IT Compliance Manager

Crinetics is a pharmaceutical company based in San Diego, California, developing much-needed therapies for people with endocrine diseases and endocrine-related tumors. We were founded by a dedicated team of scientists with the simple belief that better therapies developed from rigorous innovation can lead to better lives. Our work continues to make a real difference in the lives of patients. We have a prolific discovery engine and a robust preclinical and clinical development pipeline. We are driven by science with a patient-centric and team-oriented culture. Crinetics is known for its inclusive workplace culture. We are also a dog-friendly workplace. This is an exciting time to join Crinetics as we shape our organization into the world’s premier fully-integrated endocrine company from discovery to patients. Join our team as we transform the lives of others.

Position Summary:

The IT Compliance Manager is responsible for overseeing and supporting all IT compliance activities within the organization. This role ensures adherence to internal policies, external regulations, and industry best practices, particularly in areas such as Computer System Validation (CSV), IT vendor audits, computer system periodic reviews, and compliance with regulations including SOX (Sarbanes-Oxley Act). The IT Compliance Manager also collaborates with IT operations to maintain a secure and compliant technology environment.

Essential Job Functions and Responsibilities:

These may include but are not limited to:

• Coordinate and execute computer system validation (CSV) processes to ensure systems meet regulatory and business requirements.
• Maintain documentation and records to demonstrate compliance with applicable standards and regulations.
• Participate in planning, conducting, and following up on IT vendor audits to ensure vendors comply with contractual and regulatory requirements.
• Evaluate audit findings and work with vendors and internal teams to implement corrective actions.
• Schedule and perform regular reviews of computer systems to verify ongoing compliance.
• Identify and address any compliance gaps or risks discovered during reviews.
• Monitor and interpret changes in relevant regulations, such as SOX, GDPR, HIPAA, and others impacting IT operations.
• Develop and update policies and procedures to ensure ongoing compliance with new and evolving regulatory requirements.
• Partner to ensure that AI systems, from development to deployment, follow laws, regulations, and ethical and data privacy standards including GDPR, HIPAA, EU AI Act, the FTC Act and emerging AI-specific guidelines in various jurisdictions, and aligning with frameworks such as the ISO/IEC 42001 standard. 
• Work closely with IT operations to ensure compliance is integrated into daily workflows and system management.
• Provide guidance and training to IT staff on compliance practices and regulatory obligations.
• Identify, assess, and mitigate compliance risks associated with IT systems and processes.
• Report on risk status and remediation progress to senior management.
• Prepare for and support internal and external audits related to IT compliance.
• Generate reports on compliance activities, findings, and corrective actions for management review.
• Other duties as assigned.

Education and Experience:

Required:

• Bachelor’s degree in Information Technology, Computer Science, or related field.
• 8+ years of experience in IT compliance, IT audit, or related roles.
• Strong knowledge of CSV, SOX, and other relevant regulations and standards.
• Experience conducting audits and periodic reviews of IT systems and vendors.
• Excellent organizational, communication, and analytical skills.
• Collaborative mindset and experience working with cross-functional teams.
• Ability to interpret and apply complex regulations.
• Attention to detail and commitment to regulatory compliance.

Preferred:

• Relevant certifications (e.g., CISA, CISSP, CRISC) are a plus

Physical Demands and Work Environment:

Physical Activities: On a continuous basis, sit at desk for a long period of time; intermittently answer telephone and write or use a keyboard to communicate through written means. Some walking and lifting up to 25 lbs. may be required. The noise level in the work environment is typically low to moderate. The physical demands described above are representative of those that must be met by an employee to successfully perform the essential functions and responsibilities of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions and responsibilities.

Laboratory Activities (if applicable): Biology and chemical laboratory environment experience needed. Environmental health and safety requirements also apply.

Travel:

You may be required to travel for up to 5% of your time.

Equal Opportunity Employer:

Crinetics is proud to be an Equal Opportunity Employer. We provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of sex, sexual orientation, gender (including gender identity and/or expression), pregnancy, race, color, creed, national or ethnic origin, citizenship status, religion or similar philosophical beliefs, disability, marital and civil union status, age, genetic information, veteran status or any personal attribute or characteristic that is protected by applicable local, state or federal laws.

Salary Range

In addition to your base pay, our total rewards program consists of a discretionary annual target bonus, stock options, ESPP, and 401k match. We also provide top-notch health insurance plans for employees (and their families) to include medical, dental, vision and basic life insurance, 20 days of PTO, 10 paid holidays, and a winter company shutdown.