Director IT and Cybersecurity

Build the systems that expand human capabilityAt Blackrock Neurotech, we’ve spent decades making the impossible possible – helping people move, speak, and reconnect with the world when they otherwise could not.We’ve seen that restoring function restores more than ability. It restores independence, identity, and agency.Today, we are building the next generation of human capability: brain-computer interfaces that are designed to be safe, scalable, and trusted in the real world. Our work is not only about reconnecting people to what was lost, but about expanding what is possible – creating a seamless interface between human intent and technology.This is foundational work in a category-defining field. You will help build the infrastructure for a future where neural interfaces are invisible, reliable, and deeply human-centered.Working at Blackrock Neurotech means:Owning meaningful, high-impact problems at the frontier of science and engineeringBuilding alongside experienced, thoughtful peers across disciplinesSolving technically complex challenges grounded in real human outcomesContributing to a culture that values rigor, clarity, and long‑term thinking over noiseThe RoleBlackrock Neurotech is seeking a strategic and hands‑on Director of IT & Cybersecurity to lead the evolution of the company's technology infrastructure, cybersecurity posture, and enterprise systems as we scale our BCI operations. This role owns the company's IT strategy and roadmap while ensuring the reliability, security, and compliance of systems that support our growing team, mission‑critical neurotechnology R&D, clinical operations, and sensitive intellectual property.The Director of IT & Cybersecurity will partner closely with executive leadership to align technology investments with company growth, regulatory requirements, and commercial readiness — including the data privacy, quality system, and security obligations inherent in medical device development. The ideal candidate brings both strategic vision and operational depth: able to modernize infrastructure, build cybersecurity governance, protect proprietary neural research data, and prepare the organization for regulatory scrutiny, investor diligence, and hospital/enterprise customer security assessments.This role directly manages a small existing IT team (1–3 people) and owns relationships with external vendors and managed service providers.What You DoLead IT Strategy and InfrastructureOwn and execute Blackrock's enterprise IT strategy and technology roadmapDesign and maintain scalable infrastructure supporting a growing organization and distributed workforceOversee hybrid cloud environments including Azure, Microsoft 365, and enterprise collaboration platformsEnsure high availability, reliability, and performance across enterprise systems and networksSupport secure, reliable connectivity across corporate offices and R&D lab environmentsStrengthen Cybersecurity and Risk GovernanceDevelop and implement cybersecurity frameworks, policies, and governance practices — including NIST CSF or ISO 27001 alignmentLead initiatives that improve the company's security posture, risk visibility, and compliance readiness across regulated and commercial environmentsOversee identity and access management including SSO, MFA, and role‑based access controlsBuild and maintain a Data Loss Prevention (DLP) program to protect proprietary neural research data, device IP, and clinical trial dataDevelop and maintain an incident response plan scoped to a regulated medical device environment, including FDA‑reportable breach scenariosOwn vendor risk management including Business Associate Agreements (BAAs) and third‑party security assessmentsDrive Regulatory Compliance and Quality System SupportEnsure IT infrastructure, systems, and processes meet requirements under HIPAA, FDA 21 CFR Part 11, FDA QSR/QMSR (21 CFR Part 820), and SOC 2Lead Computer System Validation (CSV) efforts for GxP‑relevant systems including quality management, lab, and clinical platformsSupport ISO 27001 certification planning and execution as the company scales toward commercial operationsManage GDPR obligations for data protectionSupport internal audits, regulatory inspections, and investor or customer security assessmentsServe as the primary IT and security liaison for FDA, customer, and partner diligence activitiesLead Enterprise Systems and Technology ModernizationEvaluate and implement enterprise platforms that improve operational efficiency and regulatory readinessSupport integration of ERP, quality management systems (QMS), analytics, and collaboration platformsDrive modernization initiatives across infrastructure, cloud platforms, and security toolingBuild and Lead the IT TeamDirectly manage and develop a small IT team (1–3 people), with accountability for hiring, performance, and team growth as the company scalesFoster a culture of security awareness across the organization through training, policies, and communicationManage external technology vendors including MSPs, ISPs, and cloud providersPartner with Executive LeadershipCollaborate with the executive team to align IT and security investments with company growth, commercial strategy, and regulatory milestonesProvide clear, non-technical guidance on cybersecurity posture, compliance status, and technology riskPrepare and present IT and security readiness materials for investor diligence, board reporting, and customer security assessmentsManage IT budgeting, forecasting, and technology investment planningWhat You BringMinimum Qualifications15+ years of progressive experience in IT infrastructure, enterprise systems, or cybersecurity leadershipDemonstrated experience developing and executing enterprise IT strategy and roadmaps in scaling organizationsStrong expertise with Microsoft enterprise environments including Azure, Active Directory, and Microsoft 365Experience managing hybrid cloud infrastructure and multi‑location environmentsProven experience building or improving cybersecurity governance, risk management, and compliance frameworksWorking knowledge of HIPAA security and privacy requirements and their application to IT systemsFamiliarity with FDA 21 CFR Part 11 and QSR/QMSR requirements as they relate to IT and computer systemsPreferred QualificationsExperience in medical device, healthcare, life sciences, or other FDA‑regulated industriesExperience with Computer System Validation (CSV) in a GxP environmentFamiliarity with ISO 27001 implementation or certificationKnowledge of GDPR and its application to sensitive personal or health dataExperience with ISO 13485 quality management systems as they relate to IT infrastructureFamiliarity with IEC 62443 or NIST Cybersecurity Framework in operational or lab technology environmentsExperience supporting investor security diligence, M&A readiness, or enterprise customer security assessmentsExperience with ERP systems or quality management system (QMS) platformsOne or more relevant certifications: CISSP, CISM, CRISC, HCISPP, CIPP/US, CIPP/E, or ISO 27001 Lead Implementer/AuditorMicrosoft Azure, security, or infrastructure certificationsHow We WorkWe are a small, experienced team working on consequential problems.We take ownership of outcomes and follow through with clarity and accountabilityWe prioritize sustained, high‑quality work over performative urgencyWe value rigor, sound judgement and thoughtful decision‑makingWe collaborate deliberately: low ego, high trust and high contextThis is a high-ownership role, but it is not an “always‑on” one. We expect strong work and our people to have a life outside of it. #J-18808-Ljbffr