Compliance Manager

Compliance Manager
Department: General & Administrative
Employment Type: Full Time
Location: Cambridge, MA
Description
Iterative Scopes, a venture-backed healthcare startup, aims to improve the health and well-being of individuals across the globe by helping bring innovative and scalable healthcare solutions to market with a focus on reducing healthcare disparities. To support this goal, Iterative Scopes is seeking a Compliance Manager to join its Privacy and Compliance Office in order to build and maintain an effective compliance framework.
The ideal candidate will be a seasoned compliance specialist looking to build and lead the compliance program at a fast growing Series B company. Successful candidates should be leaders who can work independently and are enthusiastic about protecting our company and our clients by ensuring our policies, processes, and controls comply with all the required regulatory requirements while driving business goals. If you can translate business drivers and priorities into a compliance framework, understand how to balance compliance risks and business objectives, and develop appropriate mitigations strategies working together with leaders across functional groups when needed, then you will be a great fit for our organization.
You will be responsible for compliance of applicable laws and regulations in each authority in which the company operates. As a Compliance Manager at Iterative Scopes, you will be an integral member of a small privacy and compliance team, reporting to the Head of Data Privacy and Compliance. You will collaborate with all teams-including engineering, business development, clinical operations and legal-within Iterative Scopes to ensure compliance, determine risks and gaps and compliance awareness. As a part of the Privacy and Compliance team, you will also have the opportunity to contribute to our privacy and data ethics objectives by incorporating compliance goals into our product roadmap.
Key Responsibilities

• Policy Management and Design: Design and manage the company's global compliance framework and program process, including reviewing all new and/or updated global corporate policies for compliance with company requirements, coordinating the review and approval of all global corporate policies and ensuring timely publishing of global policies.
  • Implementation, ongoing management, and continued improvement, of the company's global compliance program.
  • Ensuring standard and controls are well documented, understood, and adhered to.
  • Develop policies, standards and controls where required and provide expertise to other teams where required.
• Risk Assessment, Monitoring, and Auditing: Assists with Compliance risk assessment, monitoring, and auditing activities, including supporting company's compliance and ethics risk assessment process, identifying, and tracking key metrics, compiling trend analysis reports, and remaining current on key compliance and ethics developments. Track risk mitigation plans.
• Reporting and Issue Management: Assist in addressing compliance and ethics-related reports or concerns, maintaining the compliance case management, and conducting appropriate follow-up activities in consultation with the Director, Privacy and Compliance.
• Function as a subject matter expert on global compliance and assist with issues and concerns.
• Document, track and distribute all compliance related metrics as requested.
• Assist in monitoring and assessing the impact of new and/or changing compliance laws, regulations, and Executive Orders

Requirements & Competencies
Job Requirements

• Bachelor's degree (B.A./B.S.) or equivalent.
• Must have a minimum of five (5) years of compliance and/or ethics professional experience.
• Must have experience in
  • GCP (Good Clinical Practice)
  • Anti-Kickback Statute (AKS)
  • Physician Payments Sunshine Act ("Sunshine Act")
  • Additional experience in the following preferred:
    • HIPAA (Health Insurance Portability and Accountability Act)
    • International compliance and privacy laws (Canada, EU).
• Experience in the life sciences or highly regulated industry sector.
• Experience in risk management and audit highly preferred.
• Strong technical background.
• Healthcare related compliance and/or ethics certifications highly preferred but must have at least one (or plan to receive within one year of hire). Examples of preferred certs: CCEP, CCE/CCP/CHC, CHPC, CHRC, CRCM, CERP or equivalent certifications.
• Work well in a collaborative environment while also having autonomy and trust to solve problems and make decisions.
• Familiar with privacy and compliance platforms such as OneTrust
• Expert in G-Suite and Windows Office products.

Core Competencies

• Strong organizational and project management skills (including project planning).
• Ability to think logically and creatively to find and present solutions to questions.
• Analytical skills and the ability to demonstrate critical thinking.
• Excellent quantitative skills necessary to extract and analyze both hard and soft data
• Ability to communicate effectively and build strong working partnerships with key stakeholders.
• Ability to navigate diverse business, cultural, and interpersonal environments.
• Ability to compose client-facing narrative responses to questions and concerns.
• Understanding of Iterative Scopes overall control environment.
• Ability to work effectively in a demanding environment.
• Initiative-taking and results oriented.
• Ability to smoothly transition between changing priorities and processes.
• This is a non-technical role; however, an understanding of information security policies, standards and controls is highly desirable. Previous firsthand technical experience in one or more of the following security control areas is preferred:
  • Breach and Incident Response
  • Privacy
  • Business Continuity, Disaster Recovery, Data Protection/Asset Management
  • Healthcare research operational best practices
  • Cyber Security Framework
  • Top 20 CIS Controls
  • Confidentiality, Integrity, and Availability
  • Identity & Access Management
• Familiarity with the following compliance regulations & frameworks a plus:
  • ISO 27001
  • CIS Top 20
  • NIST 800-53 & NIST CSF
  • SIG

Benefits

• Vision/Dental/Medical Insurance
• Life/Disability Insurance
• Maternity/Paternity Leave
• Stock Options
• Flexible Work Hours
• Unlimited Paid Time Off
• Fun Workspace! (Standing Desks, Balance Boards, Ping Pong Table, Pick your own workstation set-ups!)
• Free Snacks and Drinks (Jura Espresso Maker + Snacks upon requests!)
• Free lunch on Fridays