Alnylam Pharmaceuticals

Sr. Director, Governance, Risk & Compliance

Alnylam Pharmaceuticals$229K — $310K *
Healthcare
11 - 15 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in a relevant field; advanced degree preferred.
  • 15+ years in cybersecurity, risk management, compliance, or audit.
  • 10+ years of leadership experience in GRC or compliance teams.
  • Deep knowledge of NIST CSF and other regulatory frameworks.
  • Experience in regulated environments like biotech or pharma.
  • Strong communication skills for executive-level interactions.
  • Industry certifications such as CISSP or CISM preferred.

Responsibilities

  • Lead and evolve Alnylam's enterprise GRC program.
  • Define and execute a multi-year cyber risk and compliance roadmap.
  • Own the cyber risk management lifecycle from identification to reporting.
  • Establish security governance frameworks and policies.
  • Oversee compliance related to HIPAA, SOX, and FDA regulations.
  • Lead audits and manage findings and remediation plans.
  • Build and lead a high-performing GRC organization.

Benefits

  • Comprehensive medical, dental, and vision coverage.
  • Life and disability insurance.
  • Flexible spending and health savings accounts.
  • 401(k) with a generous company match.
  • Paid time off, wellness days, and holidays.
  • Two company-wide recharge breaks.
  • Generous family resources and leave.
Full Job Description
Overview

Reporting directly to the VP/CISO, this leader will own Alnylam's enterprise cyber risk management, regulatory compliance, and security governance programs. The Senior Director will be accountable for establishing a scalable, risk-driven GRC operating model aligned with NIST CSF v2.0, Alnylam' enterprise risk management (ERM) program and applicable biotech and pharmaceutical regulations. This role balances strategic leadership with hands-on execution, partnering across the business and IT functions

This is a hybrid role primarily based in our Cambridge, MA office.

Responsibilities
  • Lead and evolve Alnylam's enterprise GRC program.
  • Define and execute a multi-year cyber risk and compliance maturity roadmap aligned to NIST CSF v2.0, enterprise risk management (ERM), regulatory requirements, and business priorities.
  • Own the cyber risk management lifecycle, including risk identification, assessment, prioritization, treatment, and executive-level reporting.
  • Establish and maintain security governance frameworks, policies, standards, and exception management processes.
  • Provide cybersecurity governance and risk oversight for GxP-regulated systems, ensuring alignment with data integrity, validation expectations, IT SDLC practices, and quality requirements across research, clinical, manufacturing, and quality operations.
  • Ensure security policies, standards, and risk decisions appropriately account for validated system constraints, change control requirements, and inspection readiness.
  • Oversee regulatory and compliance activities related to HIPAA, SOX, FDA-adjacent biotech regulations, computer system validation (CSV), privacy requirements, and emerging regulations (e.g., NIS2).
  • Lead internal and external audits, inspections, and assurance activities, including management of findings, remediation plans, and executive reporting.
  • Own and mature the third-party risk management (TPRM) program.
  • Embed cybersecurity risk considerations into system lifecycle and validation activities.
  • Define and track risk-based metrics and key risk indicators (KRIs) focused on outcomes, maturity, and remediation effectiveness rather than control volume.
  • Build and lead a high-performing GRC organization, fostering a culture of accountability, rigor, and strong cross-functional partnership.
  • Deliver clear, actionable executive- and board-level reporting

Qualifications
  • Bachelor's degree in a relevant field; advanced degree (MBA, Master's, JD) preferred.
  • 15+ years of progressive experience in cybersecurity, risk management, compliance, or audit.
  • 10+ years of leadership experience building and leading GRC, risk, or compliance teams.
  • Deep knowledge of NIST CSF, NIST 800-53, ISO 27001, and ERM frameworks.
  • Experience operating GRC programs in regulated environments such as biotech, pharma, healthcare, or life sciences.
  • Strong ability to translate complex risk topics for executive and board-level audiences.
  • Industry certifications such as CISSP, CISM, CRISC, or CISA strongly preferred.
  • Proven ability to influence across Security, IT, Legal, Audit, and business stakeholders.

U.S. Pay Range

$229,500.00 - $310,500.00

The pay range reflects the full-time base salary range we expect to pay for this role at the time of posting. Base pay will be determined based on a number of factors including, but not limited to, relevant experience, skills, and education. This role is eligible for an annual short-term incentive award (e.g., bonus or sales incentive) and an annual long-term incentive award (e.g., equity).

Alnylam's robust Total Rewards package is designed to support your overall health and well-being. We offer comprehensive benefits including medical, dental, and vision coverage, life and disability insurance, a lifestyle reimbursement program, flexible spending and health savings accounts and a 401(k)with a generous company match. Eligible employees enjoy paid time off, wellness days, holidays, and two company-wide recharge breaks. We also offer generous family resources and leave. Our commitment to your well-being reflects our belief that caring for our people fuels the impact we create together.

Learn more about these and additional benefits offered by Alnylam by visiting the Benefits section of the Careers website: https://www.alnylam.com/careers

About Alnylam Pharmaceuticals

Alnylam Pharmaceuticals is a biotechnology company that focuses on RNA interference (RNAi) therapeutics. The company's products are designed to silence specific genes that cause diseases. Alnylam's pipeline includes products for the treatment of genetic, cardio-metabolic, and hepatic infectious diseases. The company was founded in 2002 and is headquartered in Cambridge, Massachusetts.
Learn more about Alnylam Pharmaceuticals
Size
1,665 employees
Market Cap
$28.7 billion
Industry
Net Income
-$858.2 million
Founded
2002
5 Year Trend
+78.1%
Revenue
$492.8 million
NASDAQ

Similar Jobs

More Jobs at Alnylam Pharmaceuticals

More Healthcare Jobs

Find similar Sr. Director, Governance, Risk & Compliance jobs: