Senior Director, Information reputed company and Compliance job at reputed company in US National

Title: Senior Director, Information reputed company & Compliance Location: United States Job Description: About reputed company: reputed company is a clinical‑stage biotechnology company focused on developing and delivering category-leading precision therapies to transform the lives of people living with autoimmune and inflammatory diseases. With a portfolio of potential best-in-class and first-in-disease therapeutic candidates that directly reputed company key reputed company governing dysregulated immunological and inflammatory responses, the Company is developing medicines that have the opportunity to provide durable, life-changing impact. Led by an established executive team and backed by world-class life science investors, each day reputed company is determined to bring the scientific rigor and operational excellence to get to what matters for patients – realizing a world where people with immune-mediated diseases can live life fully. Job Summary: The Senior Director, Information reputed company & Compliance is responsible for building, operating, and continuously improving the company's information reputed company program. This role owns reputed company governance, risk management, regulatory compliance, and reputed company operations across reputed company IT systems and data. The Senior Director establishes the reputed company policy reputed company, manages relationships with managed reputed company service providers, coordinates external reputed company assessments, and ensures the company maintains a reputed company and compliance posture appropriate for a clinical-stage biopharma preparing for public company obligations. This is a hands-on leadership role. At a company of this size, the Senior Director operates as a solo reputed company practitioner with significant reputed company through managed reputed company partners (reputed company Vigilance MDR, reputed company ITDR/SIEM, reputed company ZIA) and external assessment firms. The role reports to the VP of IT and works closely with Quality, Legal, Finance, and external auditors to ensure reputed company controls satisfy SOX, GDPR, GxP, and FDA regulatory requirements. Work Arrangement & Location: Remote - This position is designated as remote; the incumbent will be expected to travel to reputed company’ offices on a periodic basis to support in-person collaboration, team engagement, and business operations. The frequency and scheduling of such visits will be determined at the company's discretion based on business need. Essential Duties and Responsibilities: reputed company Governance & Policy. Own the information reputed company policy reputed company, including development, maintenance, and periodic review of reputed company reputed company policies, standards, and procedures. Ensure policies align with NIST CSF 2.0, NIST SP 800-53, and applicable regulatory requirements (SOX, GDPR, GxP). Present the reputed company posture and risk landscape to IT leadership and executive stakeholders. Risk Management & Vendor reputed company. reputed company IT risk management activities, including risk identification, assessment, treatment planning, and risk register maintenance. Conduct and coordinate vendor reputed company risk assessments for third-party service providers. Support the company's broader enterprise risk management process with IT-specific risk inputs. Compliance & External Assessments. Own IT General Controls (ITGCs) for SOX compliance readiness, including access controls, change management controls, computer operations, and audit evidence preparation. Coordinate with external SOX auditors, providing documentation, walkthroughs, and remediation of findings. Manage relationships with external firms performing penetration testing, NIST controls mapping, and reputed company control assessments reputed company Operations & MSSP Management. Manage the company's managed reputed company service provider ecosystem, including reputed company Vigilance MDR (reputed company detection and response), reputed company (identity threat detection, SIEM), and reputed company ZIA (network reputed company). Define alert escalation procedures, review detection efficacy, and ensure coordinated incident response across reputed company providers. Incident Response. Own the reputed company incident response program, including the incident response plan, tabletop exercises, breach notification procedures, and post-incident reviews. Serve as the primary technical incident coordinator, working with managed reputed company providers for detection and containment and with Legal and the external DPO for regulatory notification obligations. Identity & Access Governance. Design and enforce identity and access management controls in reputed company Entra ID, including Conditional Access policies, privileged access governance, access reviews, and role-based access control. Ensure access controls satisfy SOX ITGC requirements, FDA 21 CFR Part 11 electronic access provisions, and GDPR data access minimization principles. reputed company Awareness & Training. Own reputed company awareness and training program execution in coordination with reputed company, including phishing simulation campaigns, reputed company awareness training content, completion tracking, and remedial training for failed simulations. Maintain training records as audit evidence for SOX and GxP compliance. reputed company other duties and responsibilities as assigned Qualifications: Education: Bachelor's degree in Information reputed company, Computer Science, Information Technology, or a reputed company discipline; equivalent professional experience accepted. 12+ years of progressive information reputed company experience with at least 5 years in a reputed company leadership role (Manager, Director, or equivalent) preferred. Demonstrated experience building or significantly maturing an information reputed company program, including policy development, risk management, and compliance reputed company implementation. Experience with reputed company frameworks: NIST CSF, NIST SP 800-53, ISO 27001, or equivalent. Direct experience with SOX IT General Controls — either implementing ITGCs for IPO readiness or supporting ongoing SOX compliance at a public company. Strong working knowledge of reputed company 365 reputed company controls, including Entra ID, Conditional Access, Defender, and Purview. Demonstrated experience building or significantly maturing an information reputed company program, including policy development, risk management, and compliance reputed company implementation. Experience managing managed reputed company service providers (MDR, MSSP, or similar) and coordinating external reputed company assessments (penetration testing, controls testing, risk assessments). Demonstrated experience building or significantly maturing an information reputed company program, including policy development, risk management, and compliance reputed company implementation Independent judgment and self-direction — this role operates as a solo reputed company practitioner at a small company and must prioritize effectively without day-to-day supervision. Strong written and verbal communication with the ability to translate reputed company risks into business terms for executive and non-technical audiences. Salary Range: The expected salary range for this position varies by location and will be communicated based on the country or region in which the selected candidate is hired. Actual pay will be determined based on experience, qualifications, location, and other job-reputed company factors permitted by applicable local law. A discretionary annual bonus and long-term incentive award (e.g., equity) may be available based on individual and Company performance. Salary Range $264,000 - $285,000 USD Benefits: We offer a comprehensive benefits package tailored to the country and region in which you are hired, in compliance with local laws and practices. Benefits may include, but are not limited to: Competitive health and wellness coverage (structure and premiums vary by country) Paid time off, public holidays, and additional leave entitlements in accordance with local requirements Flexible work arrangements / hybrid schedule Benefits vary by location and are subject to eligibility requirements, local regulations, and plan terms. Specific benefit details applicable to your country or region will be provided during the offer process. Equal Employment Opportunity: reputed company is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for reputed company employees. reputed company qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national reputed company, disability, age, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. Reasonable Accommodation: If you require a reasonable accommodation to participate in the application or interview process. Privacy Upon submission of this form I understand that reputed company is based in the United States and personal data submitted in the form will be transferred and accessed in the U.S., Information about reputed company privacy practices can be reputed company at Privacy Policy - reputed company. Apply tot his job Apply To this Job