• Lead CE conformity assessments for machinery and robotic systems in accordance with EU regulations • Interpret and apply relevant directives and regulations, including but not limited to: Machinery Directive / Machinery Regulation (2006/42/EC / EU 2023/1230), Low Voltage Directive (LVD), EMC Directive, Radio Equipment Directive (RED), where applicable • Perform and review risk assessments in accordance with ISO 12100 • Ensure compliance with relevant harmonized standards (e.g., EN ISO 13849, EN IEC 62061, EN 60204-1, ISO 10218) • Support the creation and maintenance of Technical Files, including: Risk assessments, Schematics and drawings, Test reports, Declarations of Conformity, User manuals and safety instructions • Coordinate and support testing activities (EMC, electrical safety) • Interface with Notified Bodies, test laboratories, and regulatory authorities as required • Provide compliance guidance during product design reviews and change management • Monitor regulatory updates and assess impact on existing and future products • Support internal audits and continuous improvement of compliance processes

• Define and execute Tines' multi-year GRC strategy aligned with business objectives and market expansion goals • Own the compliance roadmap, prioritizing certifications and frameworks based on customer needs and revenue impact (FedRAMP, ISO 27001, SOC 2, GDPR, CCPA, etc.) • Serve as executive sponsor for all compliance programs, providing visibility and reporting to C-suite and Board of Directors • Build business cases for compliance investments, demonstrating ROI and competitive advantage • Monitor evolving compliance landscape, anticipating regulatory changes and translating requirements into actionable programs • Lead, mentor, and grow a team of GRC professionals, establishing career development paths and performance metrics • Drive Tines' FedRAMP authorization to successful completion, overseeing gap remediation, documentation, and 3PAO engagement • Maintain and optimize SOC 2 Type II compliance, ensuring efficient audit cycles and continuous control effectiveness • Own the information security policy framework, ensuring alignment with regulatory requirements and business needs • Own the customer security assurance experience, including questionnaire responses, audit coordination, and Trust Center management.

• Develop, implement, and maintain detailed compliance management procedures consistent with applicable laws and regulations. • Oversee the CMS framework, including risk and control identification, reporting, monitoring, testing, change management, training, complaint management, governance, and regulatory relations. • Serve as the designated Director of Compliance, authorized to engage with all departments and effect corrective action as necessary. • Ensure compliance responsibilities are communicated and incorporated into business processes across the organization. • Lead the development and maintenance of risk assessments for various processes and programs to identify risks, create internal controls, and implement mitigation factors. • Review and update policies and procedures to ensure alignment with legal requirements and Connexus standards. • Coordinate and deliver comprehensive compliance training for all employees, tailored to job functions. • Oversee the process for receiving, recording, investigating, and resolving consumer complaints. • Conduct regular compliance quality assurance testing to evaluate adherence to laws, regulations, and internal policies. • Maintain proactive monitoring systems to identify procedural or training weaknesses.

• Lead and manage all aspects of federal and state transparency (Sunshine Act/Open Payments and similar state requirements) and aggregate spend reporting requirements. • Monitor and analyze data for trends, anomalies and compliance gaps. • Manage ongoing development and execution of Mirum’s risk-based auditing and monitoring program to ensure compliance with applicable laws, regulations and company policies. • Work with third-party vendors and internal stakeholders to ensure compliance with state licensing, registration and renewal requirements. • Manage continual development and implementation of Mirum’s compliance policies. • Champion Company culture in which employees view compliance as aligned with core values and regard it as a key objective in business decisions and process development. • Partner with legal, regulatory, finance, quality and other departments to support compliance-related initiatives and resolve operational compliance issues. • Assist with ongoing management of training curriculum and healthcare compliance training as needed. • Assist with investigations regarding matters of observed, reported or suspected non-compliance and collaborate with functional heads as needed toward implementing necessary corrective actions. • Support Privacy initiatives for HIPAA and GDPR compliance as needed. • Represent Mirum in industry compliance forums. • Participate in ride-long monitoring activities as needed.