The Role
Blackrock Neurotech is seeking a strategic and hands-on Director of IT & Cybersecurity to lead the evolution of the company's technology infrastructure, cybersecurity posture, and enterprise systems as we scale our BCI operations. This role owns the company's IT strategy and roadmap while ensuring the reliability, security, and compliance of systems that support our growing team, mission-critical neurotechnology R&D, clinical operations, and sensitive intellectual property.
The Director of IT & Cybersecurity will partner closely with executive leadership to align technology investments with company growth, regulatory requirements, and commercial readiness — including the data privacy, quality system, and security obligations inherent in medical device development. The ideal candidate brings both strategic vision and operational depth: able to modernize infrastructure, build cybersecurity governance, protect proprietary neural research data, and prepare the organization for regulatory scrutiny, investor diligence, and hospital/enterprise customer security assessments.
This role directly manages a small existing IT team (1–3 people) and owns relationships with external vendors and managed service providers.
What You'll Do
Lead IT Strategy and Infrastructure
- Own and execute Blackrock's enterprise IT strategy and technology roadmap
- Design and maintain scalable infrastructure supporting a growing organization and distributed workforce
- Oversee hybrid cloud environments including Azure, Microsoft 365, and enterprise collaboration platforms
- Ensure high availability, reliability, and performance across enterprise systems and networks
- Support secure, reliable connectivity across corporate offices and R&D lab environments
Strengthen Cybersecurity and Risk Governance
- Develop and implement cybersecurity frameworks, policies, and governance practices — including NIST CSF or ISO 27001 alignment
- Lead initiatives that improve the company's security posture, risk visibility, and compliance readiness across regulated and commercial environments
- Oversee identity and access management including SSO, MFA, and role-based access controls
- Build and maintain a Data Loss Prevention (DLP) program to protect proprietary neural research data, device IP, and clinical trial data
- Develop and maintain an incident response plan scoped to a regulated medical device environment, including FDA-reportable breach scenarios
- Own vendor risk management including Business Associate Agreements (BAAs) and third-party security assessments
Drive Regulatory Compliance and Quality System Support
- Ensure IT infrastructure, systems, and processes meet requirements under HIPAA, FDA 21 CFR Part 11, FDA QSR/QMSR (21 CFR Part 820), and SOC 2
- Lead Computer System Validation (CSV) efforts for GxP-relevant systems including quality management, lab, and clinical platforms
- Support ISO 27001 certification planning and execution as the company scales toward commercial operations
- Manage GDPR obligations for data protection
- Support internal audits, regulatory inspections, and investor or customer security assessments
- Serve as the primary IT and security liaison for FDA, customer, and partner diligence activities
Lead Enterprise Systems and Technology Modernization
- Evaluate and implement enterprise platforms that improve operational efficiency and regulatory readiness
- Support integration of ERP, quality management systems (QMS), analytics, and collaboration platforms
- Drive modernization initiatives across infrastructure, cloud platforms, and security tooling