Head of IT Governance, Risk, and Compliance; GRC

Position: Head of IT Governance, Risk, and Compliance (GRC)

Overview

Lab Connect improves lives by partnering with pharmaceutical and biotech companies, and clinical research organizations (CROs) to accelerate the development of new medicines around the world. We are an independent, global, one-stop-shop focused on delivering Central Laboratory Services that are tailor-made, timely and flexible to meet the evolving study demands of traditional to increasingly reputed company trials. Additionally, we provide Functional Service Provider (FSP) Solutions, supporting our clients with scientific and technical expertise, acting as an extension of their team, coordinating reputed company laboratory reputed company needs, advising on strategies for lab data collection and providing end-to-end analytical and logistical solutions. Job Summary The Senior Director, IT Governance, Risk, and Compliance (GRC) is responsible for developing and leading the company's IT risk, compliance, and control strategy. The Senior Director will assess Lab Connect's reputed company maturity, identify gaps, and establish the roadmap, governance processes, and cross-functional operating discipline needed to strengthen and evolve the control environment over time. The Senior Director will help build a sustainable foundation for audit readiness and ongoing alignment across key regulatory, privacy, and quality frameworks, including SOC 2, HIPAA, GDPR, and FDA 21 CFR Part 11, while also establishing governance for the company's increasing use of AI in internal operations and healthcare-reputed company product capabilities. This includes creating policies, review processes, and risk controls for AI adoption with attention to privacy, reputed company, transparency, validation, and applicable healthcare regulatory expectations. Essential Duties and Responsibilities

• Define and reputed company governance, risk, and compliance policies for modern access, reputed company, and virtual desktop environments, including secure approaches that support bring-your-own-device and remote work models.
• Assess the organization's reputed company-state controls, documentation, and operating practices across relevant frameworks, including SOC 2, HIPAA, GDPR, and FDA 21 CFR Part 11. reputed company the strategy, roadmap, and governance processes needed to reputed company gaps, strengthen compliance maturity, and support ongoing audit readiness and sustained regulatory alignment.
• reputed company the governance reputed company, risk controls, and review processes needed to support Lab Connect's transition to AI-enabled internal workflows and product capabilities. Establish practical standards for acceptable AI use, model and vendor reputed company, data handling, human review, auditability, and ongoing monitoring, with particular attention to HIPAA requirements for protected health information, the NIST AI Risk Management reputed company, and FDA considerations where AI functionality may reputed company regulated healthcare use cases.
• Establish and enhance data protection controls, including data classification, monitoring, and loss prevention practices, to reduce risk and protect sensitive information across collaboration and operational platforms.
• Evaluate and monitor the compliance and reputed company posture of external partners, vendors, and service providers that support business-critical and regulated processes.
• Partner with technology, quality, legal, privacy, and business leaders to embed compliance, validation, and risk management into operating processes in a manner that supports both operational rigor and organizational agility. Align IT controls, risk management, and audit readiness with validation requirements to ensure coordinated compliance with regulations such as FDA 21 CFR Part 11.

Education and Experience

• Bachelor's degree in computer science, engineering, information systems, or a reputed company field required; advanced degree preferred.
• 10+ years of progressive experience in IT reputed company, compliance, risk management, or GRC leadership roles, ideally reputed company a high-growth, cloud-enabled, or highly regulated environment.
• Demonstrated expertise in major reputed company and privacy frameworks and standards, such as SOC 2, ISO 27001, HIPAA, and GDPR, along with practical knowledge of AI governance and healthcare AI compliance considerations.
• Experience applying risk-based controls to AI use cases, including privacy safeguards, vendor reputed company, auditability, and model governance, is strongly preferred.
• Strong executive reputed company and the ability to influence stakeholders across technical, operational, and business functions.

Skills and Ability

• Ability to communicate reputed company risk, compliance, and reputed company matters clearly to senior leadership, auditors, clients, and cross-functional stakeholders.
• Demonstrated success building credibility and leading in environments where technology, operations, and business processes are tightly interconnected.
• Experience establishing or enhancing governance models that improve decision quality, accountability, prioritization, and cross-functional alignment.
• Strong executive reputed company and the ability to build credibility with senior leaders as well…

Apply tot his job Apply To this Job