• The Director of Quality Assurance (QA) Systems is responsible for ensuring the validation, integrity, and compliance of systems across Precision for Medicine (PFM) • Oversees the development, implementation, and maintenance of QA strategies and processes that support regulatory requirements, industry standards, and internal policies • Leads cross-functional teams to ensure systems are validated, documented, and maintained in a state of control • Manage risk-based Computer System Validation planning and execution, aligned to regulatory guidelines • Establish and enforce QA policies and procedures for PFM systems • Input to the Application Development Lifecycle (ADLC) processes to represent regulated technologies • Serve as the primary liaison with regulatory agencies and third parties for system-related audits and inspections

• Oversee the PFM risk-based Computer System Validation planning and execution (e.g., Validation Plans, Requirements Traceability Matrix, IQ/OQ/PQ, UAT), aligned to 21 CFR Part 11, EU Annex 11, ICH E6(R3) GCP, GLP, and data integrity principles (ALCOA++). • Ensure all computerized systems are validated according to internal SOPs and regulatory expectations. • Maintain a robust risk-based approach to system validation and lifecycle management by assuring periodic review, change control, configuration management, and release readiness for validated systems. • Supports lifecycle controls from implementation through decommissioning. • Establish and enforce QA policies and procedures for PFM systems. Provides input to the Application Development Lifecycle (ADLC) processes to represent regulated technologies • Monitor compliance trends and implement continuous improvement initiatives. • Serve as the primary key liaison with regulatory agencies and third parties for system-related audits and inspections. • Supports the maintenance of inspection ready validation documentation • Partner with Security, Development, PMO, BRM, Business Analysts, DevOps, Clinical Ops, and Lab leaders to prioritize QA activities and embed quality into SDLC/DevOps pipelines • Act as a key liaison with regulatory agencies during inspections related to corporate systems. • Deliver training and coaching on validation, testing, and data integrity for system owners and study teams • Partake to the qualification of data/system service providers • Ensure accurate and timely documentation of validation activities, deviations, and corrective actions. • Provide regular compliance reports and metrics to senior leadership. • Maintain audit readiness for all corporate systems. • Collaboratively work with IT to respond to audit findings.

• Work under the guidance of more experienced team members • Deliver network and cloud assessments • Build core skills, learn methodologies, tools, and reporting standards • Utilize system administration skills for vulnerability scanning, configuration assessments, and testing infrastructure improvements • Develop skills necessary to become a penetration tester

• The Penetration Testing Engineer – Application Security is a mid-level role for a tester who has grown beyond the basics and can independently execute penetration tests within a primary domain of expertise. • Engineers are offensive security subject matter experts – conducting full assessments with minimal supervision, contributing to methodology improvements, and acting as a point of contact for clients during engagements. • By this stage, they are capable of scoping and planning a test in their domain, executing tests, and producing and communicating detailed reports with practical remediation advice. • Mid-level testers act as the technical client focal within engagements, leading technical execution for assigned projects.