Rhythm is a global, commercial-stage biopharmaceutical company committed to transforming the lives of patients and their families living with rare neuroendocrine diseases. We develop medicines for previously untreatable or undertreated diseases and provide meaningful support for healthcare providers and patients and their families. We recognize the courage it takes for patients and their caregivers to begin their journey of advocacy to find the answers they need. Their courage inspires us to challenge convention, ask bold questions and seek answers for them. Every day, we strive for excellence through our willingness to adapt, learn, and our tenacity to overcome barriers, together.

Reporting to the Associate Director, Cybersecurity, Rhythm is seeking an experienced and highly motivated Senior Cybersecurity Specialist to join the Information Technology team. This role will be responsible for supporting cybersecurity initiatives in governance and compliance, risk management, vulnerability management, and incident response. As a senior member of our cybersecurity team, you will leverage risk-based assessments and industry-specific threat intelligence to strengthen Rhythm's security posture and participate in routine incident response activities. You will also play a pivotal role in enhancing security awareness and education across all business units.

• Identify and elevate cybersecurity risks related to Rhythm's systems, data, and third-party relationships and drive timely remediation efforts.
• Execute the vulnerability management program, ensuring vulnerabilities are addressed within defined SLAs.
• Serve with others as a first responder during security incidents, performing detailed technical analysis and coordinating response activities.
• Support threat hunting and digital forensics initiatives to uncover threats and assess overall risk exposure.
• Partner with cross-functional teams on projects impacting confidentiality, integrity, or availability of critical assets.
• Review and validate security requirements within third-party contracts, including data protection clauses, breach notification obligations, and compliance with relevant regulations.
• Conduct thorough third-party data security assessments to evaluate controls, risk posture, and alignment with organizational standards.
• Provide and maintain general cybersecurity training and education for all Rhythm employees.
• Maintain clear, accurate, and up-to-date documentation for cybersecurity policies, procedures, and standards. Ensure incident response playbooks, vulnerability management workflows, and system hardening guides are well-documented and easily accessible.
• Monitor adherence to established cybersecurity frameworks and internal policies across all IT operations.

• Minimum 5 years of experience in cybersecurity disciplines such as governance and compliance, risk management, vulnerability management, cloud security, and incident response.
• Hands-on expertise with platforms including Microsoft Defender, CrowdStrike, Azure, and AWS.
• Strong knowledge and application of the CIS Controls and NIST Cybersecurity Framework.
• Familiarity with regulatory and compliance standards (eg, NIST, GDPR, ISO, SOC 2).
• Proven ability to manage the full security incident response lifecycle: detection, analysis, containment, eradication, and recovery.
• Demonstrated success in project management within collaborative environments.
• Excellent communication and interpersonal skills (written and verbal).
• Relevant certifications (eg, Security+, GSEC) are a plus.

This role requires active participation in security incidents that occur outside normal business hours, including evenings, weekends, and holidays.

This role is based out of our corporate office in Boston, Massachusetts. Rhythm operates in a hybrid-work model. Candidates applying must be willing and able to be in the Boston office in coordination with their department and business needs. This role may involve some travel.

The expected salary range for this position is $90,000-$135,000. Actual pay will be determined based on experience, level, qualifications, geographic location, and other job-related factors permitted by law. A discretionary annual bonus may be available based on individual and company performance. This role may be eligible for benefits and other compensation such as restricted stock units.

We are a dynamic and growing global team spanning more than a dozen countries. At Rhythm we are dedicated to transforming the lives of patients living with rare neuroendocrine diseases by rapidly advancing care and precision medicines that address the root cause. Our team is passionate about expanding access to reach more patients and developing novel therapies for other rare neuroendocrine diseases, including congenital hyperinsulinism.

• We are committed to advancing scientific understanding to improve patients' lives.
• We are inspired to tackle tough challenges and have the courage to ask bold questions.
• We are eager to learn and adapt.
• We believe collaboration and ownership are foundational for our success.
• We value the unique contribution each individual brings to furthering our mission.

Rhythm is an equal employment opportunity employer and does not discriminate against any applicant because of race, creed, color, age, national origin, ancestry, religion, gender, sexual orientation, disability, genetic information, veteran status, military status, application for military service, or any other class protected by state or federal law.

Headquartered in Boston, Rhythm is proud to have been named one of the Top Places to Work in Massachusetts.