Senior Director – Global Cyber Compliance

Eli Lilly and Company

Senior Director of Global Cyber Compliance leading strategy and execution for compliance programs at Lilly. Transforming compliance function into a high-performing AI-enabled program that reduces regulatory risk.

Posted 5/22/2026full-timeIndianapolis • 🇺🇸 United StatesSenior💰 $157,500 - $231,000 per yearWebsite

Tech Stack

Tools & technologies

Cyber SecurityServiceNow

About the role

Key responsibilities & impact

Define and own the global cyber compliance program, establishing a clear approach that transitions the function from reactionary audits and inspections toward continuous, risk-responsive, program-aligned assurance.
Set the vision and drive execution for AI, automation and GRC platform capabilities to accelerate compliance delivery, reduce manual overhead, and improve compliance outcomes.
Own and evolve Lilly's multi-framework compliance program spanning FDA 21 CFR Part 11, GxP, ISO 27001, SOC 2, NIS2, HIPAA, CCPA, PIPL/CSL/DSL, and emerging AI/ML governance requirements across global manufacturing, research, and commercial technology environments.
Develop scope definitions for security controls and regulatory requirements that reduce task-driven overhead through technical innovation including AI and automation.
Maintain a current-state, executive-ready view of how Lilly's cyber control environment satisfies each applicable regulatory framework, clearly mapping satisfied obligations and characterizing gaps with meaningful regulatory risk analysis.
Drive effort to build and sustain inspection-ready documentation, evidence packages, and response protocols enabling confident engagement with authorities, ISO auditors, and other regulators globally with minimal lead time.

Requirements

What you’ll need

Bachelor's degree in Information Security, Computer Science, Risk Management, Operations Research, or related field
12+ years of progressive experience in cybersecurity compliance, risk management, GRC, or data operations roles within complex, global technology environments.
Experience designing and operating multi-framework compliance programs that prioritize controls based on risk rather than static regulatory checklists.
Hands-on experience implementing or operating a modern GRC platform (LogicGate, ServiceNow GRC, Archer, or equivalent) at enterprise scale.
Experience in highly regulated, multinational environments with demonstrated regulatory engagement, inspection support, and audit management success (FDA, EMA, ISO, NIS2, or equivalent).
Qualified applicants must be authorized to work in the United States on a full-time basis.

Benefits

Comp & perks

eligibility to participate in a company-sponsored 401(k)
pension
vacation benefits
eligibility for medical, dental, vision and prescription drug benefits
flexible benefits (e.g., healthcare and/or dependent day care flexible spending accounts)
life insurance and death benefits
certain time off and leave of absence benefits
well-being benefits (e.g., employee assistance program, fitness benefits, and employee clubs and activities)

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecurity compliancerisk managementGRCdata operationsmulti-framework compliance programssecurity controlsregulatory requirementstechnical innovationAIautomation

Soft Skills

leadershipvision settingexecution drivingcommunicationorganizational skillsrisk analysisdocumentationengagement with authoritiesinspection supportaudit management

Certifications

Bachelor's degree in Information SecurityBachelor's degree in Computer ScienceBachelor's degree in Risk ManagementBachelor's degree in Operations ResearchISO certificationsFDA compliance certificationsNIS2 compliance certificationsSOC 2 compliance certificationsHIPAA compliance certificationsCCPA compliance certifications