• Serve as the primary evidence coordinator for all PCI-DSS control domains across 2-3 assigned business unit scopes, managing artifact collection from IT, operations, HR, and business unit control owners. • Maintain a continuous, audit-ready evidence repository for each assigned scope - organizing artifacts by control requirement, testing frequency, and assessment cycle. • Develop and distribute standardized evidence request packages to control owners, providing clear instructions on format, retention period, and submission deadlines. • Validate evidence submissions for completeness, accuracy, and alignment to the specific PCI-DSS v4.0 requirement being satisfied before logging in the repository. • Track evidence gaps, follow up on outstanding submissions, and escalate persistent collection failures to the ISA for stakeholder intervention. • Maintain version control and change logs for all compliance artifacts to support QSA review and year-over-year comparison. • Execute the control monitoring calendar for each assigned scope, performing or coordinating scheduled PCI-DSS control tests at daily, weekly, monthly, quarterly, and annual frequencies as defined by the ISA. • Document control test results with supporting evidence, noting pass/fail status, observations, and any exceptions identified during testing. • Track and log control exceptions, working with the ISA to initiate issue tickets and assign remediation owners through established workflows. • Coordinate and document quarterly User Access Reviews (UARs) for cardholder data environment (CDE) systems, collecting attestations from system owners and flagging any orphaned or excess access for remediation. • Support Monthly vulnerability scan cycles by coordinating scan scheduling with IT teams, collecting results, and ensuring risk ratings and remediation tickets are opened within required timeframes. • Maintain the control monitoring log and provide a monthly status summary to the ISA for KPI reporting and dashboard updates. • Support the ISA in executing the annual PCI-DSS recertification process for all assigned scopes - managing logistics, scheduling, evidence packaging, and communication with internal stakeholders throughout the assessment window. • Prepare and maintain structured evidence binders and audit response packages for each control domain, ensuring all artifacts are labeled, indexed, and traceable to specific PCI-DSS v4.0 requirements. • Track all QSA Requests for Information (RFIs) in the team's audit management system, coordinating timely responses from control owners and flagging items at risk of missing SLA to the ISA. • Maintain a master findings tracker for all assigned scopes, logging audit findings, management responses, remediation owners, target dates, and closure evidence across internal and external audit cycles. • Support the ISA in preparing Attestations of Compliance (AOCs), Self-Assessment Questionnaires (SAQs), and Report on Compliance (ROC) documentation by compiling required data and validating input accuracy. • Assist with post-audit retrospectives by compiling evidence submission timelines, RFI logs, and findings summaries for lessons-learned analysis. • Maintain and update CDE boundary diagrams, data flow diagrams, and network segmentation documentation for each assigned scope, initiating updates within 30 days of any environment change. • Maintain the risk acceptance register for assigned scopes, tracking open risk acceptances, expiry dates, residual risk ratings, and required annual reviews. • Track compensating controls for assigned scopes, ensuring each has documented rationale, compensating measures, and a current review date on file. • Monitor policy and procedure currency for assigned scopes, flagging documents approaching their review date and coordinating with the ISA and policy owners to initiate updates. • Maintain the third-party service provider compliance tracking log for assigned scopes, following up annually on AOC renewals and flagging expired certifications to the ISA. • Coordinate annual PCI-DSS awareness training delivery for control owners, IT staff, and business operations personnel within assigned scopes - tracking enrollment, completion rates, and issuing completion certificates. • Develop and maintain training attendance records and completion reports for all assigned scopes to support audit evidence requirements. • Assist the ISA in preparing control owner briefing materials, interview guides, and evidence submission instructions ahead of assessment windows. • Support onboarding of new control owners within assigned business units, walking them through evidence expectations, submission formats, and the compliance calendar.

• Conduct requirements analysis to support program planning, capability development, and strategic decision-making. • Develop and maintain requirements documentation, ensuring traceability from operational needs through implementation. • Perform capability-based assessments and gap analyses to identify opportunities for program improvement. • Support the development of requirements traceability matrices and related program documentation. • Coordinate with stakeholders to gather, validate, and prioritize operational and technical requirements. • Assist with the transition of program capabilities into formal DoD acquisition and governance processes. • Support development of capability documentation, briefing materials, and decision-support products. • Analyze program risks, dependencies, and impacts associated with evolving requirements. • Ensure alignment between program objectives, stakeholder needs, and DoD governance frameworks. • Provide analytical support, technical writing, and reporting to leadership and stakeholders.

Role Description Are you passionate about supporting clinicians, improving customer confidence and helping healthcare teams get the best from innovative medical technology? Hologic is looking for a Clinical Applications Specialist to support our Sonata® products across the Midlands, UK. This is a highly customer-facing role, ideal for someone who combines strong clinical knowledge, excellent communication skills and the confidence to train, support and partner with healthcare professionals in a dynamic environment. As one of the key points of contact for our customers, you will: - Provide advanced applications support to new and existing Sonata customers across the Midlands. - Deliver high-quality training to clinicians and healthcare teams on the effective use of Sonata products. - Support customers throughout the opportunity journey, including pre-site and site assessments. - Assist with applications troubleshooting, helping customers resolve issues efficiently and confidently. - Build strong relationships that support customer retention, satisfaction and long-term partnership. - Identify growth opportunities within existing accounts and gather insights from competitive accounts. - Capture customer feedback and insights to help inform potential product, service and training improvements. - Provide commercial and clinical applications support at conferences, trade shows and customer events. - Represent the Voice of the Customer internally, ensuring customer needs are understood and acted on. - Work closely with Sales, Field Service Engineering, Marketing, Technical Solutions and Customer Service to deliver a first-class customer experience. Qualifications - A bachelor’s degree or equivalent experience in Life Sciences, Nursing, Radiology, Healthcare, Medical Technology or a related field. - Relevant clinical experience, ideally within women’s health, gynaecology, theatre, surgical or outpatient procedure environments. - Experience supporting or training users on medical devices, capital equipment or clinical applications. - Strong understanding of clinical workflows and the needs of healthcare professionals. - Ability to develop and maintain strong product knowledge of the Sonata portfolio and associated services. - Confidence using Microsoft Office Suite. - Experience with CRM and ERP systems, ideally Salesforce and Oracle. - Awareness of UK healthcare environments, NHS and/or private sector customer needs, and relevant local accreditation or training requirements. - A full UK driving licence and the ability to travel frequently across the Midlands and, when required, further afield. Requirements - Relevant clinical, sonography, theatre, gynaecology, nursing or medical device applications experience. - Enjoy working directly with customers and solving problems in real-world healthcare settings. Benefits - Salary: £39,000 - £47,000 + bonus. The final offer will depend on experience, skills, and alignment with internal pay structures. - Comprehensive benefits package including pension and insurances.

• Support the Chief Risk and Compliance Officer in delivering the team’s objectives. • Deliver monitoring tasks aligned with the Risk and Compliance Monitoring Framework and best practices. • Support the execution of the annual Compliance Monitoring Plan. • Conduct assigned reviews and oversight activities on schedule and to high standards. • Perform ad-hoc monitoring of specific business areas as needed. • Report review results clearly and promptly to the business. • Track and escalate actions from monitoring work, ensuring timely resolution. • Use management information (MI) to identify exceptions and enhance oversight. • Provide regular reports, trend analysis, and progress updates. • Support business areas in improving monitoring review outcomes.