[Hiring] Executive Director, Governance, Risk and Compliance @Amgen

Role Description

Join Amgen’s Mission of Serving Patients. In this vital role, the Executive Director, Information Security is a leadership role responsible for the Governance, Risk, and Compliance (GRC) across Amgen’s global digital operating environment. This leadership position plays a significant role in developing comprehensive strategies and frameworks to manage and mitigate risks, strengthen Amgen’s corporate governance, and ensure compliance with applicable laws, regulations, and industry standards (e.g., GxP, SOX, ISO, etc.).

The Executive Director will support leadership and peers through the delivery of time-sensitive and tailored information necessary to improve strategic business decision-making. The Executive Director collaborates with stakeholders from Digital, Technology & Innovation (DTI), Human Resources, Compliance, Law, Quality, Finance, and Privacy.

The executive director is responsible for organizing, developing, training, and equipping a diverse global team of Amgen staff and contractors in alignment with Amgen’s core values. This leader manages all activities to support GRC service delivery including strategy development, process design, and key performance indicators that protect Amgen’s ability to innovate and serve patients. The Executive Director is a member of the Cybersecurity & Digital Trust Leadership Team and reports to the Vice President, Information Security and Chief Information Security Officer.

Key Responsibilities

• Set vision and strategy for Amgen’s digital Governance, Risk and Compliance efforts globally.
• Provide oversight and assurance for Amgen’s Information Security program in alignment with ISO 27002:2022.
• Oversee Technology’s Document Management Services (DMS).
• Work with Quality, Finance and Security leadership to provide oversight and effectively manage GxP, Security and SOX deviations and corrective and preventive actions (CAPAs).
• Partner with Corporate Audit and the Technology Extended Leadership Team to manage audit responses.
• Oversee Amgen’s Global Records and Information Management operations.
• Work with key stakeholders to improve compliance capabilities (e.g., GxP agile validation and process simplification).
• Manage and oversee Amgen’s Risk services, including third-party business enablement and Amgen’s digital risk register.
• Deliver timely transparency reports and metrics to key stakeholders and senior business leadership (e.g., Chief Financial Officer, Chief Information Officer, Chief Information Security Officer, Quality leadership, etc.).
• Maintain outstanding service delivery and collaborate diligently with global functional teams to achieve continuous improvement of governance, risk, and compliance services.
• Lead Artificial Intelligence (AI) Risk and Controls working team comprised of cross-functional business units to accelerate Amgen’s adoption of Trustworthy AI.
• Serve as a key stakeholder and strategic partner to the Responsible AI Council, representing Technology and ensuring alignment of AI governance, risk, and control frameworks with enterprise Responsible AI principles and regulatory expectations.
• Create and manage budgets for yearly support, enhancements and build efforts and maximize resource allocation across multiple services and tools; this includes operational costs for resources (full-time employees, contract workers, and managed service providers) used to operate GRC.
• Empower employees through Amgen’s Decision, Advice, Inform (DAI) model; delegate responsibilities accordingly and expect accountability and regular feedback.
• Foster teamwork and unity among department members that allows for healthy debate, rapid conflict resolution, appreciation of diversity, and strong team cohesiveness.
• Coach, mentor, and develop staff, including overseeing new employee onboarding and providing quarterly career development sessions.
• Lead employees using a performance management and development process that provides an overall framework to encourage employee contribution and includes goal setting and continuous feedback.
• Guide talent identification and development processes.
• Collaborate with global industry partners and service providers in the Health Information Sharing and Analysis Center (H-ISAC).

Qualifications

• Doctorate degree & 6 years of information security experience OR
• Master’s degree & 10 years of information security experience OR
• Bachelor’s degree & 12 years of information security experience AND
• 6 years of managerial experience directly managing people and/or leadership experience leading teams, projects, programs or directing the allocation of resources.

Preferred Qualifications

• Experience working with Agile principles and values to transform waterfall-based processes (e.g., Scaled Agile Framework [SAFe]).
• Practical experience in leading global multi-disciplined GRC teams (e.g., SOX, Quality, Security).
• Experience with regulated systems (GxP, SOX) in the pharmaceutical, biotechnology, healthcare industry.
• Practical experience working in compliance with corporate audit and global regulations (e.g., China Cybersecurity Law, NIS2, Global Data Protection Regulation, etc.).
• Executive written and verbal communication skills to diverse target audiences.
• Understanding of records information management, retention schedule management, and oversight.
• Ability to coordinate/lead multiple projects/activities with competing priorities.
• Portfolio and project management skills.
• Data-driven problem solving and analytical skills and proven experience within high performance team.
• Skilled in negotiation of critical issues.
• Understanding of and ability to manage cognitive biases.
• Attention to detail and focus on providing vetted information.
• Up to date on current information security trends and topics.
• Experience working with global virtual teams.
• Successful management of multiple priorities.
• Team-oriented, placing priority on the successful completion of team goals.
• Self-starter with a high degree of initiative and motivation and able to work effectively under minimal supervision.

Preferred Certifications

• CRISC
• CISSP
• CGEIT
• CISM
• CISA
• GRCP

Benefits

• Comprehensive employee benefits package, including a Retirement and Savings Plan with generous company contributions, group medical, dental and vision coverage, life and disability insurance, and flexible spending accounts.
• A discretionary annual bonus program, or for field sales representatives, a sales-based incentive plan.
• Stock-based long-term incentives.
• Award-winning time-off plans and bi-annual company-wide shutdowns.
• Flexible work models, including remote work arrangements, where possible.

Salary Range

$246,396.30 to $333,359.70 USD