What are the responsibilities and job description for the Senior Director, Cybersecurity & IT Compliance position at VB Spine?
Location: Leesburg, VA
Company: VB Spine
Looking for a career where your work truly matters? At VB Spine, you’ll be part of a mission-focused team that supports surgeons during life-changing spinal procedures. We’re looking for driven individuals ready to learn quickly, adapt under pressure, and grow in a dynamic, fast-paced environment.
We are seeking a Senior Director of Cybersecurity & IT Compliance who will serve as the global leader responsible for safeguarding VB Spine’s digital assets, ensuring regulatory and audit readiness, and driving a modern, agile cybersecurity and IT governance framework. This role is pivotal in the post-divestiture transformation — building independent security capabilities, embedding compliance into business and product processes, and partnering with Infrastructure, Applications, Quality, Legal, and R&D to enable secure growth in a regulated MedTech environment.
What You’ll Do
Strategic Leadership & Program Development
We believe in growing talent from within. At VB Spine, join a high-performing team, benefit from peer and executive mentorship, and shape strategy in the dynamic field of medical sales—positioning yourself to influence growth and innovation across the organization.
Compensation
Pay for this role is competitive and based on experience, with additional factors like territory requirements, qualifications, and performance taken into account. Final compensation is determined on a case-by-case basis and considers a variety of factors, including experience level, skillset, and market conditions.
Benefits Include
Company: VB Spine
Looking for a career where your work truly matters? At VB Spine, you’ll be part of a mission-focused team that supports surgeons during life-changing spinal procedures. We’re looking for driven individuals ready to learn quickly, adapt under pressure, and grow in a dynamic, fast-paced environment.
We are seeking a Senior Director of Cybersecurity & IT Compliance who will serve as the global leader responsible for safeguarding VB Spine’s digital assets, ensuring regulatory and audit readiness, and driving a modern, agile cybersecurity and IT governance framework. This role is pivotal in the post-divestiture transformation — building independent security capabilities, embedding compliance into business and product processes, and partnering with Infrastructure, Applications, Quality, Legal, and R&D to enable secure growth in a regulated MedTech environment.
What You’ll Do
Strategic Leadership & Program Development
- Develop and execute a comprehensive cybersecurity and IT compliance strategy aligned with business goals and regulatory obligations in a post divestiture environment
- Lead the design and implementation of an enterprise-wide cybersecurity framework, including risk management, security architecture, and incident response programs.
- Establish a governance structure for cybersecurity and IT compliance, ensuring clarity of roles, responsibilities, and accountability.
- Drive continuous improvement and innovation in security practices through automation, AI-enabled threat detection, Zero Trust adoption, and modern compliance tooling.
- Manage MSSPs, incident response retainers, and technology partners to deliver lean but resilient global security coverage.
- Oversee security operations, including threat monitoring, vulnerability management, and penetration testing.
- Direct the evaluation, selection, and implementation of security technologies, tools, and platforms.
- Conduct regular risk assessments and ensure risk mitigation strategies are documented and implemented.
- Lead the response to cybersecurity incidents, including investigation, containment, remediation, and executive communication.
- Collaborate with the Infrastructure team on shared accountabilities such as identity management, patching, endpoint hardening, and network security.
- Ensure compliance with applicable MedTech and healthcare regulations (e.g., FDA 21 CFR Part 11, HIPAA, ISO 27001, SOC 2, GDPR, CCPA).
- Partner with Quality, Regulatory Affairs, and Legal to integrate IT compliance requirements into product development, manufacturing systems, and business processes.
- Develop policies, procedures, and training programs to maintain compliance and prepare for internal and external audits.
- Oversee vendor and third-party security assessments to ensure alignment with company standards
- Assess inherited IT infrastructure, applications, and security posture; develop and execute remediation and optimization plans.
- Build standalone IT security capabilities where previously dependent on the parent company’s resources.
- Guide data migration, network segregation, and system reconfiguration while maintaining security and compliance integrity.
- Lead and mentor a high-performing cybersecurity and compliance team.
- Build talent pipelines and succession plans for critical security and compliance functions.
- Foster a culture of innovation, continuous maturity, and cross-functional collaboration.
- Bachelor’s in Information Security, Computer Science, or related field required; Master’s preferred.
- Professional certifications strongly preferred: CISSP, CISM, CISA, CRISC (or equivalent).
- Specialized training in NIST CSF, ISO 27001, CIS Controls, and regulatory frameworks (FDA, HIPAA, GDPR).
- 12–15 years progressive experience in cybersecurity, compliance, and IT governance, with 5 years in senior leadership.
- Proven success building and maturing cybersecurity programs in regulated industries; MedTech, healthcare, or life sciences strongly preferred.
- Experience navigating post-divestiture or M&A transitions, including TSA exits and stand-up of independent security capabilities.
- Demonstrated expertise in security architecture, SOC/MSSP oversight, incident response, vulnerability management, and compliance program design.
- Strong regulatory and audit engagement experience (FDA, ISO, GDPR, HIPAA).
- Background in consulting or advisory roles may be considered if demonstrating enterprise-scale leadership and board-level communication.
- Exceptional leadership, executive presence, and ability to translate technical security risks into business terms.
- Ability to work in a fast-paced environment and manage multiple priorities under tight deadlines.
- Strong analytical and problem-solving skills with high attention to detail.
- Ability to sit for extended periods and work at a computer for the majority of the workday.
- Clear verbal and written communication skills to engage with technical and non-technical audiences.
- Occasional travel required to company sites, vendor facilities, or industry conferences (up to 20%).
We believe in growing talent from within. At VB Spine, join a high-performing team, benefit from peer and executive mentorship, and shape strategy in the dynamic field of medical sales—positioning yourself to influence growth and innovation across the organization.
Compensation
Pay for this role is competitive and based on experience, with additional factors like territory requirements, qualifications, and performance taken into account. Final compensation is determined on a case-by-case basis and considers a variety of factors, including experience level, skillset, and market conditions.
Benefits Include
- Comprehensive health, dental, and vision insurance
- 401(k) with company match
- Paid time off (PTO) and holidays
- Ongoing training and professional development opportunities
- Opportunity to grow within a fast-paced, dynamic company
