Director, Security

About Enovis

Enovis Corporation (NYSE: ENOV) is an innovation-driven medical technology growth company dedicated to developing clinically differentiated solutions that generate measurably better patient outcomes and transform workflows. Powered by a culture of continuous improvement, global talent and innovation, the Company's extensive range of products, services and integrated technologies fuels active lifestyles in orthopedics and beyond.

For more information about Enovis, please visit

At Enovis we pay attention to the details. We embrace collaboration with our partners and patients, and take pride in the pursuit of scientific excellence - with the goal of transforming medical technology as we know it.

Because that's how we change the lives of patients for the better. And that's how we create better together.

As a key member of the IT Team you will play an integral part in helping Enovis drive the medical technology industry forward through transforming patient care and creating better patient outcomes.

Director of IT Security

Chief Information Officer

Lewisville, Texas

Strategy & Governance

• Develop and execute a cohesive global cybersecurity strategy that directly supports the "One Enovis" IT transformation, corporate vision, and the drive for profitable, capital-efficient growth.
• Develop, own, and continuously mature the enterprise Information Security Program, aligned to NIST CSF, ISO 27001, and healthcare-specific frameworks.
• Define and enforce enterprise security policies, standards, and procedures across all global business units.
• Present security posture, risk metrics, and program updates to executive leadership and external auditors.
• Lead the organization’s cyber risk management program, including risk assessment, risk register maintenance, and risk treatment planning.
• Manage the annual security budget; optimize spend across tools, services, staffing, and managed security providers.

Threat Management & Security Operations

• Oversee the 24x7 Security Operations Center (SOC) ensuring rapid detection and response to threats.
• Lead the Incident Response (IR) program: maintain and exercise IR plans, manage breach investigations, coordinate with legal, PR, and regulators.
• Drive vulnerability management, penetration testing, and programs to proactively identify and remediate exposures across all environments.
• Govern threat intelligence operations to anticipate emerging threats targeting healthcare organizations globally.

Architecture & Identity

• Lead security architecture review for all major infrastructure and application initiatives, ensuring security-by-design.
• Oversee identity and access management (IAM/PAM) strategy, including MFA enforcement, SSO, and privileged access governance.

Compliance & Regulatory

• Lead enterprise cybersecurity risk assessment and regulatory compliance including HIPAA, FDA cybersecurity requirements for medical devices, GDPR, and other global standards.

Security Awareness & Culture

• Design and execute an enterprise-wide security awareness and training program tailored to all staff globally.
• Run simulated phishing and social engineering campaigns; track and report behavior metrics to leadership.
• Act as a security champion and culture carrier, fostering a "security is everyone's responsibility" mindset across the global workforce.

• 7+ years' experience leading global cybersecurity teams and programs, preferably in medical technology, healthcare, or other highly regulated industries.
• Demonstrated success leading cybersecurity aspects of large-scale IT integrations, ERP transitions, systems harmonization, and M&A integrations within complex, multi-business-unit organizations.
• Proven ability to streamline and mature diverse security landscapes into efficient, scalable, enterprise-grade programs while supporting the unique needs of individual business units.
• Demonstrated experience in healthcare or another highly regulated industry.
• Deep hands‑on knowledge of HIPAA Security Rule, HITRUST CSF, NIST CSF, and SOC 2 frameworks.
• Proven track record leading incident response for significant cybersecurity events,…