Valid8 Financial, Inc.
Senior Director, Cybersecurity & IT Compliance
Valid8 Financial, Inc., Leesburg, Virginia, United States, 22075
Overview
Senior Director, Cybersecurity & IT Compliance Location:
Leesburg, VA Company:
VB Spine Looking for a career where your work truly matters? At VB Spine, you’ll be part of a mission-focused team that supports surgeons during life-changing spinal procedures. We’re seeking a driven individual ready to learn quickly, adapt under pressure, and grow in a dynamic, fast-paced environment. This role is a post-divestiture transformation leader responsible for safeguarding VB Spine’s digital assets, ensuring regulatory and audit readiness, and driving a modern, agile cybersecurity and IT governance framework within a regulated MedTech environment. What You’ll Do
Strategic Leadership & Program Development Develop and execute a comprehensive cybersecurity and IT compliance strategy aligned with business goals and regulatory obligations in a post divestiture environment.
Lead the design and implementation of an enterprise-wide cybersecurity framework, including risk management, security architecture, and incident response programs.
Establish a governance structure for cybersecurity and IT compliance, ensuring clarity of roles, responsibilities, and accountability.
Drive continuous improvement and innovation in security practices through automation, AI-enabled threat detection, Zero Trust adoption, and modern compliance tooling.
Manage MSSPs, incident response retainers, and technology partners to deliver lean but resilient global security coverage.
Cybersecurity Operations & Risk Management Oversee security operations, including threat monitoring, vulnerability management, and penetration testing.
Direct the evaluation, selection, and implementation of security technologies, tools, and platforms.
Conduct regular risk assessments and ensure risk mitigation strategies are documented and implemented.
Lead the response to cybersecurity incidents, including investigation, containment, remediation, and executive communication.
Collaborate with the Infrastructure team on shared accountabilities such as identity management, patching, endpoint hardening, and network security.
IT Compliance & Regulatory Alignment Ensure compliance with applicable MedTech and healthcare regulations (e.g., FDA 21 CFR Part 11, HIPAA, ISO 27001, SOC 2, GDPR, CCPA).
Partner with Quality, Regulatory Affairs, and Legal to integrate IT compliance requirements into product development, manufacturing systems, and business processes.
Develop policies, procedures, and training programs to maintain compliance and prepare for internal and external audits.
Oversee vendor and third-party security assessments to ensure alignment with company standards.
Post-Divestiture Transition Assess inherited IT infrastructure, applications, and security posture; develop and execute remediation and optimization plans.
Build standalone IT security capabilities where previously dependent on the parent company’s resources.
Guide data migration, network segregation, and system reconfiguration while maintaining security and compliance integrity.
Lead and mentor a high-performing cybersecurity and compliance team; build talent pipelines and succession plans; foster a culture of innovation and cross-functional collaboration.
What You Bring
Bachelor’s in Information Security, Computer Science, or related field required; Master’s preferred.
Professional certifications strongly preferred: CISSP, CISM, CISA, CRISC (or equivalent).
Specialized training in NIST CSF, ISO 27001, CIS Controls, and regulatory frameworks (FDA, HIPAA, GDPR).
12–15 years progressive experience in cybersecurity, compliance, and IT governance, with 5+ years in senior leadership.
Proven success building and maturing cybersecurity programs in regulated industries; MedTech, healthcare, or life sciences strongly preferred.
Experience navigating post-divestiture or M&A transitions, including TSA exits and stand-up of independent security capabilities.
Demonstrated expertise in security architecture, SOC/MSSP oversight, incident response, vulnerability management, and compliance program design.
Strong regulatory and audit engagement experience (FDA, ISO, GDPR, HIPAA).
Exceptional leadership, executive presence, and ability to translate technical security risks into business terms.
Ability to work in a fast-paced environment and manage multiple priorities under tight deadlines.
Strong analytical and problem-solving skills with high attention to detail.
Clear verbal and written communication skills to engage with technical and non-technical audiences.
Occasional travel required to company sites, vendor facilities, or industry conferences (up to 20%).
Why VB Spine? We believe in growing talent from within. At VB Spine, you’ll join a high-performing team, benefit from mentorship, and help shape strategy in the dynamic field of medical technology and growth opportunities across the organization. Compensation & Benefits Compensation is competitive and based on experience, with factors such as qualifications and performance considered. Final compensation is determined on a case-by-case basis to reflect experience, skills, and market conditions. Benefits include:
Comprehensive health, dental, and vision insurance
401(k) with company match
PTO and holidays
Ongoing training and professional development opportunities
Opportunity to grow within a fast-paced, dynamic company
Equal Opportunity VB Spine is an equal opportunity employer. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, veteran status, or any other legally protected status. Applicants may be asked to complete voluntary self-identification information for compliance purposes; such information is confidential and used solely for EEO reporting. We welcome qualified individuals from all backgrounds to apply.
#J-18808-Ljbffr
Senior Director, Cybersecurity & IT Compliance Location:
Leesburg, VA Company:
VB Spine Looking for a career where your work truly matters? At VB Spine, you’ll be part of a mission-focused team that supports surgeons during life-changing spinal procedures. We’re seeking a driven individual ready to learn quickly, adapt under pressure, and grow in a dynamic, fast-paced environment. This role is a post-divestiture transformation leader responsible for safeguarding VB Spine’s digital assets, ensuring regulatory and audit readiness, and driving a modern, agile cybersecurity and IT governance framework within a regulated MedTech environment. What You’ll Do
Strategic Leadership & Program Development Develop and execute a comprehensive cybersecurity and IT compliance strategy aligned with business goals and regulatory obligations in a post divestiture environment.
Lead the design and implementation of an enterprise-wide cybersecurity framework, including risk management, security architecture, and incident response programs.
Establish a governance structure for cybersecurity and IT compliance, ensuring clarity of roles, responsibilities, and accountability.
Drive continuous improvement and innovation in security practices through automation, AI-enabled threat detection, Zero Trust adoption, and modern compliance tooling.
Manage MSSPs, incident response retainers, and technology partners to deliver lean but resilient global security coverage.
Cybersecurity Operations & Risk Management Oversee security operations, including threat monitoring, vulnerability management, and penetration testing.
Direct the evaluation, selection, and implementation of security technologies, tools, and platforms.
Conduct regular risk assessments and ensure risk mitigation strategies are documented and implemented.
Lead the response to cybersecurity incidents, including investigation, containment, remediation, and executive communication.
Collaborate with the Infrastructure team on shared accountabilities such as identity management, patching, endpoint hardening, and network security.
IT Compliance & Regulatory Alignment Ensure compliance with applicable MedTech and healthcare regulations (e.g., FDA 21 CFR Part 11, HIPAA, ISO 27001, SOC 2, GDPR, CCPA).
Partner with Quality, Regulatory Affairs, and Legal to integrate IT compliance requirements into product development, manufacturing systems, and business processes.
Develop policies, procedures, and training programs to maintain compliance and prepare for internal and external audits.
Oversee vendor and third-party security assessments to ensure alignment with company standards.
Post-Divestiture Transition Assess inherited IT infrastructure, applications, and security posture; develop and execute remediation and optimization plans.
Build standalone IT security capabilities where previously dependent on the parent company’s resources.
Guide data migration, network segregation, and system reconfiguration while maintaining security and compliance integrity.
Lead and mentor a high-performing cybersecurity and compliance team; build talent pipelines and succession plans; foster a culture of innovation and cross-functional collaboration.
What You Bring
Bachelor’s in Information Security, Computer Science, or related field required; Master’s preferred.
Professional certifications strongly preferred: CISSP, CISM, CISA, CRISC (or equivalent).
Specialized training in NIST CSF, ISO 27001, CIS Controls, and regulatory frameworks (FDA, HIPAA, GDPR).
12–15 years progressive experience in cybersecurity, compliance, and IT governance, with 5+ years in senior leadership.
Proven success building and maturing cybersecurity programs in regulated industries; MedTech, healthcare, or life sciences strongly preferred.
Experience navigating post-divestiture or M&A transitions, including TSA exits and stand-up of independent security capabilities.
Demonstrated expertise in security architecture, SOC/MSSP oversight, incident response, vulnerability management, and compliance program design.
Strong regulatory and audit engagement experience (FDA, ISO, GDPR, HIPAA).
Exceptional leadership, executive presence, and ability to translate technical security risks into business terms.
Ability to work in a fast-paced environment and manage multiple priorities under tight deadlines.
Strong analytical and problem-solving skills with high attention to detail.
Clear verbal and written communication skills to engage with technical and non-technical audiences.
Occasional travel required to company sites, vendor facilities, or industry conferences (up to 20%).
Why VB Spine? We believe in growing talent from within. At VB Spine, you’ll join a high-performing team, benefit from mentorship, and help shape strategy in the dynamic field of medical technology and growth opportunities across the organization. Compensation & Benefits Compensation is competitive and based on experience, with factors such as qualifications and performance considered. Final compensation is determined on a case-by-case basis to reflect experience, skills, and market conditions. Benefits include:
Comprehensive health, dental, and vision insurance
401(k) with company match
PTO and holidays
Ongoing training and professional development opportunities
Opportunity to grow within a fast-paced, dynamic company
Equal Opportunity VB Spine is an equal opportunity employer. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, veteran status, or any other legally protected status. Applicants may be asked to complete voluntary self-identification information for compliance purposes; such information is confidential and used solely for EEO reporting. We welcome qualified individuals from all backgrounds to apply.
#J-18808-Ljbffr