Position Description:
About Mathematica:

Mathematica applies expertise at the intersection of technology, data, methods, policy, and practice to improve well-being around the world. We collaborate closely with public- and private-sector partners to translate big questions into deep insights that improve programs, refine strategies, and enhance understanding using technology and advanced analytics. Our work yields actionable information to guide decisions in wide-ranging policy areas, from health, education, early childhood, and family support to nutrition, employment, disability, and international development. Mathematica offers our employees competitive salaries, and a comprehensive benefits package, as well as the advantages of being 100 percent employee owned. As an employee stock owner, you will experience financial benefits of ESOP holdings that have increased in tandem with the company’s growth and financial strength. You will also be part of an independent, employee-owned firm that is able to define and further our mission, enhance our quality and accountability, and steadily grow our financial strength. Read more about our benefits here: https://www.mathematica.org/career-opportunities/benefits-at-a-glance

About the opportunity:

Mathematica is seeking a Corporate Compliance Program Director to serve as the Corporate Compliance Officer. In this role, the Corporate Compliance Program Director will oversee and maintain Mathematica’s corporate compliance program.  The Director is responsible for ensuring the effective management of all corporate compliance program activities, including the planning, implementation and monitoring of the Corporate Compliance Program. The Corporate Compliance Program Director regularly reports to the company’s Business Ethics and Compliance Committee that reports to the Audit Committee of the Board.  

The ideal candidate will possess a strong background in compliance management, deep subject matter expertise in data security and privacy laws, regulations and standards, proven experience advising on compliance risk and providing compliance risk assessments.

Core Responsibilities

1.       Corporate Compliance Program Oversight and Maintenance:

• Oversee and maintain the company's corporate compliance program, policies, and procedures.
• Prepare regular compliance reports for senior management and the board of directors.
• Maintain comprehensive and up-to-date documentation of compliance activities.
• Serve as the primary point of contact for staff, auditors, and other relevant parties with respect to the company’s corporate compliance program and policies.

2.       Guidance on Compliance Policies:

• Provide guidance to staff on the application of the company’s compliance policies, particularly assessment and guidance on potential organizational conflicts of interest.
• Ensure the provision of relevant information for Corporate Compliance Program disclosures to current and potential clients and partners.
• Oversees systems and processes to ensure accurate and timely ethics and conflicts of interest disclosures, including overseeing the maintenance and development of data systems that support this function.
• Advise proposal and project teams regarding potential organizational conflicts of interest. Provides analysis and assessment of organizational conflicts of interests, including drafting mitigation plans.
• Advise on potential compliance risks and vulnerabilities and develop strategies to mitigate them, particularly as related to potential organizational conflicts of interest.

3.        Compliance Monitoring, Reporting, Investigation Processes:

• Working with the company’s internal audit team, maintain systems for ongoing corporate compliance monitoring and auditing.
• Maintain the company’s policies and procedures relating to the investigation of corporate compliance policy violations.
• Support the investigation of reported violations of the company’s corporate compliance policy.

4. Training and Education:

• Coordinate, oversee and monitor the need for compliance training programs for employees at all levels.
• Promote a culture of compliance and ethics throughout the organization.

5.   Serve as Corporate Level Subject Matter Expert In Data Security Compliance

• Working closely with the company’s Senior Privacy Attorney, and Information Technology Services (ITS) team to support the development, implementation of new technologies  and oversight of the systems and processes that facilitate timely review of data use and sharing agreements.
• Provide subject matter expert review with respect to data security compliance of corporate level agreements, including guidance in more complex data security incident and cybersecurity investigations.
• Leverage subject matter expertise to solve complex cross-function or enterprise level tasks or issues intersecting with data security and privacy.
• Assist in developing corporate policies and implementing new technologies to support compliance with evolving data security and privacy regulations.
• Serve as corporate level data security and compliance subject-matter expert, advising on compliance with contractual data security obligations under applicable federal, state and foreign legislation, including technical compliance with FISMA, NIST and other regulatory/legal information security requirements (e.g., FERPA, HIPAA, Privacy Act).
• Act as Data Privacy Officer under the General Data Protection Regulation (GDPR) or other similar foreign privacy framework when applicable, working with the Company’s Senior Privacy Attorney, to ensure compliance.
• Interact directly with Mathematica data provider partners to  achieve customer, operational, and/or project objectives.
• Actively support the advancement of organizational diversity, equity, and inclusion efforts, and applies diversity, equity, and inclusion lens across job responsibilities.
• Additional duties may be assigned as needed.

Position Requirements:

• Bachelor's degree in business, law, or a related field; Master's degree or JD preferred
• A minimum of 10 years of relevant experience in compliance management.
• Subject matter expertise in information technology, privacy and security
• In-depth knowledge of industry-specific regulations and best practices.
• Strong analytical, problem-solving, and decision-making skills.
• Excellent communication and leadership abilities.
• Detail-oriented with a focus on accuracy and thoroughness.
• Demonstrated ability to lead and motivate cross-functional teams.