Associate Director/Director of Compliance and Data Privacy

Role Summary

Associate Director/Director of Compliance and Data Privacy will develop, implement, and enhance Immunome’s compliance and data privacy programs to support ethical and compliant business practices across the organization. This role partners with stakeholders across commercial, medical, R&D, clinical operations, IT, and HR to identify risks and ensure adherence to applicable laws and regulations. Strong project management, judgment, and communication skills are essential in a dynamic biotech environment.

Responsibilities

• Develop, implement, and oversee Immunome’s corporate compliance program, including policies, procedures, training, monitoring, and reporting.
• Establish and manage a robust data privacy program in line with HIPAA, GDPR, CCPA, and other applicable data protection regulations.
• Partner with internal stakeholders to integrate compliance and data privacy considerations into business operations, research, clinical trials, commercial activities, and vendor relationships.
• Conduct compliance and privacy training programs to ensure understanding of key requirements, ethical standards, and evolving regulatory obligations.
• Support processes related to transparency reporting, monitoring, investigations, and corrective action plans.
• Maintain knowledge of relevant laws, regulations, and industry guidance, including the Anti-Kickback Statute, False Claims Act, Sunshine Act, state reporting requirements, PhRMA Code, and global data privacy regulations.
• Provide practical, business-focused compliance and privacy advice to senior leadership and cross-functional teams.
• Lead internal audits and risk assessments to identify gaps and implement mitigation strategies.
• Collaborate with IT and Security teams to address data governance, cyber security, and vendor management from a privacy perspective.

Qualifications

• J.D., required.
• A minimum of 7+ years of compliance experience in the biopharmaceutical or healthcare industry, with direct involvement in corporate compliance and data privacy programs.
• Demonstrated experience designing and enhancing compliance programs in a growth-stage or publicly traded biotech company.

Skills

• Expertise in U.S. healthcare laws and regulations, with knowledge of global data privacy frameworks (HIPAA, GDPR, CCPA, etc.).
• Proven ability to partner effectively with commercial, medical, clinical, and R&D teams to achieve business goals while mitigating compliance and privacy risks.
• Exceptional organizational and project management skills, with the ability to manage multiple priorities in a fast-paced environment.
• Excellent interpersonal, verbal, and written communication skills, including the ability to interact effectively with employees at all levels, including executive leadership.
• High ethical standards and commitment to handling sensitive and confidential information with integrity.

Additional Requirements

• Travel up to 10–20% of the time.