Job Description
Our Information Technology division partners with colleagues from across the business to help serve our patients and customers around the world. We are a high-energy team of dynamic, innovative individuals dedicated to leveraging information and technology to efficiently drive revenue and productivity, thereby advancing our contribution to global medical innovation.

JOB DESCRIPTION

EU Cyber and Digital Regulations Associate Director plays a key role within the IT Risk & Compliance Programs function. This role oversees compliance activities under the EU Cyber and Digital Regulations program relating to key EU regulations (e.g. NIS2 regulations, Cyber Resiliency Act, etc.). This role will require tracking changes in regulations, ensuring compliance with relevant laws, and cooperating with M&A processes to align entities with regulations. The Associate Director, EU Cyber and Digital Regulations will maintain and review lists of registered entities, oversee critical supply chain compliance, work with procurement to monitor key suppliers, and coordinate with the awareness team to provide security training and tabletop exercises.

DESIRED EDUCATION LEVEL:

• Bachelor’s degree required

REQUIRED EXPERIENCE AND SKILLS:

• 8+ years of relevant experience including extensive knowledge of NIS2 regulations, the Cyber Resilience Act, and other EU regulations.
• Certified in relevant governance, risk, and compliance certifications, such as CISA, CRISC, or similar.
• Experience in governance, risk, and compliance management.
• Strong understanding and experience with procurement and supply chain compliance.
• Experience in internal and external audit processes.
• Effective project management and organizational skills, and ability to plan and manage multiple projects and tasks simultaneously.
• Excellent interpersonal skills, including the ability to work closely with people at all levels of the organization and facilitate the implementation of corrective actions.
• Demonstrated success within a matrix organization where strong leadership, influence, and collaboration are essential to enlist support and commitment from peers.
• Ability to balance strategic thinking with effective, timely execution and delivery.
• Confidence to challenge the status quo and raise questions, risks, and issues.
• High standard of ethics discipline and professionalism.
• Proficient in managing virtual engagements and workshops with international stakeholders.

PREFERRED EXPERIENCE AND SKILLS:

• Experience operating in a highly regulated environment such as health care or finance.
• Broad understanding of end-to-end company operations and organizational structure including research and development, manufacturing, commercial operations, financial processes, & IT.

KNOW ANYBODY WHO MIGHT BE INTERESTED? REFER THIS JOB!

Current Employees apply HERE
Current Contingent Workers apply HERE

• Track changes in EU regulations and ensure our company’s compliance with relevant EU laws.
• Cooperate and align processes with M&A to onboard/offboard entities in compliance with regulations.
• Maintain and review lists of registered entities.
• Serve as the global point of contact for NIS2 matters, including oversight of the incident reporting processes and self-assessment process for NIS2 compliance.
• Review and update NIS2-related procedures and standard operating procedures regularly.
• Maintain and review the list of NIS2 incidents, both confirmed and potential.
• Perform internal audits for NIS2 compliance and oversee the remediation of audit findings.
• Oversee compliance status of the critical supply chain at the local level.
• Cooperate with Procurement to oversee compliance of new critical suppliers.
• Monitor security and supplier assessment statuses.
• Collaborate with the awareness team to create, update, and maintain training materials.
• Provide security awareness training for system users, including managers, senior managers, and contractual partners.
• Track completion of tabletop exercises and confirm the functionality of mass notification systems.
• Work with external auditors.