Posted Jul 13, 2026

Corporate Compliance Officer

Apply for this Role →
Summary The Corporate Compliance Officer will support the transition of compliance oversight from the Legal function to Enterprise Risk Management (ERM). This is a hybrid role combining compliance program leadership/support with risk-based oversight. The Director will lead near-term policy cleanup and modernization, help establish a scalable compliance operating model, and own the compliance hotline and case management process. Over time, this position will help define and mature compliance-related processes and integrate them into ERM governance, prioritization, and reporting. Job Responsibilities Compliance program leadership (build, run, and enable) • Lead execution of the compliance program charter, annual plan, and maturity roadmap in partnership with ERM leadership, Legal, and other key stakeholders. • Provide practical compliance guidance and implementation support to business leaders and teams, coordinating closely with partners to align with applicable laws, regulations, and organizational standards. • Design, deliver, and maintain core compliance program elements, including: • Developing a training and awareness strategy (role-based training, refresh cadence, targeted campaigns, micro-burst training, etc.) • Policy communications and employee attestations tied to policy publication • Risk-based monitoring and thematic reviews, including follow-up on corrective actions • Developing and maintaining compliance dashboards, metrics and reporting mechanisms Policy cleanup, rationalization, and enterprise policy governance ownership • Lead an enterprise-wide policy inventory and cleanup initiative: identify duplicates/conflicts, retire outdated content, close gaps, and assign accountable owners. • Establish and operate the policy governance framework, including: • Policy taxonomy/tiering (policy, standard, procedure, guideline) and document hierarchy • Standard templates and minimum content requirements • Approval authorities, review cycles, version control, publication standards, and evidence retention • Policy exception/waiver process with documented risk acceptance and periodic review • Partner with Legal, Quality, Privacy, Security, People, and other business functions to ensure policies are clear, usable, and embedded across all corporate operations. Hotline ownership, concerns intake/triage, and case management • Own the compliance hotline and related reporting channels (including hotline vendor management where applicable), ensuring accessibility, confidentiality, and reinforcement of non-retaliation expectations. • Ensure privacy-related concerns and potential privacy incidents are appropriately categorized, routed, managed with the right stakeholders, and tracked through remediation. • Run case intake, triage, categorization, severity/risk rating, routing, documentation standards, and service levels. • Transfer investigations to Legal when appropriate; ensure consistent case handling, appropriate escalation, and clear documentation through closure. • Produce regular analytics and trend reporting on allegations, substantiation outcomes, themes, and corrective actions. Issue management, corrective actions, and remediation governance • Implement standardized enterprise issue management: intake, root cause, corrective action plans, due dates, evidence requirements, validation, and closure criteria. • Track remediation commitments from monitoring, hotline cases, audits, and quality findings; escalate aging/high-risk items through defined governance forums. • Coordinate with Internal Audit and Quality to align findings management and reduce duplicate testing/tracking. Compliance risk oversight and ERM integration (risk types will mature over time) • Execute an initial compliance risk assessment approach aligned with ERM to prioritize program work (policy, training, monitoring) and identify areas requiring additional controls. • As the Director becomes acclimated, help define a pragmatic compliance risk taxonomy (“risk types”) suitable for a biotech/research environment and support integration into ERM reporting and governance. • Develop and maintain metrics and dashboards (policy currency, training completion/attestations, hotline trends, remediation aging, monitoring results). Governance, audit/inspection readiness, and stakeholder partnership • Support compliance governance cadence (e.g., Compliance & Ethics Committee and/or Risk Committee reporting) through materials development, reporting, and issue escalation coordination. • Support external audits/inspections and partner assessments by coordinating evidence readiness and tracking remediation deliverables. • Partner closely with enterprise stakeholders to ensure compliance expectations are practical, implemented, and sustained. Team leadership and capability build • Contribute to building a high-performing program over time; may provide informal leadership, project leadership, and/or direct people management as the function grows. • Help