Ardelyx, Inc. logo

Senior Director, IT Compliance and Privacy

Ardelyx, Inc.
Full-time
Remote friendly (Waltham, MA)
United States
$251,000 - $307,000 USD yearly
Corporate Functions

Want to see how your resume matches up to this job? A free trial of our JobsAI will help! With over 2,000 biopharma executives loving it, we think you will too! Try it now — JobsAI.

Role Summary

The Senior Director, IT Compliance and Privacy ensures all technology operations meet regulatory, legal, and corporate governance requirements while enabling business agility. This role leads a team responsible for SOX ITGC, GxP validation, data privacy (GDPR, HIPAA), and comprehensive risk management across the technology portfolio.

Responsibilities

  • Lead quarterly Sarbanes-Oxley IT General Controls testing across all financial systems, coordinate audit evidence preparation, and manage external auditor interactions
  • Oversee pharmaceutical system validation processes, ensuring compliance with FDA requirements and supporting regulatory inspections and audit preparation
  • Maintain comprehensive compliance programs for all public company IT obligations and regulatory reporting requirements
  • Conduct enterprise-wide IT compliance risk assessments and develop mitigation strategies across the technology landscape

Data Privacy

  • Implement and maintain comprehensive data privacy programs covering GDPR, HIPAA, and state privacy regulations
  • Establish enterprise data classification, handling procedures, and governance frameworks across clinical, commercial, and corporate data
  • Conduct privacy reviews for all new technology implementations and system changes
  • Partner with Cybersecurity lead on data breach response coordination across IT pillars and business units, ensuring proper regulatory notification and remediation

Cross-Pillar Integration

  • Review all technology decisions for regulatory impact before implementation, embedding compliance checkpoints into standard IT workflows
  • Translate complex regulatory requirements into practical IT policies, procedures, and training programs
  • Manage internal and external audit activities, coordinating evidence gathering across Business Technology, Infrastructure, and Security teams
  • Interface with external auditors, regulators, compliance consultants, and legal counsel on IT-related matters

Team Leadership & Development

  • Direct IT Compliance and Privacy & Data Governance teams, providing strategic guidance and professional development
  • Develop and deliver compliance training programs tailored to specific IT roles and business functions
  • Continuously improve compliance processes to balance regulatory requirements with business agility and operational efficiency
  • Manage escalation of significant compliance risks to CIO and executive leadership

Qualifications

  • Bachelors in IT, Computer Science, or related field; advanced degree or JD preferred with 10+ years of IT compliance experience with 5+ years in leadership roles or equivalent experience
  • Pharmaceutical, biotechnology, or regulated life sciences industry experience required
  • Proven track record managing compliance for technology portfolios in public company environments
  • Extensive experience with Sarbanes-Oxley IT General Controls testing, documentation, and audit support
  • Deep knowledge of pharmaceutical validation requirements, FDA regulations (21 CFR Part 11), and quality management systems
  • Expert-level understanding of GDPR, HIPAA, CCPA, and other privacy regulations with hands-on implementation experience
  • Strong background in IT risk assessment methodologies, business continuity planning, and compliance program management
  • Understanding of enterprise applications, databases, cloud platforms, and integration architectures from a compliance perspective
  • Experience coordinating internal and external audits, evidence collection, and remediation planning
  • Proven ability to translate regulatory requirements into practical business processes and technical controls
  • Exceptional skills in communicating complex compliance requirements to technical and business audiences
  • Experience leading cross-functional compliance initiatives in matrix organizations
  • Proven ability to influence without authority across business units and IT teams
  • Experience managing relationships with external auditors, consultants, and regulatory bodies
  • Travel: 10%

Preferred Qualifications

  • CISA, CRISC, CIPP, CIPM, or other relevant compliance and privacy certifications
  • Knowledge of ISO 27001, NIST frameworks, and life sciences industry best practices
  • Familiarity with evolving privacy laws, AI governance requirements, and digital health regulations
Apply now
Share this job
Twitter Facebook Linkedin Email