Corporate Compliance Officer

About the position The Corporate Compliance Officer will support the transition of compliance oversight from the Legal function to Enterprise Risk Management (ERM). This is a hybrid role combining compliance program leadership/support with risk-based oversight. The Director will lead near-term policy cleanup and modernization, help establish a scalable compliance operating model, and own the compliance hotline and case management process. Over time, this position will help define and mature compliance-related processes and integrate them into ERM governance, prioritization, and reporting. Responsibilities • Compliance program leadership (build, run, and enable) • Lead execution of the compliance program charter, annual plan, and maturity roadmap in partnership with ERM leadership, Legal, and other key stakeholders. • Provide practical compliance guidance and implementation support to business leaders and teams, coordinating closely with partners to align with applicable laws, regulations, and organizational standards. • Design, deliver, and maintain core compliance program elements, including: Developing a training and awareness strategy (role-based training, refresh cadence, targeted campaigns, micro-burst training, etc.) Policy communications and employee attestations tied to policy publication Risk-based monitoring and thematic reviews, including follow-up on corrective actions Developing and maintaining compliance dashboards, metrics and reporting mechanisms • Policy cleanup, rationalization, and enterprise policy governance ownership • Lead an enterprise-wide policy inventory and cleanup initiative: identify duplicates/conflicts, retire outdated content, close gaps, and assign accountable owners. • Establish and operate the policy governance framework, including: Policy taxonomy/tiering (policy, standard, procedure, guideline) and document hierarchy Standard templates and minimum content requirements Approval authorities, review cycles, version control, publication standards, and evidence retention Policy exception/waiver process with documented risk acceptance and periodic review • Partner with Legal, Quality, Privacy, Security, People, and other business functions to ensure policies are clear, usable, and embedded across all corporate operations. • Hotline ownership, concerns intake/triage, and case management • Own the compliance hotline and related reporting channels (including hotline vendor management where applicable), ensuring accessibility, confidentiality, and reinforcement of non-retaliation expectations. • Ensure privacy-related concerns and potential privacy incidents are appropriately categorized, routed, managed with the right stakeholders, and tracked through remediation. • Run case intake, triage, categorization, severity/risk rating, routing, documentation standards, and service levels. • Transfer investigations to Legal when appropriate; ensure consistent case handling, appropriate escalation, and clear documentation through closure. • Produce regular analytics and trend reporting on allegations, substantiation outcomes, themes, and corrective actions. • Issue management, corrective actions, and remediation governance • Implement standardized enterprise issue management: intake, root cause, corrective action plans, due dates, evidence requirements, validation, and closure criteria. • Track remediation commitments from monitoring, hotline cases, audits, and quality findings; escalate aging/high-risk items through defined governance forums. • Coordinate with Internal Audit and Quality to align findings management and reduce duplicate testing/tracking. • Compliance risk oversight and ERM integration (risk types will mature over time) • Execute an initial compliance risk assessment approach aligned with ERM to prioritize program work (policy, training, monitoring) and identify areas requiring additional controls. • As the Director becomes acclimated, help define a pragmatic compliance risk taxonomy (“risk types”) suitable for a biotech/research environment and support integration into ERM reporting and governance. • Develop and maintain metrics and dashboards (policy currency, training completion/attestations, hotline trends, remediation aging, monitoring results). • Governance, audit/inspection readiness, and stakeholder partnership • Support compliance governance cadence (e.g., Compliance & Ethics Committee and/or Risk Committee reporting) through materials development, reporting, and issue escalation coordination. • Support external audits/inspections and partner assessments by coordinating evidence readiness and tracking remediation deliverables. • Partner closely with enterprise stakeholders to ensure compliance expectations are practical, implemented, and sustained. • Team leadership and capability build • Contribute to building a high-performing program over time; may provide informal leadership, project leadership, and/or direct people management as the function grows. • Help evaluate and implement tooling to support policy management, attestations, and case/issue tracking Requirements • Bachelor's degree in Business Administration, Risk Management, Healthcare Administration, Life Sciences, or related field required; advanced degree (MBA, JD, or Master's in Compliance/Risk Management) preferred • 8–12+ years of progressive experience in compliance, enterprise risk, ethics, governance, quality/regulatory compliance, privacy, or related fields; biotech/research or healthcare experience strongly preferred. • Demonstrated experience building and operating compliance program components (policy governance, training, monitoring, hotline/case management, remediation). • Working knowledge of healthcare privacy requirements (e.g., HIPAA/HITECH. • Strong stakeholder management skills and ability to influence across functions without direct authority. • Strong written and verbal communication skills; ability to produce clear executive-ready reporting. • Proven ability to build foundational frameworks where structures and “risk types” will evolve over time. Nice-to-haves • Prior experience in a diagnostic laboratory setting a plus. Benefits • Paid Time Off (PTO) • Health, Dental, Vision and Life insurance • 401k Retirement Savings Plan • Employee Discounts • Voluntary benefits