OpenLoop · 8 hours ago
Senior Staff, Incident Response Manager
United States
Full-time
Remote
Senior Level, Lead/Staff
10+ years expOpenLoop is a tele-health support solutions company dedicated to streamlining care delivery. They are seeking a Senior Staff Incident Response Manager to lead the organization's Security Incident Response strategy, manage incidents across various teams, and improve incident response processes.
Health CareIT InfrastructureMedicalService IndustryTelehealth
Responsibilities
Provide leadership and strategy over OpenLoop’s incident response program, including but not limited to overseeing detection, containment, eradication, and recovery from breaches
Serve as the central authority and decision-maker during active security incidents, communicating and directing across all teams / stakeholders, such as IT, security operations, engineering, legal, compliance, etc
Act as the primary liaison with executive stakeholders during major incidents and engage external partners as needed (e.g., forensic firms, cyber insurance, law enforcement)
Create correlation strategies to detect and alert on security events and incidents
Oversee monitoring, triage, and analysis of security alerts to identify potential incidents
Direct threat analysis to determine scope, severity, root cause, and business impact, ensuring accurate classifications and prioritization of incidents based on risk and regulatory impact
Coordinate and direct rapid containment actions to minimize damage and data loss, including leading all recovery efforts to restore systems, validate security controls, and return to normal operations
Oversee eradication of threats, vulnerabilities, and attacker persistence mechanisms
Manage all communication, internal and external including executive briefings
Define, maintain, and continuously improve incident response policies, playbooks, and procedures, ensuring timely and accurate documentation of incident timelines, actions, and outcomes
Support regulatory notifications and customer communications when required
Lead post-incident reviews, root cause analyses, and lessons-learned sessions
Drive remediation plans and long-term security improvements, supporting the growth of the organization, and evolving policies and procedures as the organization and its teams mature
Track trends, metrics, and key performance indicators to improve incident response maturity
Support hiring, development, and readiness of incident response teams as the function scales
Conduct tabletop exercises, simulations, and readiness testing
Ensure on-call coverage, escalation paths, and incident response readiness
Partner with Information Security Executive Leadership, to prepare and deliver executive-level and Board-level incident reports, translating technical findings into business, legal, and reputational risk terms
Ensure incident response processes meet regulatory, contractual, and audit requirements
Maintain evidence handling, chain of custody, and forensic integrity standards
Contribute to enterprise risk management and security governance initiatives
Other duties as assigned
Qualification
Required
Bachelor's degree in Computer Science, Cybersecurity, Information Security, or Information Technology, or a related field
10+ years extensive hands-on experience leading end-to-end cybersecurity incident response, including investigation, containment, eradication, and recovery in regulated environments
Strong understanding of healthcare security and privacy requirements (e.g., HIPAA, HITECH), with experience assessing and responding to incidents involving sensitive health data
Understanding of security frameworks and accreditation requirements such as NIST CSF, SOC2, FedRAMP, etc
Extensive years of working experience using frameworks such as NIST 800-61, SANS 504-B, or ISO/IEC 27035 to guide the response lifecycle
Demonstrated leadership experience operating autonomously as the sole or primary incident responder, making sound technical and risk-based decisions with minimal oversight
Proven ability to apply lean methodologies in alignment with IS best practices within a fast-moving / startup organization
Hands-on technical proficiency with cloud platforms, SaaS environments, SIEM, EDR, and log analysis tools commonly used in modern healthcare tech stacks
Proven experience communicating incident status, business impact, and regulatory considerations clearly to executive leadership and Board-level stakeholders
Strong documentation, evidence handling, and post-incident review skills, with a focus on compliance, audit readiness, and continuous improvement
Lead and be responsible for the creation, and evolution of OLH incident response processes, playbooks, and tooling, at times in environments with limited resources and developing security functions
Benefits
Medical, Dental, and Vision plans
Flexible Spending/Health Savings Accounts
Flexible PTO
401(k) + Company Match
Life Insurance, Pet insurance, and more
Company
OpenLoop
OpenLoop is the nation’s top white-label digital health infrastructure provider, powering virtual care delivery for healthcare organizations, employers, retailers, and consumer brands.
201-500 employees
Funding
Current Stage
Growth StageTotal Funding
$26.62MKey Investors
Nava VenturesSpringTide VenturesTechstars
2023-03-15Series A· $15M
2022-03-15Series A· $8M
2021-04-14Seed· $3M
Leadership Team
Jon Lensing
Co-Founder, CEO
Christian Williams
Co-Founder, President, COO
Recent News
Research and Markets
2025-06-21
2025-05-06
Company data provided by crunchbase