Head of Security

Eight Sleep, Inc.

Job Overview

Location

United States

Job Type

Full-time

Full Job Description

📋 Description

• As Head of Security and Compliance at Eight Sleep, you will lead the company’s security strategy across physical, digital, and operational domains, ensuring the confidentiality, integrity, and availability of data, systems, and connected devices while protecting employees and customers in a mission-driven environment focused on transforming sleep into a performance-enhancing experience.
• You will oversee the implementation, operation, and monitoring of information security tools and processes in customer production environments, conduct IT risk assessments, maintain a risk register, and communicate security risks to executive leadership to drive informed business decisions and achieve acceptable risk levels.
• You will define and own Eight Sleep’s end-to-end security strategy across cloud, product, corporate, and customer environments, serve as the primary security advisor to the executive team, and build and scale the security program including roadmap, processes, metrics, and future team structure.
• You will oversee security architecture for software, cloud infrastructure (AWS), IoT devices, and data storage; ensure compliance with SOC 2, GDPR, HIPAA, and other frameworks; lead vulnerability management, threat detection, incident response; and develop protocols for access management, disaster recovery, and crisis response.
• You will partner with engineering and product teams to embed security-by-design into all products, guide threat modeling for cloud services, mobile apps, and hardware/firmware, implement privacy and security controls to protect customer data, and conduct penetration tests, risk assessments, and security audits.
• You will lead compliance programs (SOC 2, GDPR), establish policies and training initiatives, lead third-party risk management and vendor security reviews, and stay ahead of evolving global data privacy and security regulations.
• You will collaborate with exceptional talent in a high-performance culture that values intensity, innovation, and impact, where you’ll take immediate ownership of meaningful work that directly influences product success and company trajectory in a fast-paced, startup environment.
• You will grow professionally by leading the evolution of Eight Sleep’s security function from early-stage foundations to a mature, metrics-driven program, gaining deep expertise in embedded systems, firmware security, wireless protocols, and scalable security operations in consumer health technology.

🎯 Requirements

• 8-10+ years of experience in security engineering with deep expertise in mobile app security, IoT device security, or cloud infrastructure security
• Proven expertise in cybersecurity, cloud infrastructure security (AWS), IoT device security, and corporate risk management
• Strong knowledge of compliance standards including SOC 2, ISO 27001, HIPAA, GDPR, and related frameworks

🏖️ Benefits

• Every employee receives their own Eight Sleep Pod, the company’s flagship sleep fitness product
• Equitable compensation with continuous equity investment and periodic performance-based equity refreshments
• Opportunity to work with exceptional talent in a culture of excellence that values innovation, impact, and high standards

Skills & Technologies

AWS

Onsite

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Eight Sleep, Inc.

Visit Website

About Eight Sleep, Inc.

Eight Sleep designs and sells smart mattresses and sleep accessories that automatically adjust temperature, track biometrics, and integrate with mobile apps. The company targets consumers seeking data-driven sleep optimization through hardware-software combinations including cooling and heating mattress covers and AI-driven coaching insights. Founded in 2014, the company ships products globally and operates on a direct-to-consumer model supported by subscription software services.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.