Insulet Corporation
Head of Technology Governance Risk Compliance (GRC) - (Hybrid - San Diego, CA or
Insulet Corporation, San Diego, California, United States, 92189
The Head of Technology (GRC) reports directly to the Chief Information Security Officer and plays a pivotal role within Insulet’s Chief Technology Office (CTO). This executive will lead an enterprise-wide function that encompasses Information Security, Governance, Technology
Risk, and Compliance (GRC), with strategic oversight of internal systems, customer-facing platforms, and clinical data environments. The role includes direct management of senior leaders and tight partnership with leadership across Finance, Global Operations, International Commercial, Product functions, along with other internal compliance and audit functions.**Responsibilities**
Overseeing self-assessments, escalating decisions and escalations per requirements, to drive decisions, and risk reduction. Design and implement a robust Three Lines of Defense (3LOD) framework, clearly delineating roles and responsibilities across business units, risk management, and internal audit to enhance accountability, risk ownership, and assurance effectiveness in alignment with industry best practices. Oversee enterprise-wide security awareness and training programs, including phishing simulations and compliance education. Develop budgets and resource requirements for direct reporting teams **Required Leadership/Interpersonal Skills & Behaviors**Demonstrated ability to influence across the enterprise, including ELT and Board-level stakeholders, to drive alignment and accountability for risk and compliance outcomes.**Required Skills and Competencies**Strong executive presence with the ability to translate complex risk and compliance issues into actionable business insights for C-level and Board audiences. Experience leading enterprise-wide GRC programs that span cybersecurity, privacy, product security, and data governance. Experience with GRC platforms and automation tools (e.g., Archer, ServiceNow GRC, OneTrust).Familiarity with cloud security compliance frameworks (e.g., CSA CCM, FedRAMP, HITRUST for cloud). Experience integrating cybersecurity with enterprise risk management, privacy, and product lifecycle governance. Demonstrated ability to apply a methodical, risk-based approach to evaluating and governing the use of AI technologies across the enterprise. **Education and Experience** 15–20+ years of progressive experience in information security, risk management, or IT audit, with at least 5 years in a senior GRC leadership role. Proven experience leading global GRC teams and managing complex compliance programs in highly regulated industries (e.g., healthcare, medtech, financial services)Insulet Corporation (NASDAQ: PODD), headquartered in Massachusetts, is an innovative medical device company dedicated to simplifying life for people with diabetes and other conditions through its Omnipod product platform. The Omnipod Insulin Management System provides a unique alternative to traditional insulin delivery methods. With its simple, wearable design, the tubeless disposable Pod provides up to three days of non-stop insulin delivery, without the need to see or handle a needle. Insulet’s flagship innovation, the Omnipod 5 Automated Insulin Delivery System, integrates with a continuous glucose monitor to manage blood sugar with no multiple daily injections, zero fingersticks, and can be controlled by a compatible personal smartphone in the U.S. or by the Omnipod 5 Controller. Insulet also leverages the unique design of its Pod by tailoring its Omnipod technology platform for the delivery of non-insulin subcutaneous drugs across other therapeutic areas. For more information, please visit insulet.com and omnipod.com.
We are looking for highly motivated, performance-driven individuals to be a part of our expanding team. We do this by hiring amazing people guided by shared values who exceed customer expectations. Our continued success depends on it!At Insulet Corporation all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.() #J-18808-Ljbffr
Risk, and Compliance (GRC), with strategic oversight of internal systems, customer-facing platforms, and clinical data environments. The role includes direct management of senior leaders and tight partnership with leadership across Finance, Global Operations, International Commercial, Product functions, along with other internal compliance and audit functions.**Responsibilities**
Overseeing self-assessments, escalating decisions and escalations per requirements, to drive decisions, and risk reduction. Design and implement a robust Three Lines of Defense (3LOD) framework, clearly delineating roles and responsibilities across business units, risk management, and internal audit to enhance accountability, risk ownership, and assurance effectiveness in alignment with industry best practices. Oversee enterprise-wide security awareness and training programs, including phishing simulations and compliance education. Develop budgets and resource requirements for direct reporting teams **Required Leadership/Interpersonal Skills & Behaviors**Demonstrated ability to influence across the enterprise, including ELT and Board-level stakeholders, to drive alignment and accountability for risk and compliance outcomes.**Required Skills and Competencies**Strong executive presence with the ability to translate complex risk and compliance issues into actionable business insights for C-level and Board audiences. Experience leading enterprise-wide GRC programs that span cybersecurity, privacy, product security, and data governance. Experience with GRC platforms and automation tools (e.g., Archer, ServiceNow GRC, OneTrust).Familiarity with cloud security compliance frameworks (e.g., CSA CCM, FedRAMP, HITRUST for cloud). Experience integrating cybersecurity with enterprise risk management, privacy, and product lifecycle governance. Demonstrated ability to apply a methodical, risk-based approach to evaluating and governing the use of AI technologies across the enterprise. **Education and Experience** 15–20+ years of progressive experience in information security, risk management, or IT audit, with at least 5 years in a senior GRC leadership role. Proven experience leading global GRC teams and managing complex compliance programs in highly regulated industries (e.g., healthcare, medtech, financial services)Insulet Corporation (NASDAQ: PODD), headquartered in Massachusetts, is an innovative medical device company dedicated to simplifying life for people with diabetes and other conditions through its Omnipod product platform. The Omnipod Insulin Management System provides a unique alternative to traditional insulin delivery methods. With its simple, wearable design, the tubeless disposable Pod provides up to three days of non-stop insulin delivery, without the need to see or handle a needle. Insulet’s flagship innovation, the Omnipod 5 Automated Insulin Delivery System, integrates with a continuous glucose monitor to manage blood sugar with no multiple daily injections, zero fingersticks, and can be controlled by a compatible personal smartphone in the U.S. or by the Omnipod 5 Controller. Insulet also leverages the unique design of its Pod by tailoring its Omnipod technology platform for the delivery of non-insulin subcutaneous drugs across other therapeutic areas. For more information, please visit insulet.com and omnipod.com.
We are looking for highly motivated, performance-driven individuals to be a part of our expanding team. We do this by hiring amazing people guided by shared values who exceed customer expectations. Our continued success depends on it!At Insulet Corporation all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.() #J-18808-Ljbffr