Sr Director, Cyber Security Operations / Deputy CISO (Hybrid - Acton, MA)

Job Summary

The Sr. Director, Enterprise Cyber Security / Deputy CISO is a key leadership role shaping the future of Insulet’s global security program.

Reporting to the CISO, you’ll guide enterprise‑wide security strategy—from team leadership and budgeting to protocols and incident response—while advancing a modern, comprehensive information security and privacy framework.

This is an exciting opportunity to ensure our cyber, product, patient, and corporate asset security programs are tightly aligned with Insulet’s business goals and growing global footprint.

Position Overview:
The Sr. Director, Enterprise Cyber Security / Deputy CISO oversees enterprise security measures throughout the organization. This senior-level position will participate in strategic oversight of every aspect of security - from staffing and budgets to protocols and incident response. Reporting to the CISO you will continue to develop and deliver a comprehensive information security and privacy program for Insulet Corporation global operations. Additionally, you will be responsible for ensuring the information/cyber security program is aligned with both IT and Corporate risk and business objectives with a focus on product, patient and corporate asset security.

Responsibilities:

• Lead and mature global cybersecurity operations across corporate, product, manufacturing, patient, and clinical environments.

• Serve as Deputy CISO, supporting the CISO in executive, regulatory, audit, customer, and operational engagements.

• Partner with the CISO, CIO, and business leaders to align cybersecurity strategy, investments, and priorities to enterprise risk and business objectives.

• Oversee security monitoring, threat detection, incident response, vulnerability management, threat intelligence, and remediation activities.

• Lead cyber investigations, crisis response, and incident recovery efforts with clear executive communication and recommended actions.

• Manage relationships with managed security service providers and ensure continuous monitoring of enterprise assets, threats, vulnerabilities, and events.

• Partner with Product Security, R&D, Quality, and Regulatory teams to support secure medical device development, threat modeling, risk analysis, testing, and post-market cybersecurity activities.

• Support cybersecurity alignment with applicable frameworks and regulatory expectations, including FDA guidance, NIST CSF, ISO 27001, CIS Controls, and healthcare security standards.

• Lead cybersecurity governance, policies, standards, procedures, and controls that support business growth and operational resilience.

• Drive modernization of security capabilities across cloud, identity, endpoint, network, infrastructure, OT, and manufacturing environments.

• Partner with IT, Legal, Privacy, Compliance, Internal Audit, and business stakeholders to manage cyber risk and remediation.

• Oversee third-party cybersecurity risk related to suppliers, managed service providers, and strategic partners.

• Establish cybersecurity KPIs, KRIs, dashboards, and reporting for executive leadership.

• Manage cybersecurity budgets, forecasts, vendor relationships, and strategic investment planning.

• Lead, mentor, and develop cybersecurity team members while promoting accountability, collaboration, and continuous improvement.

• Identify opportunities to reduce risk, improve efficiency, optimize costs, and increase business value.

Education and Experience:

• Bachelor’s degree in Information Security, Computer Science, Engineering, or related field required; advanced degree preferred.

• 12+ years of progressive cybersecurity, information security, or enterprise technology experience.

• 7+ years of leadership experience managing cybersecurity programs, teams, and strategic initiatives.

• Experience in regulated industries such as healthcare, medical devices, life sciences, or manufacturing preferred.

• Strong knowledge of cybersecurity operations, incident response, vulnerability management, cloud security, identity security, security engineering, and enterprise risk management.

• Experience with frameworks such as NIST CSF, ISO 27001, CIS Controls, and/or HITRUST.

• Strong understanding of healthcare and medical device cybersecurity expectations, including FDA cybersecurity guidance.

• Experience presenting cybersecurity strategy, risk, and program maturity to executive leadership.

• CISSP required; CISM, CRISC, CCSP, GIAC, or similar certifications preferred.

Physical Requirements (if applicable):
• Must be able to lift and transfer monitors and desktop systems (~20 pounds).

NOTE: This position is eligible for hybrid working arrangements (requires on-site work from an Insulet office). #LI-Hybrid

Additional Information:

Compensation & Benefits: For U.S.-based positions only, the annual base salary range for this role is $204,400.00 - $306,550.00 This position may also be eligible for incentive compensation. We offer a comprehensive benefits package, including: • Medical, dental, and vision insurance • 401(k) with company match • Paid time off (PTO) • And additional employee wellness programs Application Details: This job posting will remain open until the position is filled. To apply, please visit the Insulet Careers site and submit your application online. Actual pay depends on skills, experience, and education.