CareDx, Inc. is a leading precision medicine solutions company focused on the discovery, development, and commercialization of clinically differentiated, high-value healthcare solutions for transplant patients and caregivers. CareDx offers products, testing services, and digital healthcare solutions along the pre- and post-transplant patient journey, and is the leading provider of genomics-based information for transplant patients. CareDx is looking for an accomplished and dynamic Sr Manager, SOX and IT Compliance (governance, risk, and compliance) subject matter leader, with a strong background in SOX, FDA, EUMDR, CLIA, CAP, GMP, ISO and IT Systems Change Management, Cross-functional Collaboration, and Project Management. This individual will be a part of the IT team that oversees internal controls over all SOX/FDA/EUMDR/CLIA/CAP/GMP/ISO in scope systems, IT policies, procedures, change, and project management for the company. This individual will coordinate SOX-ITGC and other IT regulatory compliance related activities with the systems owners, cross-functional control owners, internal auditors, external auditors, and outside consultants using consultative approach. As the Sr Manager, SOX and IT Compliance, you will update and maintain the company-wide control standards, perform SOX/audit projects, and provide control-related training to process owners. You will be responsible for maintaining and preparing clear, detailed, and accurate SOX/FDA/EUMDR/CLIA/CAP/GMP/ISO IT documentation, including systems diagrams, control descriptions, risk control matrices, and partners with business control owners in planning the IT and GITC compliance testing program. Responsibilities:
- Lead as the SOX/FDA/EUMDR/CLIA/CAP/GMP/ISO Compliance subject matter expert working with IT, FP&A, Labs, Cybersecurity and cross-functional process owners to help achieve ongoing design, reviewing, testing, improving, and remediating the IT systems controls for regulatory compliance such as SOX, CLIA, CAP, FDA, EUMDR, ISO, GxP, etc.
- Update and align IT processes, systems, controls, and policies to industry's standard and drive remediation efforts for any identified deficiencies.
- Drive and facilitate on-going IT compliance training programs for IT process and control owners.
- Maintain and enhance SOX controls documentation so they reflect the current environment and would comply with SOX compliance, including testing documentation and systems diagrams.
- Proactively participate and guide the team in planning, prioritization, and delivery of system enhancements using unified methodologies as well as maintains documentation concerning planning, status, testing results, and other reporting needs.
- Conduct risk-based internal audits to determine soundness, adequacy, and application of IT and controls including identifying control weaknesses, exceptions, and deficiencies in operations.
- Manage the year-end external audit, including direct interaction with independent auditors on internal control testing.
- Oversee confidential control reviews, special investigations, and other ad-hoc projects including coordination of any investigations performed by external agencies.
- Ascertain the appropriateness of the Company's protection and safeguarding of assets and recommending areas for improvements.
- Participate in IT and Cybersecurity Governance Council to help facilitate the meetings and reviews proposals timely.
- Maintain a current knowledge base of audit industry practices and ensure best practices are always considered. Strong process reengineering, root cause analysis, critical thinking and creative problem solving.
- Perform all assigned audit duties in a manner that reflects the highest professional standards and complies with the guidelines of the Institute of Internal Auditors (IIA) and the Institute of Information Systems Audit and Control Association (ISACA).
- Other duties as assigned.
Qualifications:
- Bachelor's degree in Business, Computer Science, Information Systems.
- Professional certification such as CISA, CIA, or similar is strongly preferred.
- Recent hands-on SOX/FDA/EUMDR/CLIA/CAP/GMP/ISO experience including successful remediation of compliance deficiencies and material weaknesses with similar size companies required.
- Life science, Medical Device, and Healthcare industry experience preferred.
- Minimum 7+ years of relevant work experience (Big 4 public accounting and corporate IT and SOX regulatory experience in a multi-national public company).
- Strong understanding of the Sarbanes-Oxley Act, the 2013 COSO framework, and SEC guidance for management's assessment of internal controls over financial reporting.
- Strong understanding of current accounting (GAAP) and auditing (GAAS) principles.
- Strong planning, project management, and analytical skills.
- Proficient in Microsoft Office suite applications.
- Strong process reengineering, root cause analysis, critical thinking and creative problem solving.
- NetSuite, inventory management, LIMS and related software proficiency preferred.
- IT ServiceDesk and SLA management using tools like ServiceNow.
- Critical thinking and problem solving.
- IT systems, operations, and resource management.
Additional Details: Every individual at CareDx has a direct impact on our collective mission to improve the lives of organ transplant patients worldwide. We believe in taking great care of our people, so they take even greater care of our patients. Our competitive Total Rewards package includes:
- Competitive base salary and incentive compensation
- Health and welfare benefits including a gym reimbursement program
- 401(k) savings plan match
- Employee Stock Purchase Plan
- Pre-tax commuter benefits
- And more!
In addition, we have a Living Donor Employee Recovery Policy that allows up to 30 days of paid leave annually to a full-time employee who makes the selfless act of donating an organ or bone marrow. With products that are making a difference in the lives of transplant patients today and a promising pipeline for the future, it's an exciting time to be part of the CareDx team. Join us in partnering with transplant patients to transform our future together. CareDx, Inc. is an Equal Opportunity Employer and participates in the E-Verify program. By proceeding with our application and submitting your information, you acknowledge that you have read our U.S. Personnel Privacy Notice and consent to receive email communication from CareDx. ******** We do not accept resumes from headhunters, placement agencies, or other suppliers that have not signed a formal agreement with us. #LI-Hybrid #LI-In Office
|