• Develop, maintain, and enforce compliance programs aligned with relevant standards (e.g., ISO, SOC 2 Type 2, GDPR, CMMC, NIST, CSF) consistent with the types of frameworks referenced across internal compliance dashboards. • Monitor regulatory updates and ensure policies and processes remain current. • Lead internal and external audits; prepare evidence and coordinate responses. • Ensure documentation aligns with legal and regulatory requirements, leveraging document control best practices. • Conduct ongoing risk assessments and collaborate with IT/Security teams to identify vulnerabilities — echoing risk assessment processes. • Develop mitigation plans, track corrective actions, and report risk posture to leadership. • Maintain centralized compliance dashboards and metrics. • Develop, revise, and publish corporate policies, procedures, and standards. • Ensure employees and vendors follow defined processes and frameworks. • Own library management and workflow processes. • Oversee training programs to ensure compliance with required regulations. • Partner with HR and department leads to improve compliance culture. • Track and report training completion, certifications, and recurring requirements. • Manage documentation repositories, version control, and audit trails. • Maintain readiness for customer, regulatory, and certification audits. • Produce and maintain evidence of compliance on demand. • Work closely with IT, Security, Legal, Client Success, and Operations teams. • Serve as a compliance subject matter expert in client discussions when needed. • Support incident response processes and post incident compliance documentation.

• Maintain deep, current expertise in U.S. and global life sciences compliance requirements related to HCP/HCO engagements, interactions, and transparency reporting • Serve as the primary compliance advisor for SE customers, providing guidance on regulatory interpretation, risk mitigation, and industry benchmarking • Anticipate compliance trends, emerging regulations, and evolving industry expectations; translate updates into actionable internal recommendations • Develop and maintain an expert-level understanding of the Stakeholder Engagement product—including configuration, workflows, data dependencies, reporting logic, and upcoming roadmap features • Evaluate how product enhancements, defects, or configuration choices affect customer compliance obligations, data integrity, and operational workflows • Partner closely with Product and Engineering to provide compliance input on roadmap planning, requirement definition, and release readiness • Work closely with Implementation and Customer Success teams to ensure customers are configured and supported in a manner consistent with compliance expectations and best practices • Support Sales as the compliance SME during demos, RFPs, prospect discussions, and conference participation • Contribute to the design and delivery of internal training programs, playbooks, and knowledge-based content to elevate organizational expertise on compliance and SE product requirements • Build trusted, long-term relationships with customers, acting as their strategic compliance advisor and escalation point for complex issues • Proactively engage customers to understand evolving business needs, pain points, and strategic objectives; translate insights into product or process improvements • Participate in key customer meetings, governance forums, and business reviews to reinforce alignment and demonstrate product and compliance leadership • Lead or participate in specialized compliance engagements, including assessments, audits, policy reviews, customized training, and best-practice consultations • Represent the organization at industry conferences, webinars, and professional associations to strengthen brand reputation and support commercial growth • Develop thought-leadership content (whitepapers, presentations, guidance documents) to support customers and internal teams

• Maintain and improve information security policies, standards, procedures, control documentation, and related governance materials. • Help map policies and controls to frameworks such as SOC 2, ISO 27001/27002, HITRUST, NIST CSF 2.0, and other customer, regulatory, or security requirements. • Support policy exceptions, risk acceptances, remediation tracking, control owner follow-ups, and recurring governance workflows. • Support SOC 2, ISO 27001, and HITRUST readiness, audit preparation, evidence collection, auditor coordination, and audit response management. • Maintain recurring evidence-gathering and control testing workflows, helping ensure controls operate consistently across the business. • Track audit findings, control gaps, remediation plans, owners, due dates, and closure evidence. • Support risk assessments, control gap assessments, internal reviews, and maintenance of the risk register. • Translate technical and security risks into clear business language, including mitigations, ownership, timelines, and residual risk. • Own or support customer security questionnaires, RFP security sections, due diligence requests, and trust or compliance documentation. • Maintain reusable questionnaire content, approved responses, compliance artifacts, and customer-facing assurance materials. • Support employee security awareness programs and create clear internal guidance for policies, controls, and compliance responsibilities. • Support vendor security reviews, third-party risk assessments, remediation tracking, risk acceptance documentation, and vendor compliance evidence. • Use GRC platforms such as Vanta, Drata, Thoropass, Secureframe, or similar tools to improve evidence collection, control monitoring, task tracking, reporting, and repeatable compliance operations.

• Monitor and interpret gambling regulations across multiple jurisdictions. • Support licensing activities, audits, regulatory filings, and reporting. • Coordinate responses to regulators and maintain compliance records. • Advise internal teams on compliance obligations and regulatory requirements. • Lead and maintain the company’s data protection framework and GDPR compliance. • Improve privacy processes, policies, and internal controls.