• Serve as the Security Lead and Subject Matter Expert (SME) for all environments, including cloud infrastructure, and on-premises systems. • Continuously assess and evolve the organization’s security posture—driving program maturity through strategic assessments, road mapping, stakeholder alignment, and project execution. • Monitor the external threat landscape to identify emerging attack vectors, vulnerabilities, and adversary tactics—translating threat intelligence into actionable insights that inform security strategy, initiatives and controls. • Ensure security practices and controls align with regulatory requirements, including FDA and HIPAA, and fulfill the requirements and obligations of the HIPAA security officer. • Support commercial functions by responding to customer cybersecurity due diligence questionnaires and security assessments—articulating Outset’s security posture, controls, and compliance practices directly to Customers. • Lead the vendor security risk assessment process—evaluating third-party partners for compliance with Outset’s security standards, identifying potential risks, and ensuring appropriate controls are in place. • Conduct technical evaluations of system architecture with a focus on security design and compliance, leveraging frameworks such as NIST CSF and NIST SP 800-53. • Provide strategic leadership in identifying, assessing, and mitigating information security risks; ensure alignment with internal policies and external standards. • Monitor emerging threats and lead the organization’s response to security incidents, serving as the primary control point and convening the Incident Response Team to investigate, contain, and resolve events. • Develop, maintain, and enforce enterprise cybersecurity policies, standards, and procedures, ensuring alignment with regulatory requirements, industry frameworks, and organizational risk tolerance. • Influence technology and architecture decisions as a key member of the IT leadership team.

• Develop and execute a multi-year roadmap for offensive security, including red teaming, penetration testing, bug bounty, and vulnerability research. • Design and lead full-scope red team engagements that simulate Advanced Persistent Threats (APTs) to test detection and response capabilities. • Oversee the end-to-end lifecycle of offensive engagements, from initial scoping and Rules of Engagement (RoE) to final reporting. • Facilitate collaborative "Purple Team" exercises with Detection and Response (TDR) to improve detection logic and incident response playbooks. • Translate complex technical findings into actionable business risk assessments for C-suite executives and Board members. • Recruit, retain, and develop a high-performing team of offensive security engineers, providing technical guidance and career coaching. • Partner with vulnerability management, product, and engineering to ensure that findings from offensive tests are prioritized and remediated effectively. • Oversee the development of custom scripts, payloads, and C2 (Command and Control) frameworks to enhance the team’s stealth and efficiency. • Conduct specialized threat modeling for AI-native applications, focusing on the OWASP Top 10 for LLMs and MITRE ATLAS (Adversarial Threat Landscape for AI Systems). • Design and execute manual and automated Prompt Injection & Jailbreaking to bypass model guardrails, system prompts, and safety filters. • Ensure all offensive activities align with legal, ethical, and regulatory standards (e.g., GDPR, SOC2, PCI-DSS). • Incorporate current Cyber Threat Intelligence (CTI) into attack scenarios to ensure they reflect the latest real-world TTPs (Tactics, Techniques, and Procedures). • Manage relationships and quality control for external security consultancy firms performing third-party penetration tests. • Encourage and lead research into emerging technologies to identify future attack vectors. • Work closely with Product and Engineering teams to bake security into the Software Development Life Cycle (SDLC) through testing and assessments.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description As a Senior Manager of IT and Security at Bird, you will lead and build out world-class cross-disciplinary staff to manage, conceive, and design innovative IT systems. You will manage budgets, personnel, and guide architectural decisions. You will be working in a cross-functional setting across the organization. - Lead high-performing IT team through recruitment, training, mentoring, and leadership. - Develop and execute a comprehensive IT strategy aligned with business objectives. - Provide visionary leadership, fostering innovation and continuous improvement. - Support and manage vendors through security audits required for PCI, SOC2, and/or ISO27001, and SOX. - Collaborate with cross-functional teams to identify business needs and opportunities. - Establish and enforce infosec policies, procedures, and best practices. - Assess, manage, and mitigate security risks; swiftly resolve incidents. - Conduct security audits to ensure compliance with regulations and standards. - Oversee IT infrastructure, ensuring scalability, availability, and performance. - Manage vendor relationships, negotiate tech contracts. - Support team growth and development; promote collaborative and inclusive culture. Qualifications - 7+ years of relevant experience in managing IT related teams. - Excellent understanding of IT systems, Okta, Gsuite, JAMF, and related tools. - A high learning agility and an interest in working in a start-up development environment. Requirements - Project management experience. - Proficiency in designing, implementing, and managing physical security systems, including access control, surveillance, intrusion detection, and alarm systems. - Ability to integrate physical security systems with IT networks, ensuring seamless communication and data sharing. - Understanding of crisis operations, risk management, and crisis communication best practices. - Experience in conducting basic investigations / fact finding. - Experience with the collection and analysis of threat intelligence. Benefits - Plenty of time off to relax and recharge, plus a wellness resource to help you wind down. - A work-from-home stipend. - An employer-paid healthcare package. - Bird ride credits to get you where you need to be! Company Description Bird is a global leader in micromobility, dedicated to shaping the future of urban movement. Our cleaner, affordable, and on-demand mobility solutions are available in over 200 cities worldwide. - We take a collaborative, community-first approach to micromobility. - Bird partners closely with the cities in which it operates, leveraging our experience and safety-first technology. - Our award-winning electric vehicles have empowered more than eighty-seven million rides in cities around the world.

• Provides engineering leadership in support of Copeland’s Global IT Enterprise networks and infrastructure technologies. • Plan, designs, and implements network infrastructure technologies specific to Cloud Networking Infrastructure and Network Security services. • Supports Cloud and infrastructure operations as a Level II/III technical resource and provides technical leadership and mentoring to the operations group. • Researches and evaluates emerging network and communication technology. • Functions as a trusted advisor to the leadership of the various Copeland Business units globally. • Provides leadership and technical guidance as an SME for the Enterprise IT communications. • Works with Security and Cloud Infrastructure groups as an SME for Enterprise IT Communications.