• Act as the first line of contact and engagement with relevant regulators to proactively manage and mitigate the potential impact of new regulations. • Drive and/or support the establishment of horizon scanning activities and early warning signals of upcoming changes in relevant regulations. • Support the Head of Regulator Affairs & Compliance and Regulatory Compliance Managers in matters related to Regulatory Affairs & Compliance strategy. • Understand relevant laws and regulations and monitor company compliance. • Support the Regulatory Compliance Managers in performing structured assessments of our regulatory compliance. • Support the implementation of a robust regulatory compliance governance framework, including training activities. • Develop marketing materials and training programs to ensure alignment with regulatory compliance guidelines. • Perform various general administrative duties in response to regulatory compliance queries. • Support the business in responding to queries related to compliance with legal obligations. • Be a business partner to local commercial teams to facilitate the go-to-market process.

• Act as the first line of contact and engagement with relevant regulators to proactively manage and mitigate the potential impact of new regulations, reporting obligations and prudential guidelines, in a given regional portfolio, may have on our operations. • Drive and/or support the establishment of horizon scanning activities and early warning signals of upcoming and potential changes in relevant regulations in the given regional portfolio, and disseminate those internally through the appropriate channels to impacted teams. • Support the Head of Regulator Affairs & Compliance and Regulatory Compliance Managers, as may be required, in matters related to the broader Regulatory Affairs & Compliance strategy and activities in a given regional portfolio. • Understand relevant laws and regulations governing our operations, and continually monitor company compliance with new regulations, reporting obligations and prudential guidelines in a given regional portfolio. • Support the Regulatory Compliance Managers, as required, in performing structured assessments of our regulatory compliance to specific requirements and obligations in a given regional portfolio to assess our regulatory risk exposure, its significance and scope. • Support the implementation of a robust and effective regulatory compliance governance framework within the organization, including training and awareness activities to educate employees on relevant regulations and prudential guidelines and collaborate with other departments and relevant stakeholders to create a culture of regulatory compliance. • Develop marketing materials, training programs and relevant internal presentations to ensure alignment with regulatory compliance prudential guidelines in the given regional portfolio. • Perform various general administrative duties; such as gathering of internal information in response to regulatory compliance queries, and reporting obligations from relevant internal and external stakeholders. • Support the business in effectively and timely responding to queries raised by our partners, financial institutions or other third-parties, related to the compliance with our legal and contractual obligations resulting from new or existing business relationships, such as for instance third-party due diligence requirements, supplier onboarding processes, periodic reporting requirements, or any other as required. • Be a business partner to the local commercial teams to facilitate the go-to-market process in the given regional portfolio, as well as responding to existing customer queries related to existing or new regulatory requirements. • Primary responsibility for this role will be for the East Africa region, therefore the ideal candidate shall demonstrate working knowledge and understanding of the regulatory and oversight bodies, governance and operating principles within Kenya, Uganda, Ethiopia, Somalia, South Sudan and Tanzania. • Act as a regional partner to other internal assurance providers, including Internal Audit, as required, to support the delivery of activities within the scope of the Company’s combined assurance arrangements.

• Help strengthen the systems, processes, and controls that support secure and reliable energy infrastructure operations • Lead initiatives that improve regulatory readiness, cybersecurity resilience, operational continuity, and long-term infrastructure sustainability across critical operational environments • Drive NERC CIP Compliance Excellence by leading and operationalizing compliance programs across critical infrastructure • Manage compliance initiatives that support audit readiness, evidence management, remediation tracking, and regulatory reporting • Partner with internal stakeholders to maintain alignment with evolving NERC CIP standards and regulatory expectations • Collaborate with OT Security, IT, and Operations teams to improve cybersecurity controls across operational technology environments • Support vulnerability management, patch management, and baseline configuration management processes across regulated systems • Develop and improve scalable governance processes, documentation standards, and operational compliance workflows • Partner closely with technical, operational, and compliance stakeholders to align security objectives with operational priorities • Provide leadership during audits, remediation efforts, and regulatory assessments

- **Multi-state regulatory monitoring** — track changing aesthetic, medical, and licensing regulations across all OVME operating states; translate changes into operational implications for the business. - **Licensing & renewals** — own the cadence and execution of state licensing, facility licensing, and provider credentialing renewals across the network. Nothing lapses on your watch. - **MD relationships + new location signing** — partner with the Sr. Director and the operations team to secure MD relationships for new studio openings; manage the contracted state-by-state Medical Director roster. ****COMPLIANCE PROGRAMS** - **HIPAA, OSHA, privacy** — own HIPAA, OSHA, and patient privacy compliance programs across the studio network. - **Internal audit cadence** — design and run the internal audit rhythm; surface gaps proactively, not reactively. - **Adverse event documentation & reporting** — own the documentation, regulatory reporting, and trend tracking on adverse events. Clinical response sits with the Sr. Director; you own the paper trail and the reporting obligations. - **Marketing compliance review** — review marketing claims, treatment descriptions, and promotional content for regulatory and clinical accuracy before publication. ****EXTERNAL & LEGAL** - **Outside counsel liaison** — primary point of contact for OVME's outside compliance and regulatory counsel; manage the relationship and the scope of engagements.