Valid8 Financial, Inc.
Senior Director, Cybersecurity & IT Compliance
Valid8 Financial, Inc., Leesburg, Virginia, United States, 22075
Senior Director, Cybersecurity & IT Compliance
Location:
Leesburg, VA
Company:
VB Spine
Looking for a career where your work truly matters? At VB Spine, you’ll be part of a mission‑focused team that supports surgeons during life‑changing spinal procedures. We’re looking for driven individuals ready to learn quickly, adapt under pressure, and grow in a dynamic, fast‑paced environment.
We are seeking a Senior Director of Cybersecurity & IT Compliance who will serve as the global leader responsible for safeguarding VB Spine’s digital assets, ensuring regulatory and audit readiness, and driving a modern, agile cybersecurity and IT governance framework. This role is pivotal in the post‑divestiture transformation — building independent security capabilities, embedding compliance into business and product processes, and partnering with Infrastructure, Applications, Quality, Legal, and R&D to enable secure growth in a regulated MedTech environment.
What You’ll Do: Strategic Leadership & Program Development
Develop and execute a comprehensive cybersecurity and IT compliance strategy aligned with business goals and regulatory obligations in a post divestiture environment
Lead the design and implementation of an enterprise‑wide cybersecurity framework, including risk management, security architecture, and incident response programs.
Establish a governance structure for cybersecurity and IT compliance, ensuring clarity of roles, responsibilities, and accountability.
Drive continuous improvement and innovation in security practices through automation, AI‑enabled threat detection, Zero Trust adoption, and modern compliance tooling.
Manage MSSPs, incident response retainers, and technology partners to deliver lean but resilient global security coverage.
Cybersecurity Operations & Risk Management
Oversee security operations, including threat monitoring, vulnerability management, and penetration testing.
Direct the evaluation, selection, and implementation of security technologies, tools, and platforms.
Conduct regular risk assessments and ensure risk mitigation strategies are documented and implemented.
Lead the response to cybersecurity incidents, including investigation, containment, remediation, and executive communication.
Collaborate with the Infrastructure team on shared accountabilities such as identity management, patching, endpoint hardening, and network security.
IT Compliance & Regulatory Alignment
Ensure compliance with applicable MedTech and healthcare regulations (e.g., FDA 21 CFR Part 11, HIPAA, ISO 27001, SOC 2, GDPR, CCPA).
Partner with Quality, Regulatory Affairs, and Legal to integrate IT compliance requirements into product development, manufacturing systems, and business processes.
Develop policies, procedures, and training programs to maintain compliance and prepare for internal and external audits.
Oversee vendor and third‑party security assessments to ensure alignment with company standards
Post‑Divestiture Transition
Assess inherited IT infrastructure, applications, and security posture; develop and execute remediation and optimization plans.
Build standalone IT security capabilities where previously dependent on the parent company’s resources.
Guide data migration, network segregation, and system reconfiguration while maintaining security and compliance integrity.
Lead and mentor a high‑performing cybersecurity and compliance team.
Build talent pipelines and succession plans for critical security and compliance functions.
Foster a culture of innovation, continuous maturity, and cross‑functional collaboration.
What You Bring:
Bachelor’s in Information Security, Computer Science, or related field required; Master’s preferred.
Professional certifications strongly preferred: CISSP, CISM, CISA, CRISC (or equivalent).
Specialized training in NIST CSF, ISO 27001, CIS Controls, and regulatory frameworks (FDA, HIPAA, GDPR).
12–15 years progressive experience in cybersecurity, compliance, and IT governance, with 5+ years in senior leadership.
Proven success building and maturing cybersecurity programs in regulated industries; MedTech, healthcare, or life sciences strongly preferred.
Experience navigating post‑divestiture or M&A transitions, including TSA exits and stand‑up of independent security capabilities.
Demonstrated expertise in security architecture, SOC/MSSP oversight, incident response, vulnerability management, and compliance program design.
Strong regulatory and audit engagement experience (FDA, ISO, GDPR, HIPAA).
Background in consulting or advisory roles may be considered if demonstrating enterprise‑scale leadership and board‑level communication.
Exceptional leadership, executive presence, and ability to translate technical security risks into business terms.
Ability to work in a fast‑paced environment and manage multiple priorities under tight deadlines.
Strong analytical and problem‑solving skills with high attention to detail.
Ability to sit for extended periods and work at a computer for the majority of the workday.
Clear verbal and written communication skills to engage with technical and non‑technical audiences.
Occasional travel required to company sites, vendor facilities, or industry conferences (up to 20%).
Why VB Spine? We believe in growing talent from within. At VB Spine, join a high‑performing team, benefit from peer and executive mentorship, and shape strategy in the dynamic field of medical sales—positioning yourself to influence growth and innovation across the organization.
Compensation: Pay for this role is competitive and based on experience, with additional factors like territory requirements, qualifications, and performance taken into account. Final compensation is determined on
acase‑by‑case basis
and considers a variety of factors, including experience level, skillset, and market conditions.
Benefits include:
Comprehensive health, dental, and vision insurance
401(k) with company match
Paid time off (PTO) and holidays
Ongoing training and professional development opportunities
Opportunity to grow within a fast‑paced, dynamic company
We are required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.
Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self‑identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.
#J-18808-Ljbffr
Leesburg, VA
Company:
VB Spine
Looking for a career where your work truly matters? At VB Spine, you’ll be part of a mission‑focused team that supports surgeons during life‑changing spinal procedures. We’re looking for driven individuals ready to learn quickly, adapt under pressure, and grow in a dynamic, fast‑paced environment.
We are seeking a Senior Director of Cybersecurity & IT Compliance who will serve as the global leader responsible for safeguarding VB Spine’s digital assets, ensuring regulatory and audit readiness, and driving a modern, agile cybersecurity and IT governance framework. This role is pivotal in the post‑divestiture transformation — building independent security capabilities, embedding compliance into business and product processes, and partnering with Infrastructure, Applications, Quality, Legal, and R&D to enable secure growth in a regulated MedTech environment.
What You’ll Do: Strategic Leadership & Program Development
Develop and execute a comprehensive cybersecurity and IT compliance strategy aligned with business goals and regulatory obligations in a post divestiture environment
Lead the design and implementation of an enterprise‑wide cybersecurity framework, including risk management, security architecture, and incident response programs.
Establish a governance structure for cybersecurity and IT compliance, ensuring clarity of roles, responsibilities, and accountability.
Drive continuous improvement and innovation in security practices through automation, AI‑enabled threat detection, Zero Trust adoption, and modern compliance tooling.
Manage MSSPs, incident response retainers, and technology partners to deliver lean but resilient global security coverage.
Cybersecurity Operations & Risk Management
Oversee security operations, including threat monitoring, vulnerability management, and penetration testing.
Direct the evaluation, selection, and implementation of security technologies, tools, and platforms.
Conduct regular risk assessments and ensure risk mitigation strategies are documented and implemented.
Lead the response to cybersecurity incidents, including investigation, containment, remediation, and executive communication.
Collaborate with the Infrastructure team on shared accountabilities such as identity management, patching, endpoint hardening, and network security.
IT Compliance & Regulatory Alignment
Ensure compliance with applicable MedTech and healthcare regulations (e.g., FDA 21 CFR Part 11, HIPAA, ISO 27001, SOC 2, GDPR, CCPA).
Partner with Quality, Regulatory Affairs, and Legal to integrate IT compliance requirements into product development, manufacturing systems, and business processes.
Develop policies, procedures, and training programs to maintain compliance and prepare for internal and external audits.
Oversee vendor and third‑party security assessments to ensure alignment with company standards
Post‑Divestiture Transition
Assess inherited IT infrastructure, applications, and security posture; develop and execute remediation and optimization plans.
Build standalone IT security capabilities where previously dependent on the parent company’s resources.
Guide data migration, network segregation, and system reconfiguration while maintaining security and compliance integrity.
Lead and mentor a high‑performing cybersecurity and compliance team.
Build talent pipelines and succession plans for critical security and compliance functions.
Foster a culture of innovation, continuous maturity, and cross‑functional collaboration.
What You Bring:
Bachelor’s in Information Security, Computer Science, or related field required; Master’s preferred.
Professional certifications strongly preferred: CISSP, CISM, CISA, CRISC (or equivalent).
Specialized training in NIST CSF, ISO 27001, CIS Controls, and regulatory frameworks (FDA, HIPAA, GDPR).
12–15 years progressive experience in cybersecurity, compliance, and IT governance, with 5+ years in senior leadership.
Proven success building and maturing cybersecurity programs in regulated industries; MedTech, healthcare, or life sciences strongly preferred.
Experience navigating post‑divestiture or M&A transitions, including TSA exits and stand‑up of independent security capabilities.
Demonstrated expertise in security architecture, SOC/MSSP oversight, incident response, vulnerability management, and compliance program design.
Strong regulatory and audit engagement experience (FDA, ISO, GDPR, HIPAA).
Background in consulting or advisory roles may be considered if demonstrating enterprise‑scale leadership and board‑level communication.
Exceptional leadership, executive presence, and ability to translate technical security risks into business terms.
Ability to work in a fast‑paced environment and manage multiple priorities under tight deadlines.
Strong analytical and problem‑solving skills with high attention to detail.
Ability to sit for extended periods and work at a computer for the majority of the workday.
Clear verbal and written communication skills to engage with technical and non‑technical audiences.
Occasional travel required to company sites, vendor facilities, or industry conferences (up to 20%).
Why VB Spine? We believe in growing talent from within. At VB Spine, join a high‑performing team, benefit from peer and executive mentorship, and shape strategy in the dynamic field of medical sales—positioning yourself to influence growth and innovation across the organization.
Compensation: Pay for this role is competitive and based on experience, with additional factors like territory requirements, qualifications, and performance taken into account. Final compensation is determined on
acase‑by‑case basis
and considers a variety of factors, including experience level, skillset, and market conditions.
Benefits include:
Comprehensive health, dental, and vision insurance
401(k) with company match
Paid time off (PTO) and holidays
Ongoing training and professional development opportunities
Opportunity to grow within a fast‑paced, dynamic company
We are required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.
Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self‑identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.
#J-18808-Ljbffr