Job Specifications
Company Overview
Rhythm is a global, commercial-stage biopharmaceutical company committed to transforming the lives of patients and their families living with rare neuroendocrine diseases. We develop medicines for previously untreatable or undertreated diseases and provide meaningful support for healthcare providers and patients and their families. We recognize the courage it takes for patients and their caregivers to begin their journey of advocacy to find the answers they need. Their courage inspires us to challenge convention, ask bold questions and seek answers for them. Every day, we strive for excellence through our willingness to adapt, learn, and our tenacity to overcome barriers, together.
Opportunity Overview
Reporting to the Associate Director, Cybersecurity, Rhythm is seeking an experienced and highly motivated Senior Cybersecurity Specialist to join the Information Technology team. This role will be responsible for supporting cybersecurity initiatives in governance and compliance, risk management, vulnerability management, and incident response. As a senior member of our cybersecurity team, you will leverage risk-based assessments and industry-specific threat intelligence to strengthen Rhythm’s security posture and participate in routine incident response activities. You will also play a pivotal role in enhancing security awareness and education across all business units.
Responsibilities And Duties
Identify and escalate cybersecurity risks related to Rhythm’s systems, data, and third-party relationships and drive timely remediation efforts
Execute the vulnerability management program, ensuring vulnerabilities are addressed within defined SLAs
Serve with others as a first responder during security incidents, performing detailed technical analysis and coordinating response activities
Support threat hunting and digital forensics initiatives to uncover threats and assess overall risk exposure
Partner with cross-functional teams on projects impacting confidentiality, integrity, or availability of critical assets
Review and validate security requirements within third-party contracts, including data protection clauses, breach notification obligations, and compliance with relevant regulations
Conduct thorough third-party data security assessments to evaluate controls, risk posture, and alignment with organizational standards
Provide and maintain general cybersecurity training and education for all Rhythm employees
Maintain clear, accurate, and up-to-date documentation for cybersecurity policies, procedures, and standards. Ensure incident response playbooks, vulnerability management workflows, and system hardening guides are well-documented and easily accessible
Monitor adherence to established cybersecurity frameworks and internal policies across all IT operations
Qualifications And Skills
Minimum 5 years of experience in cybersecurity disciplines such as governance and compliance, risk management, vulnerability management, cloud security, and incident response
Hands-on expertise with platforms including Microsoft Defender, CrowdStrike, Azure, and AWS
Strong knowledge and application of the CIS Controls and NIST Cybersecurity Framework.
Familiarity with regulatory and compliance standards (e.g., NIST, GDPR, ISO, SOC 2).
Proven ability to manage the full security incident response lifecycle: detection, analysis, containment, eradication and recovery.
Demonstrated success in project management within collaborative environments
Excellent communication and interpersonal skills (written and verbal)
Relevant certifications (e.g., Security+, GSEC) are a plus
This role requires active participation in security incidents that occur outside normal business hours, including evenings, weekends and holidays.
This role is based out of our corporate office in Boston, Massachusetts. Rhythm operates in a hybrid-work model. Candidates applying must be willing and able to be in the Boston office in coordination with their department and business needs. This role may involve some travel.
The expected salary range for this position is $90,000-$135,000. Actual pay will be determined based on experience, level, qualifications, geographic location, and other job-related factors permitted by law. A discretionary annual bonus may be available based on individual and company performance. This role may be eligible for benefits and other compensation such as restricted stock units.
More About Rhythm
We are a dynamic and growing global team spanning more than a dozen countries. At Rhythm we are dedicated to transforming the lives of patients living with rare neuroendocrine diseases by rapidly advancing care and precision medicines that address the root cause. Our team is passionate about expanding access to reach more patients and developing novel therapies for other rare neuroendocrine diseases, including congenital hyperinsulinism.
At Rhythm our core values are:
We are committed to advancing scientific understandin