×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Information Security Data Security

Associate Director - Governance, Risk & Compliance Analyst

Job in Indianapolis, Hamilton County, Indiana, 46262, USA
Listing for: Scorpion Therapeutics
Full Time position
Listed on 2026-02-16
Job specializations:
  • IT/Tech
    Information Security, Data Security
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below
Location: Indianapolis

Role Summary

Associate Director, Governance, Risk & Compliance (GRC) Analyst to join Lilly’s Digital Legal Office within the Legal department. Responsible for maintaining a robust GRC framework covering privacy, AI, and data governance; lead risk management lifecycle; ensure policy alignment with industry standards and regulatory requirements; enable risk-informed decisions and collaborate with cross-functional teams. Location Indianapolis, IN with hybrid work model.

Responsibilities
  • Policy Development & Management:
  • Drive the creation and adoption of Lilly’s Privacy and AI policies and standards.
  • Lead the enterprise implementation of Lilly’s Privacy and AI policies and standards.
  • Develop, implement, and maintain a comprehensive GRC framework that address privacy, AI, and data governance.
  • Ensure compliance with industry standards, regulatory requirements, and organizational objectives.
  • Supervise and analyze changes in regulations and industry trends to update policies and frameworks accordingly.
  • Ensure policies are up to date with evolving threats, technologies, and legal requirements.
  • Ensure that policies are reviewed and updated at a regular cadence.
  • Refine and maintain procedures and job aids supporting the GRC framework and risk management lifecycle (e.g., maintenance, implementation, change control).
  • Provide and support training and guidance to staff on GRC policies and procedures.
  • Collaborate with multi-functional teams to integrate policies into business processes and technology solutions.
  • Risk Management:
  • Participate in the performance of internal assessments and gap analyses. Report issues and recommend corrective actions to support the maturity and effectiveness of key controls.
  • Lead key performance and risk indicators (critical metrics/KRIs). Use data-driven insights to identify and respond to risks.
  • Develop and maintain supervising mechanisms to ensure compliance with privacy, AI, and data governance controls. Prepare and present regular reports to senior management and collaborators.
  • Maintain the risk registry, issues management and related processes.
  • Support the development and/or consolidation, streamlining, simplification and execution of Privacy and AI risk management practices.
  • Effectively apply risk methodologies as derived from Privacy and AI standards and protocols.
  • Regulatory Compliance:
  • Stay informed about global privacy, artificial intelligence, and data governance regulations, standards, and guidelines.
  • Be responsible for the company's compliance with relevant laws and standards, ensuring effective implementation, monitoring and reporting.
  • Develop and maintain the risk and control library.
  • Maintain a solid understanding of privacy, AI, and data governance practices, tools, processes, and requirements.
  • Prepare and lead audit and compliance documentation, working with internal and external auditors.
  • Support various education and awareness activities.
  • Technology
  • Leverage technology to integrate efficiencies and improve effectiveness of GRC processes.
  • Align the DLO risk posture with the overall company risk appetite in our GRC tool.
  • Support the management and integration of the GRC tool and processes
  • Leverage technology, including artificial intelligence, to automate and find efficiencies in various program controls.
Qualifications
  • Required:

    7+ years of experience in a role creating, implementing, and leading Privacy and/or AI governance, risk or compliance activities.
  • Required:

    5+ years of experience in leading or working on Enterprise Risk Management, Cybersecurity, Data Privacy or Compliance/Quality efforts.
  • Required:

    Authorized to work in the United States on a full-time basis;
    Lilly will not sponsor work authorization or visas for this role.
Education
  • Bachelor's degree in a discipline related to risk management, information systems/ computer science, information management or related field
Skills
  • Required:

    Solid understanding of various risk management frameworks, AI and privacy laws, regulations, and standards (e.g., NIST AI RMF, NIST Privacy Framework, ISO, NIST CSF, EU AI Act, GDPR, CPRA, HIPAA).
  • Preferred:
    Demonstrated ability to lead projects and appropriately advance issues and barriers.
  • Preferred:
    Demon…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search