Umano Medical is building a candidate bank for a future CISO role to lead the organization’s cybersecurity vision across enterprise IT and medical device products ecosystems. 
The CISO will define and operationalize a risk-based cybersecurity program that protects patients, products, intellectual property, and operations while supporting innovation and regulatory compliance. 

This role is both strategic and hands-on, interfacing with executive leadership, R&D, Quality/Regulatory, IT/OT, and external stakeholders creating a unique playground and offering challenges.

Specifically, this is what your day might look like :

Cybersecurity Strategy & Leadership 

• Define and maintain the enterprise cybersecurity strategy aligned with business objectives 
• Establish governance frameworks, policies, and security standards 
• Advise executive leadership on cyber risk, threat landscape, and investment priorities 
• Build and lead a scalable cybersecurity function (internal + external resources) 

Product & Embedded Security (MedTech Focus) 

• Integrate cybersecurity into product development lifecycle (Secure SDLC) 
• Ensure compliance with:  
  - IEC 81001-5-1 (health software security) 
  - IEC 62443 (industrial / connected systems) 
  - FDA & Health Canada cybersecurity expectations 
• Drive threat modeling, secure architecture, vulnerability management, and post-market surveillance 
• Partner with R&D (software & hardware) to embed security by design 

Risk Management & Compliance 

• Lead enterprise cyber risk management program 
• Define risk appetite, assessment methodologies, and reporting dashboards 
• Support regulatory submissions and audits (FDA, MDR, ISO 13485 context) 
• Oversee third-party and supply chain cybersecurity risk 
   

Security Operations & Incident Response 

• Establish detection, monitoring, and response capabilities 
• Lead incident response planning and crisis management 
• Coordinate vulnerability disclosure processes (PSIRT) 

Ensure business continuity and resilience planning 
 

IT / OT / Connected Systems Security 

• Secure enterprise IT infrastructure (cloud, endpoints, identity, network) 
• Address OT / manufacturing cybersecurity risks 
• Ensure proper segmentation between IT, OT, and clinical environments 
• Oversee identity & access management strategy 
   

Culture, Awareness & Enablement 

• Promote a strong cybersecurity culture across all teams 
• Train product managers and engineering teams on secure design principles 
• Provide actionable guidance without blocking innovation 

Life at Umano Medical  

Enjoy a dynamic work in which fun, trust and teamwork are a priority. Be part of a culture focused on everyone's strengths and talents, all while advancing your career within the organization according to your interests. 

The profile we're looking for

• Bachelor’s or Master’s in Cybersecurity, Software Engineering, Electrical Engineering, or related field 
• 10+ years in cybersecurity, including leadership roles 
• Experience in regulated environments (medical device strongly preferred) 
  Strong knowledge of:  
• Secure development practices 
• Embedded / IoT security 
• Risk frameworks (NIST CSF, ISO 27001) 
• Proven ability to influence senior leadership and cross-functional teams  

Join a committed and enthusiastic team within a growing company. People are truly first and foremost here, and you'll feel it from day one.