Director IT and Cyber Security

Build the systems that expand human capability

At Blackrock Neurotech, we've spent decades making the impossible possible - helping people move, speak, and reconnect with the world when they otherwise could not.

We've seen that restoring function restores more than ability. It restores independence, identity, and agency.

Today, we are building the next generation of human capability: brain-computer interfaces that are designed to be safe, scalable, and trusted in the real world. Our work is not only about reconnecting people to what was lost, but about expanding what is possible - creating a seamless interface between human intent and technology.

This is foundational work in a category-defining field. You will help build the infrastructure for a future where neural interfaces are invisible, reliable, and deeply human-centered.

Working at Blackrock Neurotech means:

• Owning meaningful, high-impact problems at the frontier of science and engineering
• Building alongside experienced, thoughtful peers across disciplines
• Solving technically complex challenges grounded in real human outcomes
• Contributing to a culture that values rigor, clarity, and long-term thinking over noise

The Role

Blackrock Neurotech is seeking a strategic and hands-on Director of IT & Security to lead the evolution of the company's technology infrastructure, cybersecurity posture, and enterprise systems as we scale our BCI operations. This role owns the company's IT strategy and roadmap while ensuring the reliability, security, and compliance of systems that support our growing team, mission-critical neurotechnology R&D, clinical operations, and sensitive intellectual property.

The Director of IT & Security will partner closely with executive leadership to align technology investments with company growth, regulatory requirements, and commercial readiness - including the data privacy, quality system, and security obligations inherent in medical device development. The ideal candidate brings both strategic vision and operational depth: able to modernize infrastructure, build cybersecurity governance, protect proprietary neural research data, and prepare the organization for regulatory scrutiny, investor diligence, and hospital/enterprise customer security assessments.

This role directly manages a small existing IT team (1-3 people) and owns relationships with external vendors and managed service providers.

What You'll Do

Lead IT Strategy and Infrastructure

• Own and execute Blackrock's enterprise IT strategy and technology roadmap
• Design and maintain scalable infrastructure supporting a growing organization and distributed workforce
• Oversee hybrid cloud environments including Azure, Microsoft 365, and enterprise collaboration platforms
• Ensure high availability, reliability, and performance across enterprise systems and networks
• Support secure, reliable connectivity across corporate offices and R&D lab environments

Strengthen Cybersecurity and Risk Governance

• Develop and implement cybersecurity frameworks, policies, and governance practices - including NIST CSF or ISO 27001 alignment
• Lead initiatives that improve the company's security posture, risk visibility, and compliance readiness across regulated and commercial environments
• Oversee identity and access management including SSO, MFA, and role-based access controls
• Build and maintain a Data Loss Prevention (DLP) program to protect proprietary neural research data, device IP, and clinical trial data
• Develop and maintain an incident response plan scoped to a regulated medical device environment, including FDA-reportable breach scenarios
• Own vendor risk management including Business Associate Agreements (BAAs) and third-party security assessments

Drive Regulatory Compliance and Quality System Support

• Ensure IT infrastructure, systems, and processes meet requirements under HIPAA, FDA 21 CFR Part 11, FDA QSR/QMSR (21 CFR Part 820), and SOC 2
• Lead Computer System Validation (CSV) efforts for GxP-relevant systems including quality management, lab, and clinical platforms
• Support ISO 27001 certification planning and execution as the company scales toward commercial operations
• Manage GDPR obligations for data protection
• Support internal audits, regulatory inspections, and investor or customer security assessments
• Serve as the primary IT and security liaison for FDA, customer, and partner diligence activities

Lead Enterprise Systems and Technology Modernization

• Evaluate and implement enterprise platforms that improve operational efficiency and regulatory readiness
• Support integration of ERP, quality management systems (QMS), analytics, and collaboration platforms
• Drive modernization initiatives across infrastructure, cloud platforms, and security tooling

Build and Lead the IT Team

• Directly manage and develop a small IT team (1-3 people), with accountability for hiring, performance, and team growth as the company scales
• Foster a culture of security awareness across the organization through training, policies, and communication
• Manage external technology vendors including MSPs, ISPs, and cloud providers

Partner with Executive Leadership

• Collaborate with the executive team to align IT and security investments with company growth, commercial strategy, and regulatory milestones
• Provide clear, non-technical guidance on cybersecurity posture, compliance status, and technology risk
• Prepare and present IT and security readiness materials for investor diligence, board reporting, and customer security assessments
• Manage IT budgeting, forecasting, and technology investment planning

What You Bring

Minimum Qualifications

• 15+ years of progressive experience in IT infrastructure, enterprise systems, or cybersecurity leadership
• Demonstrated experience developing and executing enterprise IT strategy and roadmaps in scaling organizations
• Strong expertise with Microsoft enterprise environments including Azure, Active Directory, and Microsoft 365
• Experience managing hybrid cloud infrastructure and multi-location environments
• Proven experience building or improving cybersecurity governance, risk management, and compliance frameworks
• Working knowledge of HIPAA security and privacy requirements and their application to IT systems
• Familiarity with FDA 21 CFR Part 11 and QSR/QMSR requirements as they relate to IT and computer systems

Preferred Qualifications

• Experience in medical device, healthcare, life sciences, or other FDA-regulated industries
• Experience with Computer System Validation (CSV) in a GxP environment
• Familiarity with ISO 27001 implementation or certification
• Knowledge of GDPR and its application to sensitive personal or health data
• Experience with ISO 13485 quality management systems as they relate to IT infrastructure
• Familiarity with IEC 62443 or NIST Cybersecurity Framework in operational or lab technology environments
• Experience supporting investor security diligence, M&A readiness, or enterprise customer security assessments
• Experience with ERP systems or quality management system (QMS) platforms
• One or more relevant certifications: CISSP, CISM, CRISC, HCISPP, CIPP/US, CIPP/E, or ISO 27001 Lead Implementer/Auditor
• Microsoft Azure, security, or infrastructure certifications

How We Work

We are a small, experienced team working on consequential problems.

• We take ownership of outcomes and follow through with clarity and accountability
• We prioritize sustained, high-quality work over performative urgency
• We value rigor, sound judgement and thoughtful decision-making
• We collaborate deliberately: low ego, high trust and high context

This is a high-ownership role, but it is not an "always-on" one. We expect strong work and our people to have a life outside of it.