Apply on Employer Site

Eight Sleep · 1 month ago

Head of Security

United States

Full-time

Remote

Director/Executive

8+ years exp

Eight Sleep is a pioneering company focused on enhancing human potential through optimal sleep. The Head of Security and Compliance will lead the company's security strategy, ensuring the protection of data, systems, and devices while collaborating across various departments to maintain compliance and build customer trust.

Consumer Electronics

Growth Opportunities

H1B Sponsor Likely

Responsibilities

Define and own Eight Sleep’s end-to-end security strategy across cloud, product, corporate, and customer environments

Serve as the primary security advisor to the executive team—translating risk into clear business decisions and helping set the company’s security posture and risk tolerance

Build and scale Eight Sleep’s security program, including roadmap, processes, metrics, and future team structure

Oversee security architecture and practices for software, cloud infrastructure, connected devices (IoT), and data storage

Ensure compliance with security frameworks (e.g., SOC 2, GDPR, HIPAA)

Lead vulnerability management, threat detection, and incident response

Develop protocols for access management, disaster recovery, and crisis response

Partner with engineering and product teams to embed security-by-design into all Eight Sleep products

Guide threat modeling for cloud services, mobile apps, and hardware/firmware components

Implement privacy and security controls that protect customer data and build trust

Conduct penetration tests, risk assessments, and security audits

Lead Eight Sleep’s compliance programs (e.g., SOC 2, GDPR) and partner with legal on privacy obligations

Establish policies, training programs, and awareness initiatives across the organization

Lead third-party risk management and vendor security reviews

Stay ahead of evolving global regulations around data privacy and security

Qualification

Security strategyCybersecurity expertiseCompliance standardsCloud infrastructure securityIoT device securityRisk managementStakeholder managementCommunicationTeam leadershipProblem-solving

Required

8-10+ years of experience in security engineering, with deep expertise in mobile app security, IoT device security, or cloud infrastructure security

Proven expertise in cybersecurity, cloud infrastructure security (AWS), IoT device security, and corporate risk management

Strong knowledge of compliance standards (SOC 2, ISO 27001, HIPAA, GDPR, etc.)

Excellent communication and stakeholder management skills

Ability to balance risk with business agility in a fast-paced startup environment

Preferred

Experience in consumer technology, health tech, or regulated industries is highly desirable

Knowledge of embedded or firmware security, secure boot processes, firmware signing, or hardware supply chain security

Experience with wireless communication protocols (Bluetooth, Wi-Fi) and their security implications

Familiarity with data observability, automated testing frameworks, or security instrumentation for IoT systems

Ability to lead or review low-level security considerations in constrained environments (embedded systems, microcontrollers), even if not your primary specialty

Experience scaling a security function from early-stage foundations to a mature, metrics-driven program

Benefits

Every Eight Sleep employee receives the very product that defines our mission: a Pod of their own.

Equity participation to every full-time team member, recognizing and rewarding your direct contributions to our success.

Periodic equity refreshments based on performance.

Company

Eight Sleep

Eight Sleep is the world’s first sleep fitness company. Our mission is to fuel human potential through optimal sleep.

Founded in 2014

New York, NY, US

51-200 employees

https://eightsleep.com

H1B Sponsorship

Eight Sleep has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (1)

2024 (2)