Senior Manager, IT Information Security

Compass Pathways is entering a critical phase as we prepare for commercial launch and expansion of our data and technology footprint. We are seeking a hands‑on, execution‑focused Senior Manager, IT Information Security to lead the development, implementation, and day‑to‑day operation of the company’s cybersecurity program. This role is responsible for protecting company systems, data, and users, ensuring compliance with regulatory requirements (including GxP, SOX ITGCs, and data privacy obligations), and strengthening the organization’s security posture as we scale. The role operates with a high degree of ownership while collaborating closely with IT leadership and external partners.

Roles and Responsibilities Include but are not limited to:

• Security Program Leadership & Execution
  • Lead implementation and improvement of the cybersecurity program
  • Develop security policies, standards, and procedures
  • Support transition to a risk‑based security model
  • Oversee monitoring and alerting with SOC partners
  • Manage incident response processes and reporting
  • Coordinate response and reporting of security events
• Vulnerability Management & Security Operations
  • Lead vulnerability management lifecycle
  • Partner with IT teams on remediation
  • Ensure controls across endpoints, cloud, and applications
  • Support identity and access controls
  • Establish and manage cyber security KPI’s and metrics
  • Support SOX ITGC controls and audits
  • Ensure protection of sensitive data
  • Participate in cyber security risk assessments and vendor assessments
• Security Awareness & Training
  • Lead awareness programs and phishing simulations
  • Promote security culture
  • Manage third‑party security vendors
  • Partner with IT, Legal, and Compliance
  • Report on security posture and risks

Candidate Profile:

• Bachelor's degree in IT, Cyber security, or related field
• 8–10 years of IT experience with 4+ years in security
• Hands‑on experience across key security domains
• Experience in regulated environments
• Knowledge of security frameworks (NIST, ISO 27001)
• Experience with SOC or MSP providers

Preferred Qualifications:

• Experience supporting commercialization
• Familiarity with GxP and SOX controls
• Experience securing healthcare or patient data
• Experience with Microsoft 365 security
• Certifications (CISSP, CISM, Security+)
• Execution focus
• Risk‑based mindset
• Strong communication
• Cross‑functional collaboration

Base pay is one part of the Total Package that is provided to compensate and recognise employees for their work and any role at Compass, regardless of the location, is eligible for additional discretionary bonuses and equity. Base salary per annum: $150,000 - $190,000 USD.

Benefits & Compensation: For an overview of our benefits package and compensation information, please visit Working at Compass.

Equal opportunities: Reasonable accommodation: We are committed to building a workplace where everyone's wellbeing matters. If you need reasonable accommodation during the interview process to be at your best, please let our recruiting team know. UK applicants: We are proud of our commitment to diversity and equality (pursuant to the Equality Act 2010). We do not discriminate based upon race, religion or belief, colour, nationality, ethnic or national origin, gender, pregnancy or maternity, marital or civil partner status, sexual orientation, gender reassignment, age or disability. US applicants: Compass Pathways is proud to be an equal opportunity employer. All employment decisions are based on business needs, job requirements, and individual qualifications, without regard to race, religion, color, national origin, sex, ethnicity, age, disability, sexual orientation, gender identity, gender expression, military service, genetic information, familial or marital status, or any other status, category, or characteristic protected by applicable law.

Sponsorship: Unfortunately, we cannot sponsor employment visas and can only accept applications if you have employment rights in the country to which you are applying.

Data Privacy: All data is confidential and protected by all legal and data privacy requirements, please see our recruitment Privacy Notice to learn more about how we process personal data.