Associate Director of Cybersecurity Compliance

Help us change lives

At Exact Sciences, we’re helping change how the world prevents, detects and guides treatment for cancer. We give patients and clinicians the clarity needed to make confident decisions when they matter most. Join our team to find a purpose-driven career, an inclusive culture, and robust benefits to support your life while you’re working to help others.

Position Overview

At Exact Sciences, we are cancer fighters. We are united by our mission to change lives by providing earlier, smarter answers. Through advances in cancer detection and treatment guidance, we will help eradicate the disease and the suffering it causes. Exact Sciences’ Cybersecurity organization supports this mission by defending the millions of digital patient, practitioner, and employee lives within our environments. Defending today and securing tomorrow is no small feat. To help achieve this, the team is in search of an associate director-level cybersecurity compliance subject matter expert to join our collaborative team comprised of passionate experts.

The Associate Director, Cybersecurity Compliance plays a pivotal role in shaping and executing the strategic vision for the cybersecurity compliance program. Reporting to the Director of Cybersecurity Strategy & GRC, this position provides leadership and support to the Cybersecurity Compliance team, ensuring alignment with organizational goals and regulatory requirements. The Associate Director is responsible for driving the creation and ongoing evolution of the cybersecurity compliance program, leveraging extensive security and business integration experience to deliver robust technical solutions and compliance measures. This role demands executive presence, strategic decision-making, and a deep understanding of global security compliance in a multi-sector enterprise.

Essential Duties

Include, but are not limited to, the following:

• Provide strategic direction and oversight for the development and implementation of cybersecurity compliance initiatives and goals.
• Drive effective utilization of people, processes, and technology resources to enable the organization to deliver its strategy successfully.
• Consistent demonstration of exceptional leadership qualities, including but not limited to the ability to attract and retain the best team, foster a culture of high performance, lead with integrity, humility, accountability, and courage, and set a clear vision to energize teams towards the future.
• Effectively manage, support, and guide your team, including, but not limited to delegating tasks and responsibilities, assess employee performance and provide helpful feedback and training opportunities.
• Collaborate with cross-functional teams to integrate cybersecurity compliance into broader business strategies and initiatives.
• Lead efforts to continuously improve the cybersecurity compliance program, incorporating feedback and lessons learned from internal and external audits.
• Provide technical management oversight and guidance within the team.
• Spearhead the design, implementation, and sustainment of the Cybersecurity Compliance framework and program.
• Oversee teams that support cybersecurity market-driven certifications, HIPAA and FDA cybersecurity regulatory requirements, and computer system validation work.
• Provide executive level reporting on compliance concepts and controls rationalization to internal and external stakeholders.
• Drive the adoption of automated technical solutions to support compliance requirements across the enterprise.
• Drive education of compliance methodology and frameworks to key business stakeholders.
• Research and interpret industry insights and best practices, along with interpreting the impact of requirements from governing authorities.
• Champion the remediation of visibility and capability gaps and breakdown roadblocks standing in the way of a robust security posture.
• Foster a culture of continuous improvement and innovation within the team.
• Uphold company mission and values through accountability, innovation, integrity, quality, and teamwork.
• Support and comply with the company’s Quality Management System policies and procedures.
• Maintain regular and reliable attendance.
• Ability to act with an inclusion mindset and model these behaviors for the organization.
• Ability to travel 10% of working time away from work location. May include overnight/weekend travel.

Minimum Qualifications

• Bachelor’s Degree in a field related to essential duties; or Associate Degree and 2 years of relevant experience; or High School Diploma or General Education Degree (GED) and 4 years of relevant experience.
• 10+ years of professional experience in a cybersecurity governance, risk, compliance, or operations senior-level role.
• 5+ years of experience as a people leader with responsibility for direct reports.
• Advanced technical expertise in cybersecurity compliance and regulatory requirements, including FDA/IVDR regulations.
• Demonstrated experience with cybersecurity compliance frameworks and regulations (e.g., NIST, ISO, HITRUST, HIPAA, PCI, CAP, CLIA, FDA, IVDR).
• Demonstrated accountability leading cybersecurity program(s) and teams in a globally regulated enterprise, building programs a plus.
• Advanced proficiency in organizational transformation.
• Experience presenting compliance concepts and controls rationalization to internal and external stakeholders.
• Excellent communication skills, appropriately adapting based on audience needs, through all mediums–verbally, written, presentation, and listening.
• Able to be agile and work with ambiguity.
• Proficient+ in Microsoft Office programs, such as PowerPoint, Excel, Outlook, and Word.
• Demonstrated ability to perform the essential duties of the position with or without accommodation.
• Authorization to work in the United States without sponsorship.

Preferred Qualifications

• Proven track record of strategic decision-making and leadership in cybersecurity compliance.
• Relevant certification(s) in the field of cybersecurity, risk, audit, or program/project management.
• Experience with enterprise GRC management platforms (e.g., ServiceNow, OneTrust); implementation experience a plus.
• Experience in healthcare or biotech industries.

#LI-AK1

Salary Range:

152 000,00 $ - 242 000,00 $

The annual base salary shown is for this position located in US - WI - Madison on a full-time basis. In addition, this position is bonus eligible, and is eligible to be considered for company stock at hire and on an annual basis.

Exact Sciences is proud to offer an employee experience that includes paid time off (including days for vacation, holidays, volunteering, and personal time), paid leave for parents and caregivers, a retirement savings plan, wellness support, and health benefits including medical, prescription drug, dental, and vision coverage. Learn more about our benefits.

Our success relies on the experiences and perspectives of a diverse team, and Exact Sciences fosters a culture where all employees can develop personally and professionally with a sense of respect and belonging. If you require an accommodation, please contact us here.

Not ready to apply? Join our Talent Community to stay updated on the latest news and opportunities at Exact Sciences.

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to disability, protected veteran status, and any other status protected by applicable local, state, or federal law.

To view the Right to Work, E-Verify Employer, and Pay Transparency notices and Federal, Federal Contractor, and State employment law posters, visit our compliance hub. The documents summarize important details of the law and provide key points that you have a right to know.