Role Description Provider1st is seeking a Director of Compliance to lead and scale the company’s compliance, privacy, and risk management programs in a high-growth healthcare services environment. This leader will ensure Provider1st continues to operate with the highest standards for HIPAA compliance, PHI protection, regulatory adherence, and customer trust as the business expands. The Director of Compliance will serve as the company’s internal subject matter expert for healthcare privacy, Release of Information (ROI) regulations, state-specific medical record requirements, and operational compliance across both U.S.-based and offshore teams. Key Responsibilities - Compliance Strategy & Program Leadership - Develop, maintain, and scale a comprehensive compliance program aligned with healthcare regulations, ROI industry standards, and Provider1st’s growth strategy. - Serve as the internal subject matter expert on HIPAA, HITECH, state-specific medical record laws, information blocking rules, and other regulations affecting medical record disclosure. - Create and maintain policies, procedures, controls, and governance processes that support a rapidly growing healthcare services business. - Partner with executive leadership, Operations, Customer Success, Sales, IT, and Legal to embed compliance into business processes and customer delivery. - Privacy & Regulatory Oversight - Oversee compliance with the HIPAA Privacy Rule, Security Rule, Breach Notification Rule, and related federal and state privacy requirements. - Ensure appropriate handling of medical record requests, subpoenas, authorizations, patient requests, continuity of care requests, and payer or third-party audit requests. - Monitor regulatory changes and translate requirements into practical operating guidance for internal teams. - Provide guidance on state-specific fee schedules, turnaround time requirements, and permissible disclosures. - Risk Management, Audits & Incident Response - Design and manage internal audit programs across ROI operations, quality assurance, access controls, documentation, and customer workflows. - Lead preparation for customer audits, security reviews, compliance questionnaires, and due diligence requests. - Maintain a risk register and work cross-functionally to identify, prioritize, and mitigate compliance and privacy risks. - Lead incident response processes, including investigation, root cause analysis, corrective action planning, and breach assessment support. - Training & Compliance Culture - Build and manage company-wide compliance training for U.S. and offshore team members, including HIPAA, PHI handling, information security, and role-specific ROI requirements. - Establish annual and new-hire compliance certification processes and ensure timely completion across all applicable employees. - Promote a compliance-first culture that supports speed, accountability, and operational excellence without creating unnecessary friction. - Customer & Partner Support - Act as the primary compliance contact for customers, prospects, and partners when privacy, security, or ROI regulatory questions arise. - Support Sales and Customer Success in responding to BAAs, compliance questionnaires, security assessments, and contractual compliance obligations. - Help strengthen Provider1st’s market positioning as a trusted, secure, and compliant partner for healthcare providers. - Data Security & Operational Controls - Partner with IT and Operations to ensure secure handling of PHI across systems, workflows, and remote access environments. - Oversee access control reviews, audit logs, encryption practices, documentation standards, and offshore security protocols. - Support readiness for security and compliance frameworks such as HITRUST, SOC 2, ISO 27001, or similar programs as applicable. Qualifications - 8+ years of experience in healthcare compliance, privacy, regulatory affairs, health information management, or related roles. - Deep working knowledge of HIPAA, HITECH, healthcare data privacy requirements, and medical record disclosure regulations. - Experience in Release of Information, Health Information Management, healthcare services, provider operations, or adjacent healthcare technology/services environments. - Proven ability to build or scale compliance programs, policies, controls, and training in a growing organization. - Experience managing audits, compliance reviews, risk assessments, corrective action plans, and incident response processes. - Strong executive communication skills with the ability to translate complex regulatory requirements into practical business guidance. Preferred - Experience working with ROI vendors, provider groups, MSOs, health systems, or ambulatory healthcare organizations. - Familiarity with EMR access workflows and systems such as Epic, Oracle Cerner, eClinicalWorks, Athena, or similar platforms. - Experience supporting HITRUST, SOC 2, ISO 27001, or similar certification readiness. - Healthcare compliance certifications such as CHC, CHPC, RHIA, RHIT, CIPP/US, or similar credentials. - Experience supporting distributed or offshore operations involving PHI handling. Core Competencies - High integrity and sound judgment in handling sensitive healthcare information. - Risk-based decision making and practical problem solving. - Strong process orientation with the ability to create scalable operating rhythms. - Excellent written and verbal communication skills. - Ability to operate in a fast-growing, entrepreneurial environment with evolving priorities. - Cross-functional leadership and ability to influence without direct authority. Benefits - Health, Dental, Vision Insurance - Paid time-off (PTO) - 401(k)

• Full ownership of the game release lifecycle — from certification and production deployment to ongoing compliance and performance monitoring after launch. • Managing technical compliance certification projects under various regulations across multiple regions. • Ensuring the timely delivery of certificates as per the established plan. • Coordinating communication between external testing laboratories and internal stakeholders regarding the certification of Playson's games and components. • Maintaining compliance documentation on the xEye platform and Compliance Documentation Repository. • Creating compliance documentation for internal (Policies and Procedures, change logs) and external (Component Register, Technical Project C). • Participate in external audits according to technical standards in various jurisdictions, • Acting as the point of contact for technical compliance-related inquiries from various departments. • Support the product during the whole lifecycle

Role Description We are seeking a Director of Product Security Governance & Compliance to lead the strategy, execution, and continuous improvement of our global product security governance framework across a portfolio of cloud software, enterprise platforms, and embedded/hardware products. This role is accountable for defining policy, interpreting regulatory requirements (with emphasis on the EU Cyber Resilience Act and adjacent global regulations), and operationalizing scalable compliance across diverse product architectures and lifecycles. You will lead a team of managers and partner across engineering, firmware, hardware, legal, and go-to-market organizations to ensure consistent, auditable, and business-aligned outcomes. Responsibilities - Governance & Policy - Define and maintain a unified product security policy framework spanning cloud software, on-prem platforms, firmware, and hardware devices. - Establish control objectives and standards aligned to secure SDLC, secure firmware development, hardware root of trust, SBOM, vulnerability management, and product lifecycle security. - Ensure policies are embedded into engineering systems (CI/CD, PLM, release gates) and are measurable and enforceable. - Regulatory Leadership (EU CRA & Global) - Act as the internal authority on EU Cyber Resilience Act (CRA), including applicability to software, firmware, and connected devices. - Interpret and decompose regulatory requirements into actionable engineering, manufacturing, and support controls. - Lead enterprise-wide CRA readiness, including gap assessments, remediation programs, and technical documentation requirements (e.g., conformity assessments, CE marking support). - Monitor evolving global regulations (e.g., NIS2, RED Delegated Act, U.S. EO 14028 implications) and adapt governance strategy accordingly. - Compliance Programs & Operations - Build and scale a global product compliance program covering both software delivery pipelines and hardware manufacturing lifecycles. - Define KPIs/KRIs and maturity models; implement dashboards for executive visibility. - Oversee internal/external audits, regulatory inquiries, and evidence management across engineering and manufacturing systems. - Ensure traceability from policy → control → implementation → evidence (including SBOM, VEX, and vulnerability disclosure processes). - Leadership & Organization Development - Lead a team of managers across governance, risk, and compliance domains. - Establish operating models that scale across business units and geographies. - Drive talent development, succession planning, and organizational maturity. - Cross-Functional Partnership - Engineering (software, firmware, hardware): integrate controls into SDLC, toolchains, and design processes. - Product Management: align security requirements with product roadmaps and customer commitments. - Legal & Compliance: align regulatory interpretation, risk posture, and disclosures. - Sales & Customer Success: support customer assurance, RFPs, and contractual obligations. - Support & PSIRT: align vulnerability intake, disclosure, and remediation SLAs. - Manufacturing & Supply Chain: ensure component-level security, supplier requirements, and product integrity. - Program Management & Execution - Lead complex, multi-year regulatory and compliance programs with global scope. - Drive prioritization, risk management, and dependency resolution across a matrixed organization. - Deliver clear executive reporting on posture, risks, and remediation progress. Qualifications - 10+ years in product security, cybersecurity governance, or compliance within software and/or hardware technology companies. - 5+ years of leadership experience, including managing managers. - Demonstrated experience building governance frameworks across both software and embedded/hardware product environments. - Strong working knowledge of EU Cyber Resilience Act (CRA) and related frameworks (e.g., NIS2, ISO/IEC 27001, IEC 62443, ETSI EN 303 645). - Experience translating regulatory and standards requirements into engineering controls and operational processes. - Proven track record partnering with engineering, firmware, hardware, legal, and go-to-market teams. - Strong executive communication skills with experience presenting to senior leadership. - Deep program management experience leading large-scale, cross-functional initiatives. Preferred Qualifications - Experience in a Fortune 500 or similarly complex multinational organization. - Background in connected devices, IoT, or industrial systems. - Familiarity with SBOM generation/management, vulnerability management platforms, and secure build pipelines. - Experience supporting regulatory audits and product certifications (e.g., CE marking, FIPS, Common Criteria). - Relevant certifications (e.g., CISSP, CISM, CRISC). Leadership Profile - Strategic and systems-oriented thinker with strong execution discipline. - Comfortable operating in ambiguity and driving structure at scale. - Influential leader capable of aligning global stakeholders without direct authority. - Data-driven with strong risk prioritization and decision-making skills. - Clear communicator who translates technical and regulatory requirements into business impact. Benefits - Medical, dental and vision. - Health Savings Account. - Health Care and Dependent Care Flexible Spending Accounts. - Life, Accident, Disability insurance. - Business Travel Accident and Business Travel Health. - 401(k) Plan. - Flexible Time Off, Paid Holidays. - Paid Family Leave. - Discounts, Perks. - Tuition Reimbursement. - Adoption Assistance. - ESPP (Employee Stock Purchase Plan).

Role Description Your work will change lives. Including your own. The Impact You’ll Make: Recursion is at the forefront of reimagining drug discovery and development through broadening the funnel of potential targets, using technology and standardization to build connected data, and superlinearly scaling our efforts to accelerate the delivery of high-potential drug candidates to the clinic. We are seeking an Associate Director of Regulatory Affairs who will play a critical role in supporting global regulatory strategy, overseeing processes, and identifying and managing regulatory risks for the assigned programs. In this role, you will: - Build: Intra- and inter-team relationships and collaborate in a global team environment at all levels of the organization to ensure management of regulatory strategy and activities in all applicable regulatory jurisdictions (e.g. EU, US, UK) for the global development of products through all stages of development and post-approval. Participate in global product team meetings; provide regulatory support and guidance and manage day-to-day regulatory activities. - Manage: Complex issues and coordinate multiple projects simultaneously in a time-sensitive fashion while practicing sound judgment as it relates to risk assessment (immediate and long-term impact on program). - Create: Follow procedures for regulatory execution and implementation of regulatory strategies while actively supporting program leads via the Clinical Study Teams (CSTs) to deliver on business objectives for assigned products/programs (e.g. clinical trial applications, marketing authorization applications, orphan drug designation applications, pediatric submissions, etc.). Create, collaborate and comply with disclosure and transparency policies for applicable jurisdictions. - Collaborate: With strategic operations and other functions (e.g. Clinical, Commercial, Medical Affairs, amongst others) to provide regional regulatory insight for futuristic planning and considerations for the program. - Serve: As needed, as the point of contact with relevant Health Authorities and/or lead interactions with such authorities or other relevant external stakeholders. - Review: And interpret regulatory guidelines and create a communication plan to distribute relevant impact assessment. Creatively think outside the box on how to influence and shape the future of regulatory sciences as it relates to the use and validation of unprecedented use of technology to develop drugs effectively for faster paths to patients. - Learn: Keep current with regulations and guidance documents; attend meetings, seminars, conferences on relevant topics; read journals, newsletters, scientific papers; research the answers to RA questions. Represent regulatory function and demonstrate respectful behavior, leadership, ethics, and transparency. Qualifications - A minimum of 10 years in the pharmaceutical industry with a minimum of 8 years in Global Regulatory Affairs, experience with major Health Authority (US FDA, Health Canada, UK MHRA, and EMA) is mandatory. - Minimum of 8 years experience with regulatory submissions (e.g. Investigational New Drug Applications (INDs), New Drug Applications (NDA/NDS/MAA), post-marketing measures, Pediatric Investigation Plans (PIP)/(PSP) and Orphan Drug Designation (ODD), Breakthrough Designation (BTD), EU PRIME activities) are mandatory. - Strong understanding of regulatory strategy and implementation of operational activities. - Outstanding management, interpersonal, communication, negotiation, and problem-solving skills. - Demonstrated proficiency in organizational awareness, including experience working cross-functionally and on global teams. Requirements - This role is remote-friendly, with most work conducted from home. - There may be occasional opportunities or expectations for travel to our Salt Lake City headquarters or other office locations. - Estimated current annual base range for this role is $176,400 - $207,500 (USD). - You will also be eligible for an annual bonus and equity compensation, as well as a comprehensive benefits package. Benefits - Annual bonus and equity compensation. - Comprehensive benefits package. Company Description Recursion (NASDAQ: RXRX) is a clinical-stage TechBio company decoding biology to radically improve lives. Recursion is advancing a portfolio of differentiated investigational medicines across its wholly owned and partnered pipeline in oncology, rare disease, neuroscience, immunology, and other therapeutic areas with significant unmet need. Enabling its mission is the Recursion OS, an AI-native, end-to-end drug discovery and development platform integrating biology, chemistry, and clinical development into a unified intelligence system. Powered by proprietary multimodal data, purpose-built AI models, and bilingual teams fluent in both science and AI, the Recursion OS is designed to translate complex science into medicines that matter — faster, better, and at scale — for patients who are waiting. Recursion’s platform infrastructure is anchored in Salt Lake City, Utah and Milton Park, Oxfordshire, where its automated biology and chemistry laboratories generate proprietary data at industrial scale. Recursion also maintains offices in New York, Montréal, and London, three global hubs for talent and leadership at the intersection of AI and scientific innovation.