About Rhino Federated Computing

Rhino Federated Computing Rhino solves one of the biggest challenges in AI: seamlessly connecting siloed data through federated computing. The Rhino Federated Computing Platform (Rhino FCP) serves as the ‘data collaboration tech stack’, extending from providing computing resources to data preparation & discoverability, to model development & monitoring - all in a secure, privacy preserving environment. To do this, Rhino FCP offers flexible architecture (multi-cloud and on-prem hardware), end-to-end data management workflows (multimodal data, schema definition, harmonization, and visualization), privacy enhancing technologies (e.g., differential privacy), and allows for the secure deployment of custom code & 3rd party applications via persistent data pipelines. Rhino is trusted by >60 leading organizations worldwide - including 14 of 20 of Newsweek’s ‘Best Smart Hospitals’ and top 20 global biopharma companies - and is leveraging this foundation for financial services, ecommerce, and beyond.

The company is headquartered in Boston, with an R&D center in Tel Aviv.

About the role

As our Head of Information Security, you’ll be responsible for leading and evolving our information security strategy, policies, and operations. You’ll work cross-functionally to ensure we meet customer expectations, regulatory requirements, and internal standards. You’ll be the primary point of contact for all things security, including audits, security questionnaires, incident response, and internal policy enforcement.

You will be working with customer IT and information security teams to ensure that our platform meets and exceeds the security requirements of their organizations.

As part of this role you will:

• Develop, maintain, and enforce the company’s information security policies, standards, and procedures.
• Lead internal security programs, including risk assessments, security training, external penetration tests, and incident response planning.
• Own and drive security and compliance initiatives (e.g., SOC 2, ISO 27001).
• Serve as the primary contact for customers and partners on security-related inquiries, including due diligence and audits.
• Manage vendor security assessments and third-party risk management.
• Collaborate with engineering and DevOps to ensure secure systems design, infrastructure hardening, and secure SDLC practices.
• Monitor and assess the threat landscape; proactively recommend improvements to our security posture.
• Report regularly on the status of the security program to the executive team.
• Champion a security-first culture across the company.
• Embrace a ‘roll-up-your-sleeves’ approach to any challenge that is presented, whether directly related to information security or not.

About the candidate

• 5+ years of experience in information security, with at least 2 years in a senior or leadership capacity.
• Proven experience implementing or managing security compliance frameworks (e.g., SOC 2, ISO 27001, NIST).
• Deep understanding of security operations, application and cloud security, and risk management.
• Comfortable interfacing with customers, auditors, and non-technical stakeholders.
• Comfortable joining customer meetings during US business hours.
• Ability to operate independently in a fast-paced, startup environment.