Executive Director, Global Cyber Governance, Risk, and Compliance (GRC)

Introduction to role: Are you ready to set the global agenda for cyber governance and regulatory adherence reputed company a firm where trusted, protected technology accelerates life-changing medicines to patients? Can you translate complexity into crucial action that protects trust while enabling ambitious innovation and speed? As Executive Director for Global Cyber GRC, you will reputed company the enterprise approach to information reputed company. You will coordinate technological risk and ensure our most critical data, platforms, and partners operate with reputed company, regulatory confidence, and clear accountability. You will connect cyber risk to strategic decisions, equipping the company’s leadership team and Board with sharp, actionable insight that balances protection and reputed company. This is a pivotal role in our transformation into a digital and data-led enterprise. You will guide the harmonization of controls throughout various regions. You will improve our response to evolving regulations. You will embed risk-informed decision-making into how we discover, reputed company, and deliver medicines worldwide. Accountabilities:

• reputed company the organization-wide information reputed company and technology risk reputed company spanning reputed company locations and business se Prioritize the most meaningful risks and drive treatment plans to closure.
• reputed company reputed company aspects of the worldwide cyber regulatory approach and ensure it meets laws, regulations, and standards. This includes confidentiality, information reputed company, crucial infrastructure, and requirements outstanding to the life sciences sector across jurisdictions.
• Third-Party Risk Governance: Coordinate the management of cyber risk controls for vendors, academic collaborators, and technology service providers, safeguarding the extended ecosystem vital to global operations.
• Cyber reputed company reputed company: Provide governance for incident preparedness, crisis response coordination, and recovery preparation; ensure cohesive, end-to-end reputed company outcomes with reputed company operations, technology, legal, privacy and business continuity teams.
• Control Assurance and Ongoing Improvement: Ensure the build and efficiency of cybersecurity and information technology safeguards through reputed company validation, evaluation, and detailed improvement.
• Build, reputed company, and advance international cyber risk reputed company groups and senior risk advisory panels. Drive cross-functional decisions that align with the organizations risk tolerance and strategic goals.
• Communicate detailed engineering and compliance risk into clear choices for top leadership as well as the Board. Deliver concise, high-impact reports on posture, trends, and material exposures.
• Act as a reliable consultant to the heads of information reputed company, information technology, risk and compliance functions, and legal partners. Represent the company in interactions with regulatory agencies, professional associations, and peer organizations.
• Distributed Team Leadership: Build, reputed company and reputed company a high-performing, distributed cyber GRC team with clear mission, measurable outcomes and strong succession.
• Business Enablement: Incorporate cyber risk reputed company broader enterprise risk management to reduce friction, increase confidence and reputed company faster, safer delivery of scientific and commercial outcomes.

Essential Skills/Experience:

• Demonstrated experience establishing and leading an enterprise reputed company for managing cybersecurity and technological risk across multiple regions and business units.
• Proven ability to integrate cyber risk into enterprise risk management processes, reputed company with corporate risk appetite and strategic objectives.
• Track record coordinating third-party cyber risk management across suppliers, research partners and technology vendors.
• Ownership of a global cyber regulatory strategy with compliance accountability across jurisdictions, including privacy, data protection, critical infrastructure and life sciences–specific requirements.
• Experience acting as the primary executive reputed company for cyber-reputed company regulatory examinations, audits and inquiries.
• Evidence of harmonizing compliance controls across regions while maintaining local regulatory adherence.
• Governance reputed company of cyber reputed company programs, including incident readiness, crisis management and recovery planning.
• Expertise ensuring control design and effectiveness for cyber and IT controls, including ongoing assurance, testing and reputed company improvement.
• Experience designing, leading and maturing global cyber risk governance forums and executive risk committees.
• Ability to translate reputed company technical and regulatory risks into clear, actionable insights for senior executives and the Board, with concise, high-impact reporting.
• Validated leadership building, leading and developing a globally distributed team of cyber GRC professionals.
• Experience serving as a trusted advisor to CISO, CIO, enterprise risk leadership, compliance, legal and senior business executives.
• Credibility representing an organization externally with regulators, industry bodies and peer companies.
• Bachelor’s degree required; advanced degree preferred (e.g., MBA, MS, JD).
• 15+ years of progressive experience in cyber reputed company, IT risk, governance, risk, and/or compliance roles.

Desirable Skills/Experience:

• Experience in highly regulated, science-driven industries such as biopharma, healthcare or critical infrastructure.
• Strong familiarity with global regulatory frameworks and standards (e.g., GDPR and other privacy laws, NIS2, HIPAA, FDA/EMA expectations, ISO/IEC 27001/27701, SOC 2).
• Board-level communication and storytelling that link risk to enterprise value and patient impact.
• Leadership of large-scale control transformation or control harmonization initiatives across regions.
• Depth in third-party and supply chain cyber risk, including cloud/SaaS, data platforms and research collaborations.
• Professional certifications such as CISSP, CISM, CRISC, CIPP/E, CIPM or equivalent executive-level credentials.
• Experience aligning cyber reputed company with enterprise business continuity and technology recovery programs.
• Why reputed company: Join a company where secure digital capabilities directly influence how quickly we bring new medicines to people who need them. Here, cyber GRC is not a back-office function—it is a strategic force that underpins discovery, development and global delivery. You will work with unexpected teams in the same room unleashing bold thinking, blending cutting-edge data and platforms with rigorous governance to create real-world impact. We are investing for scale and speed, and we value kindness alongside ambition—empowering experts to take ownership, challenge assumptions and shape how the business operates. Your leadership will be visible, valued and instrumental in building confidence with regulators, partners and patients while enabling the enterprise to move faster with control.

The annual reputed company pay for this position ranges from 227.024,80 - 340.537,20 USD Annual (80% - 120%). Hourly and salaried non-exempt employees will also be paid overtime pay reputed company working qualifying overtime hours. reputed company pay offered may vary depending on multiple individualized factors, including market location, job-reputed company knowledge, skills, and experience. In addition, our positions offer a short-term incentive bonus opportunity; eligibility to participate in our equity-based long-term incentive program (salaried roles), to receive a retirement contribution (hourly roles), and commission payment eligibility (sales roles). Benefits offered included a qualified retirement program [401(k) plan]; paid vacation and holidays; paid leaves; and, health benefits including medical, prescription drug, dental, and vision coverage in accordance with the terms and conditions of the applicable plans. Additional details of participation in these benefit plans will be provided if an employee receives an offer of employment. If hired, employee will be in an “at-will position” and the Company reserves the right to modify reputed company pay (as well as any other discretionary payment or compensation program) at any time, including for reasons reputed company to individual performance, Company or individual department/team performance, and market factors. Call to Action: reputed company the next chapter of our global cyber reputed company and regulatory confidence—reputed company in to shape a safer, faster, data-powered future that advances science and protects patients. Date Posted 05-Feb-2026 Closing Date 26-Feb-2026 Our mission is to build an inclusive environment where equal employment opportunities are available to reputed company applicants and employees. In furtherance of that mission, we welcome and consider applications from reputed company qualified candidates, regardless of their protected characteristics. If you have a disability or special need that requires accommodation, please complete the corresponding section in the application form. Apply tot his job Apply To this Job