• Define, document, and maintain shared commercial definitions (e.g., clinician taxonomy, test type, account hierarchy, product grouping) to ensure all teams measure performance the same way • Partner with Finance to align on how GeneDx tracks growth, performance, and market share across specialties and market segments • Collaborate with Data Engineering to design and implement data warehouse structures that support reliable, scalable analytics • Establish governance standards, version control, and documentation so that definitions are transparent, accessible, and easy to update • Build and manage the process for reviewing and approving definition changes in coordination with Sales Ops and other stakeholders • Act as the primary liaison between Finance, Commercial Analytics, Sales Ops, and Data Engineering to ensure consistency in data definitions and methodologies • Partner with Product and Data teams to ensure updates flow correctly into Tableau and other reporting systems • Identify and resolve data discrepancies across systems, ensuring accuracy and alignment between Finance, Sales Ops, and Analytics reporting • Assist in evaluating external vendors/data sources • Supports Commercial Operations in advancing the overall data and analytics infrastructure strategy • Assist with high-impact ad hoc analyses across Sales Ops, Analytics, Marketing, CX • Serve as a cross-functional analytics partner who understands key Commercial Ops functions and can step in to support critical analyses and priorities as needed • Drive automation opportunities to reduce manual work and increase scalability.

• Identifying, capturing, and maintaining project risks, issues, and opportunities in the risk register. • Facilitating risk workshops with project teams, contractors, and SMEs to gather inputs and validate assumptions. • Preparing risk reports, dashboards, and executive summaries to inform project controls and leadership reviews.

• Identifying, capturing, and maintaining project risks • Facilitating risk workshops with project teams and SMEs • Performing qualitative assessments and contributing to quantitative risk analysis • Tracking mitigation actions and ensuring accountability • Preparing risk reports and executive summaries • Monitoring emerging risks and changes in project scope • Supporting schedule risk reviews

Key Responsibilities: · **TPRM Proposals & Strategy**: Lead the development of TPRM and GRC proposals, defining scope, delivery models, governance structures, and operating models and design enterprise-level Third Party Risk Management strategies aligned with regulatory, operational, and cyber risk requirements. · **Client Engagement Leadership**: Lead and manage complex client engagements in Third Party Risk Management, vendor risk, and GRC and act as engagement lead and trusted advisor for executive stakeholders (CISO, CRO, Risk, Compliance, Procurement, Legal). In addition to that ensure successful delivery of TPRM services including assessments, frameworks, tooling, and operationalisation. · **Security Assessment & Audit Leadership**: Lead third-party security assessments, audits, and assurance activities and define assessment methodologies, risk scoring models, control frameworks, and reporting structures as well as oversee supplier due diligence, onboarding risk processes, and continuous monitoring programmes. · **Technical & Methodological Authority**: Serve as subject matter expert for TPRM, GRC platforms, and vendor risk methodologies and provide leadership in the use of GRC and TPRM tooling (e.g. OneTrust, Archer, ServiceNow GRC, similar platforms). · **Framework Design & Governance:** Design and implement scalable Third Party Risk frameworks, policies, standards, and operating models and align TPRM frameworks with industry standards and regulatory requirements (e.g. ISO 27001, NIST, SOC2, GDPR, DORA, NIS2). · **Project, Delivery & Programme Leadership**: Act as Project Manager, Delivery Lead, and Programme Lead for large-scale TPRM initiatives and manage multi-stream delivery, dependencies, risks, and stakeholder alignment. · **Team Leadership & Management**: Lead, mentor, and develop a team of consultants (up to 5 direct reports) and build high-performing delivery teams and ensure capability development in TPRM and GRC. · **Risk & Compliance Management:** Identify, assess, and manage third-party risks across cyber, operational, regulatory, and reputational domains and advise clients on risk treatment strategies, remediation plans, and control improvements. · **Continuous Improvement & Innovation**: Drive continuous improvement in TPRM methodologies, delivery models, and service offerings and stay current with regulatory developments, emerging risks, and industry best practices in third-party risk and supply chain security.