Corporate Compliance Officer

Summary

The Corporate Compliance Officer will support the transition of compliance oversight from the Legal function to Enterprise Risk Management (ERM). This is a hybrid role combining compliance program leadership/support with risk-based oversight. The Director will lead near-term policy cleanup and modernization, help establish a scalable compliance operating model, and own the compliance hotline and case management process. Over time, this position will help define and mature compliance-related processes and integrate them into ERM governance, prioritization, and reporting.

Job Responsibilities

Compliance program leadership (build, run, and enable)
• Lead execution of the compliance program charter, annual plan, and maturity roadmap in partnership with ERM leadership, Legal, and other key stakeholders.
• Provide practical compliance guidance and implementation support to business leaders and teams, coordinating closely with partners to align with applicable laws, regulations, and organizational standards.
• Design, deliver, and maintain core compliance program elements, including:
• Developing a training and awareness strategy (role-based training, refresh cadence, targeted campaigns, micro-burst training, etc.)
• Policy communications and employee attestations tied to policy publication
• Risk-based monitoring and thematic reviews, including follow-up on corrective actions
• Developing and maintaining compliance dashboards, metrics and reporting mechanisms

Policy cleanup, rationalization, and enterprise policy governance ownership
• Lead an enterprise-wide policy inventory and cleanup initiative: identify duplicates/conflicts, retire outdated content, close gaps, and assign accountable owners.
• Establish and operate the policy governance framework, including:
• Policy taxonomy/tiering (policy, standard, procedure, guideline) and document hierarchy
• Standard templates and minimum content requirements
• Approval authorities, review cycles, version control, publication standards, and evidence retention
• Policy exception/waiver process with documented risk acceptance and periodic review
• Partner with Legal, Quality, Privacy, Security, People, and other business functions to ensure policies are clear, usable, and embedded across all corporate operations.

Hotline ownership, concerns intake/triage, and case management
• Own the compliance hotline and related reporting channels (including hotline vendor management where applicable), ensuring accessibility, confidentiality, and reinforcement of non-retaliation expectations.
• Ensure privacy-related concerns and potential privacy incidents are appropriately categorized, routed, managed with the right stakeholders, and tracked through remediation.
• Run case intake, triage, categorization, severity/risk rating, routing, documentation standards, and service levels.
• Transfer investigations to Legal when appropriate; ensure consistent case handling, appropriate escalation, and clear documentation through closure.
• Produce regular analytics and trend reporting on allegations, substantiation outcomes, themes, and corrective actions.

Issue management, corrective actions, and remediation governance
• Implement standardized enterprise issue management: intake, root cause, corrective action plans, due dates, evidence requirements, validation, and closure criteria.
• Track remediation commitments from monitoring, hotline cases, audits, and quality findings; escalate aging/high-risk items through defined governance forums.
• Coordinate with Internal Audit and Quality to align findings management and reduce duplicate testing/tracking.

Compliance risk oversight and ERM integration (risk types will mature over time)
• Execute an initial compliance risk assessment approach aligned with ERM to prioritize program work (policy, training, monitoring) and identify areas requiring additional controls.
• As the Director becomes acclimated, help define a pragmatic compliance risk taxonomy (“risk types”) suitable for a biotech/research environment and support integration into ERM reporting and governance.
• Develop and maintain metrics and dashboards (policy currency, training completion/attestations, hotline trends, remediation aging, monitoring results).

Governance, audit/inspection readiness, and stakeholder partnership
• Support compliance governance cadence (e.g., Compliance & Ethics Committee and/or Risk Committee reporting) through materials development, reporting, and issue escalation coordination.
• Support external audits/inspections and partner assessments by coordinating evidence readiness and tracking remediation deliverables.
• Partner closely with enterprise stakeholders to ensure compliance expectations are practical, implemented, and sustained.

Team leadership and capability build
• Contribute to building a high-performing program over time; may provide informal leadership, project leadership, and/or direct people management as the function grows.
• Help

Apply tot his job

Apply To this Job

Ready to Apply?

Don't miss out on this amazing opportunity!