We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Vertex Pharmaceuticals Incorporated jobs

DTE Compliance Manager

Vertex Pharmaceuticals Incorporated
United States, Massachusetts, Boston
50 Northern Avenue (Show on map)
Mar 04, 2025

Job Description

General Summary:

The Compliance Manager leads efforts to establish and maintain a third-party certification (SOC 2) for Vertex. This role maintains and evolves DTE's controls framework, representing DTE in SOC 2 certification efforts, coordinating with internal and external parties. To support ongoing certification and adherence to compliance, the Compliance Manager will develop reporting and dashboarding, monitoring, and analyzing key performance indicators (KPIs) to assess DTE's adherence to regulatory and internal compliance standards, identifying potential risks and areas for improvement.

Key Duties and Responsibilities:

  • Manage control design walkthroughs and operating effectiveness testing against DTE's risk and controls framework - coordinating external reviews and/or assessments from regulators and third parties
  • Responsible for implementing and maintaining procedures and controls to assure compliance with applicable regulatory, contractual, legal requirements and good business practices aligned with NIST, ISO 27001, and other frameworks, integrating security and compliance initiatives with business goals
  • Collaborate with control and process owners to understand key processes, controls, collect supporting evidence, conclude on controls and potential gaps/deficiencies, and preparing for and the execution of internal and external audits
  • Drive metrics, dashboards and reporting to provide meaningful, actionable compliance metrics for operational and senior leaders
  • Monitor and drive the timely closure of compliance gaps and deficiencies with key stakeholders
  • Support the implementation of Integrated Risk / Governance and Risk Management tools to support overall compliance and information security objectives
  • Support the Information Security programs including Risk Register program, ensuring risks are identified, assessed, tracked, monitored, and mitigated effectively.
  • Educate and coach colleagues on the current compliance landscape, IT controls and internal practices
  • May conduct presentations on compliance issues and initiatives at cross functional meetings
  • Perform other duties as assigned

Knowledge and Skills:

  • Strong collaboration and partnership building skills to integrate compliance to the DTE controls framework with other functions
  • Experience developing and leading remediation / mitigation strategies to assist teams in ensuring appropriate compliance
  • Experience with frameworks and legal standards such as NIST 800-53, GDPR, TX/Federal Ramp and related General IT Controls (ITGCs)
  • Expert working knowledge of IT auditing practices
  • Experience with metrics gathering and reporting
  • Effective communication skills (verbal and written) to influence and align Cross-functional team members, peers and superiors
  • Experience managing projects in a complex, matrix organization
  • Strong knowledge application and system development methodologies and IT Service Management practices

Education and Experience:

  • 5+ years of experience in IT audit, IT compliance, information security, or risk management
  • Bachelor's degree in computer science, information assurance, MIS or related field, or equivalent
  • Experience measuring and monitoring compliance at scale.
  • CISA, CISSP, CISM and/or SANS certification a plus.
  • Highly organized and efficient
  • Leverages strategic and tactical thinking
  • Works calmly under pressure and with tight deadlines
  • Demonstrates effective decision-making skills
  • Is highly trustworthy; leads by example

Flex Designation:

Hybrid-Eligible Or On-Site Eligible

Flex Eligibility Status:

In this Hybrid-Eligible role, you can choose to be designated as:
1. Hybrid: work remotely up to two days per week; or select
2. On-Site: work five days per week on-site with ad hoc flexibility.

Note: The Flex status for this position is subject to Vertex's Policy on Flex @ Vertex Program and may be changed at any time.

Company Information

Vertex is a global biotechnology company that invests in scientific innovation.

Vertex is committed to equal employment opportunity and non-discrimination for all employees and qualified applicants without regard to a person's race, color, sex, gender identity or expression, age, religion, national origin, ancestry, ethnicity, disability, veteran status, genetic information, sexual orientation, marital status, or any characteristic protected under applicable law. Vertex is an E-Verify Employer in the United States. Vertex will make reasonable accommodations for qualified individuals with known disabilities, in accordance with applicable law.

Any applicant requiring an accommodation in connection with the hiring process and/or to perform the essential functions of the position for which the applicant has applied should make a request to the recruiter or hiring manager, or contact Talent Acquisition at ApplicationAssistance@vrtx.com

Applied = 0
MORE JOBS LIKE THIS

(web-b798c7cf6-8cvgl)