Senior Director- Global Cyber Compliance
$157,500–$231,000 year
Remote · United States or Indianapolis, Indiana, United States
Job Summary
Lead global cyber compliance program across multiple regulatory frameworks (FDA 21 CFR Part 11, GxP, ISO 27001, SOC 2, NIS2, HIPAA, CCPA, PIPL/CSL/DSL, and AI governance) and drive AI-augmented, automated compliance using LogicGate Risk Cloud. Own the strategy, execution, and inspection-readiness for Lilly's cyber controls across manufacturing, research, and commercial technology, building and developing a global compliance team. Define scope for security controls, engage regulators, and translate gap analyses into risk-ranked remediation roadmaps. Collaborate with Legal, Quality, Privacy, Internal Audit, and Regulatory Affairs; evangelize a platform-based, data-driven approach to demonstrate regulatory effectiveness and operational efficiency. Maintain current-state mappings of obligations, drive platform adoption, and ensure proactive alignment with evolving global requirements (NIS2, FDA cyber guidance, AI governance, DoJ data rules, PIPL/CSL/DSL).
Required Qualifications
- Bachelor's degree in Information Security, Computer Science, Risk Management, Operations Research, or related field
- 12+ years of dynamic experience in cybersecurity compliance, risk management, GRC, or data operations roles within complex, global technology environments
- Experience designing and operating multi-framework compliance programs that prioritize controls based on risk
- Hands-on experience implementing or operating a modern GRC platform (LogicGate, ServiceNow GRC, Archer)
- Experience in highly regulated, multinational environments with regulatory engagement, inspection support, and audit management success (FDA, EMA, ISO, NIS2, or equivalent)
- Authorized to work in the United States on a full-time basis
- Certifications such as CISSP, CISA, CRISC, CISM, or equivalent within 12 months
Desired Qualifications
- Bachelor's degree in Information Security, Computer Science, Risk Management, Operations Research, or related field
- 12+ years of cybersecurity compliance experience
- Experience designing multi-framework compliance programs
- Hands-on experience with a modern GRC platform (LogicGate, ServiceNow GRC, Archer)
- Regulatory engagement, inspection support, and audit management (FDA, EMA, ISO, NIS2, or equivalent)
- Certifications such as CISSP, CISA, CRISC, CISM or equivalent within 12 months
- Advanced degree in relevant fields preferred
- Experience with AI-augmented compliance and data analytics tooling
- Experience with GxP, 21 CFR Part 11 electronic records/signatures, and audit trailing
- M&A cybersecurity due diligence and integrating programs across entities
- Familiarity with AI/ML governance frameworks and AI risk management
- Proficiency with data pipelines and reporting (Python, R, SQL, Tableau/Power BI)
- Experience with vendor security assessment and third-party risk management
- Understanding of OT/ICS security in pharma manufacturing or critical infrastructure
- Knowledge of regulatory gap analysis and residual risk quantification
- Experience building executive-ready dashboards and reporting
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.