Eli Lilly and Company · 14 hours ago
Associate Director - Governance, Risk & Compliance Analyst
US, Indianapolis IN
Full-time
Hybrid
Senior Level, Lead/Staff, Director/Executive
$128K/yr - $187K/yr
7+ years expEli Lilly and Company is a global healthcare leader headquartered in Indianapolis, Indiana. They are seeking a skilled Associate Director - Governance, Risk and Compliance Analyst to maintain a robust GRC framework that includes privacy, artificial intelligence, and data governance requirements while ensuring compliance with industry standards and regulatory requirements.
BiotechnologyHealth CareMedicalPharmaceutical
No H1B
Responsibilities
Drive the creation and adoption of Lilly’s Privacy and AI policies and standards
Lead the enterprise implementation of Lilly’s Privacy and AI policies and standards
Develop, implement, and maintain a comprehensive GRC framework that address privacy, AI, and data governance
Ensure compliance with industry standards, regulatory requirements, and organizational objectives
Supervise and analyze changes in regulations and industry trends to update policies and frameworks accordingly
Ensure policies are up to date with evolving threats, technologies, and legal requirements
Ensure that policies are reviewed and updated at a regular cadence
Refine and maintain procedures and job aids supporting the GRC framework and risk management lifecycle (e.g., maintenance, implementation, change control)
Provide and support training and guidance to staff on GRC policies and procedures
Collaborate with multi-functional teams to integrate policies into business processes and technology solutions
Participate in the performance of internal assessments and gap analyses. Report issues and recommend corrective actions to support the maturity and effectiveness of key controls
Lead key performance and risk indicators (critical metrics/KRIs). Use data-driven insights to identify and respond to risks
Develop and maintain supervising mechanisms to ensure compliance with privacy, AI, and data governance controls. Prepare and present regular reports to senior management and collaborators
Maintain the risk registry, issues management and related processes
Support the development and/or consolidation, streamlining, simplification and execution of Privacy and AI risk management practices
Effectively apply risk methodologies as derived from Privacy and AI standards and protocols
Stay informed about global privacy, artificial intelligence, and data governance regulations, standards, and guidelines
Be responsible for the company's compliance with relevant laws and standards, ensuring effective implementation, monitoring and reporting
Develop and maintain the risk and control library
Maintain a solid understanding of privacy, AI, and data governance practices, tools, processes, and requirements
Prepare and lead audit and compliance documentation, working with internal and external auditors
Support various education and awareness activities
Leverage technology to integrate efficiencies and improve effectiveness of GRC processes
Align the DLO risk posture with the overall company risk appetite in our GRC tool
Support the management and integration of the GRC tool and processes
Leverage technology, including artificial intelligence, to automate and find efficiencies in various program controls
Qualification
Required
Bachelor's degree in a discipline related to risk management, information systems/ computer science, information management or related field
7+ years of experience in a role creating, implementing, and leading Privacy and/or AI governance, risk or compliance activities
5+ years of experience in leading or working on Enterprise Risk Management, Cybersecurity, Data Privacy or Compliance/Quality efforts
Qualified applicants must be authorized to work in the United States on a full-time basis. Lilly will not provide support for or sponsor work authorization and/or visas for this role
Preferred
Solid understanding of various risk management frameworks, AI and privacy laws, regulations, and standards (e.g., NIST AI RMF, NIST Privacy Framework, ISO, NIST CSF, EU AI Act, GDPR, CPRA, HIPAA)
Demonstrated ability to lead projects and appropriately advance issues and barriers
Demonstrated ability to think and act strategically
Demonstrated ability to problem solve, able to effectively seek ways to resolve issues in a streamlined approach with acknowledging inherent complexities
Experience with privacy-enhancing technologies, data governance, and risk management
Proficiency in developing and tracking privacy, AI, or security metrics and KPIs
Proficiency in PIA/DPIA methodologies, presided over or participated in privacy by design work
Certification in artificial intelligence, privacy, or risk management such as AIGP, CIPP, CIPM, CIPT, CRISC, CDPSE, or similar
Organizational Change education and/or certification
Experience as an IT/Security/Privacy/AI auditor
Strong communication, presentation, and interpersonal skills
Ability to work independently and multi-functionally in a fast-paced environment
High attention to detail and accuracy
Benefits
Company-sponsored 401(k)
Pension
Vacation benefits
Eligibility for medical, dental, vision and prescription drug benefits
Flexible benefits (e.g., healthcare and/or dependent day care flexible spending accounts)
Life insurance and death benefits
Certain time off and leave of absence benefits
Well-being benefits (e.g., employee assistance program, fitness benefits, and employee clubs and activities)
Company
Eli Lilly and Company
We're a medicine company turning science into healing to make life better for people around the world.
10001+ employees
Funding
Current Stage
Public CompanyTotal Funding
$6.5M2024-02-12Post Ipo Debt· $6.5M
1978-01-13IPO
Leadership Team
David Ricks
Chair, CEO
Lucas Montarce
Executive Vice President and Chief Financial Officer
Recent News
The Motley Fool
2026-01-25
2026-01-24
2026-01-23
Company data provided by crunchbase