Director, Incident Response & Threat

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field (required).
• 10-12 years of progressive experience in cybersecurity, information security, or IT risk management, including leadership roles.
• Proven experience leading enterprise‑scale incident response and threat management programs.
• Strong knowledge of cyber threat landscapes, attack techniques, and defensive strategies.
• Experience working in regulated environments (e.g., healthcare, life sciences, MedTech, or similarly regulated industries).
• Demonstrated ability to lead cross‑functional teams during high‑pressure incidents.
• Excellent executive communication, judgment, and decision‑making skills.
• English (fluent).

Nice To Haves

• Master’s degree in Cybersecurity, Information Systems, or Business Administration (preferred).
• Experience supporting global organizations with complex technology environments.
• Familiarity with security frameworks such as NIST, ISO 27001, or similar standards.
• Experience integrating threat intelligence into security operations and risk management.
• Prior people leadership experience managing managers or senior individual contributors.
• Experience with cloud, OT, and medical device security considerations.
• CISSP, CISM, GIAC, or equivalent cybersecurity certifications.

Responsibilities

• Lead the global incident response and threat management program, including preparation, detection, response, and recovery activities.
• Direct investigations of cybersecurity incidents, ensuring timely containment, root‑cause analysis, and post‑incident reporting.
• Develop and maintain incident response playbooks, escalation paths, and crisis management procedures.
• Partner with IT, Legal, Privacy, Quality, and Business leaders to manage cyber incidents and regulatory or compliance obligations.
• Oversee threat intelligence capabilities to proactively identify emerging threats and vulnerabilities relevant to the MedTech environment.
• Guide tabletop exercises, simulations, and readiness testing to strengthen organizational response maturity.
• Provide executive‑level reporting and recommendations on cyber risk, incident trends, and remediation priorities.
• Lead, mentor, and develop a high‑performing incident response and threat management team.
• Drive continuous improvement of tools, processes, and technologies supporting security operations and resilience.

Benefits

• Employees are eligible to participate in the Company’s consolidated retirement plan (pension) and savings plan (401(k)).
• This position is eligible to participate in the Company’s long-term incentive program.
• Vacation –120 hours per calendar year
• Sick time - 40 hours per calendar year; for employees who reside in the State of Colorado –48 hours per calendar year; for employees who reside in the State of Washington –56 hours per calendar year
• Holiday pay, including Floating Holidays –13 days per calendar year
• Work, Personal and Family Time - up to 40 hours per calendar year
• Parental Leave – 480 hours within one year of the birth/adoption/foster care of a child
• Bereavement Leave – 240 hours for an immediate family member: 40 hours for an extended family member per calendar year
• Caregiver Leave – 80 hours in a 52-week rolling period
• 10 days Volunteer Leave – 32 hours per calendar year
• Military Spouse Time-Off – 80 hours per calendar year