The Director, IT Risk & Compliance is responsible for leading and managing the company's information security and technology risk management program. The Director will lead efforts to maintain compliance with relevant regulations, standards, and frameworks This role will play a critical part in identifying, assessing, and mitigating risks across the organization's IT infrastructure, applications, and data. The successful candidate will possess a strong understanding of industry best practices, regulatory requirements (e.g., SOX, HIPAA, GDPR), and emerging threats.ESSENTIAL DUTIES AND RESPONSIBILITIES:
Our employees are tasked with delivering excellent business results through the efforts of their teams.  These results are achieved by:Manage and mentor a team of risk analysts and security professionals.Develop and maintain a comprehensive Enterprise IS/IT Risk Management framework, including risk assessments, threat modeling, and vulnerability management.Conduct regular risk assessments across the organization, including business impact analyses (BIA) and threat and vulnerability assessments (TVAs).Oversee the implementation of risk mitigation controls and monitor their effectiveness.Develop and maintain key risk indicators and key performance indicators (KPIs) to track and measure risk levels.Advise senior management on risk-related decisions and provide recommendations for improving the company's overall security posture.Stay abreast of emerging threats and vulnerabilities and advise on appropriate countermeasures.Collaborate with internal and external stakeholders, including IT, legal, compliance, and business units.Ensure compliance with relevant industry regulations and standards.Participate in incident response activities and post-mortem analysis.Develop and deliver presentations and reports to senior management and the Board of Directors.Ensure compliance with applicable laws, regulations, and industry standards.Develop and maintain IT policies, procedures, and standards.Conduct internal and external audits to assess compliance.Manage relationships with external auditors and regulatory bodies.Stay abreast of changes in regulatory requirements and industry best practices.Demonstrate a commitment to diversity, equity, and inclusion through continuous development, modeling inclusive behaviors, and proactively managing bias.All other duties as assigned. Consistent with the Americans with Disabilities Act (ADA) and applicable state and local laws, it is the policy of EVERSANA to provide reasonable accommodation when requested by an employee with a disability, unless such accommodation would cause an undue hardship for EVERSANA. If reasonable accommodation is needed to perform the essential functions of your job position, please contact Human Resources.PEOPLE LEADER:People leaders must possess both the skills to effectively accomplish these tasks and the emotional intelligence to do so in alignment with our cultural values.  In addition to the critical management and leadership tasks listed above, this role also includes the following unique responsibilities:Responsible for and oversee their respective department.Interview, select and supervise the activities of the department staff; communicate interpret and discuss with team the company policies and procedures.Determine job objectives, work methods and performance standards; review performance relative to departmental objectives discussion appraisal with each employee and performance; authorize and communicate salary changes, promotions, transfers, discipline, and discharge and administer all other personnel actions.EXPECTATIONS OF THE JOB:Travel (10-20%)Hours (40-45 hours per week, Monday through Friday)The above list reflects the general details necessary to describe the expectations of the position and shall not be construed as the only expectations that may be assigned for the position.An individual in this position must be able to successfully perform the expectations listed above.