Corporate Compliance Officer

About The Position

Requirements

• Bachelor's degree in Business Administration, Risk Management, Healthcare Administration, Life Sciences, or related field required; advanced degree (MBA, JD, or Master's in Compliance/Risk Management) preferred
• 8–12+ years of progressive experience in compliance, enterprise risk, ethics, governance, quality/regulatory compliance, privacy, or related fields; biotech/research or healthcare experience strongly preferred.
• Demonstrated experience building and operating compliance program components (policy governance, training, monitoring, hotline/case management, remediation).
• Working knowledge of healthcare privacy requirements (e.g., HIPAA/HITECH.
• Strong stakeholder management skills and ability to influence across functions without direct authority.
• Strong written and verbal communication skills; ability to produce clear executive-ready reporting.
• Proven ability to build foundational frameworks where structures and “risk types” will evolve over time.

Nice To Haves

• Prior experience in a diagnostic laboratory setting a plus.

Responsibilities

• Compliance program leadership (build, run, and enable)
• Lead execution of the compliance program charter, annual plan, and maturity roadmap in partnership with ERM leadership, Legal, and other key stakeholders.
• Provide practical compliance guidance and implementation support to business leaders and teams, coordinating closely with partners to align with applicable laws, regulations, and organizational standards.
• Design, deliver, and maintain core compliance program elements, including: Developing a training and awareness strategy (role-based training, refresh cadence, targeted campaigns, micro-burst training, etc.) Policy communications and employee attestations tied to policy publication Risk-based monitoring and thematic reviews, including follow-up on corrective actions Developing and maintaining compliance dashboards, metrics and reporting mechanisms
• Policy cleanup, rationalization, and enterprise policy governance ownership
• Lead an enterprise-wide policy inventory and cleanup initiative: identify duplicates/conflicts, retire outdated content, close gaps, and assign accountable owners.
• Establish and operate the policy governance framework, including: Policy taxonomy/tiering (policy, standard, procedure, guideline) and document hierarchy Standard templates and minimum content requirements Approval authorities, review cycles, version control, publication standards, and evidence retention Policy exception/waiver process with documented risk acceptance and periodic review
• Partner with Legal, Quality, Privacy, Security, People, and other business functions to ensure policies are clear, usable, and embedded across all corporate operations.
• Hotline ownership, concerns intake/triage, and case management
• Own the compliance hotline and related reporting channels (including hotline vendor management where applicable), ensuring accessibility, confidentiality, and reinforcement of non-retaliation expectations.
• Ensure privacy-related concerns and potential privacy incidents are appropriately categorized, routed, managed with the right stakeholders, and tracked through remediation.
• Run case intake, triage, categorization, severity/risk rating, routing, documentation standards, and service levels.
• Transfer investigations to Legal when appropriate; ensure consistent case handling, appropriate escalation, and clear documentation through closure.
• Produce regular analytics and trend reporting on allegations, substantiation outcomes, themes, and corrective actions.
• Issue management, corrective actions, and remediation governance
• Implement standardized enterprise issue management: intake, root cause, corrective action plans, due dates, evidence requirements, validation, and closure criteria.
• Track remediation commitments from monitoring, hotline cases, audits, and quality findings; escalate aging/high-risk items through defined governance forums.
• Coordinate with Internal Audit and Quality to align findings management and reduce duplicate testing/tracking.
• Compliance risk oversight and ERM integration (risk types will mature over time)
• Execute an initial compliance risk assessment approach aligned with ERM to prioritize program work (policy, training, monitoring) and identify areas requiring additional controls.
• As the Director becomes acclimated, help define a pragmatic compliance risk taxonomy (“risk types”) suitable for a biotech/research environment and support integration into ERM reporting and governance.
• Develop and maintain metrics and dashboards (policy currency, training completion/attestations, hotline trends, remediation aging, monitoring results).
• Governance, audit/inspection readiness, and stakeholder partnership
• Support compliance governance cadence (e.g., Compliance & Ethics Committee and/or Risk Committee reporting) through materials development, reporting, and issue escalation coordination.
• Support external audits/inspections and partner assessments by coordinating evidence readiness and tracking remediation deliverables.
• Partner closely with enterprise stakeholders to ensure compliance expectations are practical, implemented, and sustained.
• Team leadership and capability build
• Contribute to building a high-performing program over time; may provide informal leadership, project leadership, and/or direct people management as the function grows.
• Help evaluate and implement tooling to support policy management, attestations, and case/issue tracking

Benefits

• Paid Time Off (PTO)
• Health, Dental, Vision and Life insurance
• 401k Retirement Savings Plan
• Employee Discounts
• Voluntary benefits