Senior Director, Reliability and Security Engineering

What you will be doing

Beacon Biosignals is seeking a Senior Director, Reliability and Security Engineering to lead and grow the teams responsible for keeping Beacon's infrastructure reliable, secure, and productive. In this role, you'll manage our existing Site Reliability Engineering and IT functions, and build out our security engineering practice by bringing on and leading our first security-focused engineer. This role reports directly to Beacon's VP of Platform.

You'll inherit a functioning SRE team of four engineers and an IT Specialist, with a security-focused engineer already approved and joining soon. The immediate opportunity in security is to establish the practice, including strategy, tooling, and compliance posture, while your SRE and IT teams continue maturing. Beacon holds SOC 2 certification and is underway with our first ISO 27001 audit, with HITRUST r2 certification targeted for H1 2027.

This is a leadership role for someone who thinks like an engineer first. We want someone who sees reliability, security, and IT as software engineering problems: infrastructure-as-code over manual runbooks, automated compliance over audit scrambles, and self-service tooling that makes the secure path the easy path.

You'll own the strategy and execution across SRE, security, and IT, setting the direction for how Beacon protects its systems, supports its people, and scales its infrastructure as the company grows. Your teams will support everything from Kubernetes clusters running large-scale ML workloads to endpoint management and access controls for a globally distributed workforce.

At Beacon, we've found that cultural and scientific impact is driven most by those that lead by example. As such, we're always seeking new contributors whose work demonstrates an avid curiosity, a bias towards simplicity, an eye for composability, a self-service mindset, and - most of all - a deep empathy towards colleagues, stakeholders, users, and patients.

This position is based in the Boston area to support close partnership with our Boston-based team.

What success looks like

• Manage and grow the SRE and IT teams while building out our security-focused capabilities across both.
• Set a unified technical vision across reliability, security, and IT that treats all three as interconnected engineering disciplines.
• Improve Beacon's security posture through automation, infrastructure hardening, and policy-as-code.
• Ensure the reliability and availability of Beacon's cloud infrastructure, including the Kubernetes clusters that power our data scientists' distributed numerical workloads.
• Own and evolve Beacon's incident response practices, including on-call structure, escalation paths, and post-incident learning.
• Build self-service IT tooling and workflows that reduce friction for employees while maintaining strong access controls and compliance.
• Own Beacon's compliance roadmap, building on our existing SOC 2 certification and ISO 27001 audit in progress, toward HITRUST r2 certification in H1 2027.
• Collaborate with engineering teams to embed reliability and security into the development lifecycle.
• Develop and mentor your direct reports, helping them grow their impact and navigate challenges along the way.
• Maintain outcome-oriented roadmaps for each team that connect to Beacon's broader strategic objectives, and communicate progress and priorities effectively to stakeholders.

What you will bring

• Approximate experience: 10+ years in SRE, DevOps, infrastructure, or security engineering roles, with 5+ years managing engineering teams including at least some experience at a director or equivalent level. Experience at a startup or growth-stage company is strongly preferred.
• You've managed multiple engineering teams simultaneously and have experience growing a team or function from the ground up.
• You're a strategic leader first, with enough technical depth to set a high bar, earn your team's respect, and engage meaningfully on architectural decisions. You understand the engineering principles underlying your teams' work — how infrastructure-as-code, incident response, and security automation fit together.
• You approach security with an engineering mindset: you've implemented security controls as code, automated compliance workflows, or built tooling that made secure practices the path of least resistance.
• You have meaningful experience with IT operations in a hybrid/remote environment, and you understand how to balance user productivity with security and compliance requirements.
• You've worked in or adjacent to a regulated industry (biopharma, healthcare, fintech, etc.) and have hands-on experience with compliance frameworks. You understand how to maintain development velocity within those constraints.
• You have strong incident management experience. You've led incident response in production environments and built the monitoring, alerting, and post-mortem practices that reduce recurrence.
• Information-gathering is ingrained in every aspect of your work. Your decisions incorporate feedback from stakeholders, your reports, and historical context that you intentionally mine over time.
• You demonstrate a bias towards simplicity, avoid misallocating complexity, and impose structure at the right time, not too early or too late.
• You communicate clearly and follow through on decisions. You swiftly communicate changes with collaborators and stakeholders.