• Serve as the Security Lead and Subject Matter Expert (SME) for all environments, including cloud infrastructure, and on-premises systems. • Continuously assess and evolve the organization’s security posture—driving program maturity through strategic assessments, road mapping, stakeholder alignment, and project execution. • Monitor the external threat landscape to identify emerging attack vectors, vulnerabilities, and adversary tactics—translating threat intelligence into actionable insights that inform security strategy, initiatives and controls. • Ensure security practices and controls align with regulatory requirements, including FDA and HIPAA, and fulfill the requirements and obligations of the HIPAA security officer. • Support commercial functions by responding to customer cybersecurity due diligence questionnaires and security assessments—articulating Outset’s security posture, controls, and compliance practices directly to Customers. • Lead the vendor security risk assessment process—evaluating third-party partners for compliance with Outset’s security standards, identifying potential risks, and ensuring appropriate controls are in place. • Conduct technical evaluations of system architecture with a focus on security design and compliance, leveraging frameworks such as NIST CSF and NIST SP 800-53. • Provide strategic leadership in identifying, assessing, and mitigating information security risks; ensure alignment with internal policies and external standards. • Monitor emerging threats and lead the organization’s response to security incidents, serving as the primary control point and convening the Incident Response Team to investigate, contain, and resolve events. • Develop, maintain, and enforce enterprise cybersecurity policies, standards, and procedures, ensuring alignment with regulatory requirements, industry frameworks, and organizational risk tolerance. • Influence technology and architecture decisions as a key member of the IT leadership team.