously reduce risk and toil
  • Partner with Recruiting to build a world-class security team across AppSec, ProdSec, and GRC capabilities
  • Influence product roadmaps and customer-facing security features (e.g., MFA, session audit tooling, data controls)
  • Explore future security-adjacent product opportunities where Sentry can add value to developers and security teams
What we offer
What we offer
  • Offers Equity
  • incentive compensation
  • equity grants
  • paid time off
  • group health insurance coverage
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy