Risk & Compliance Specialist (Med Tech/SaMD)

Location

• Dublin or UK  based 
• Occasional Travel to Dublin office if Ireland based (Glasnevin) or UK if UK based  (Kidlington) as well as USA 
  

This role is not what the title suggests. Please read this before you apply.

If you have spent your career in banking, financial services, or insurance - and you are looking for more of the same, this role is not for you.

Deciphex  are a medtech company.  Our risk landscape spans AI-powered medical software, clinical services in the UK and US, global commercial contracts, investor ESG obligations, and a multi-entity supply chain. 

The person we are hiring will sit at the centre of all of it. Not as a specialist in one domain, but as the person who connects the dots across all of them.

There is no team beneath this role. This is a very hands on operational individual contributor role. There are some established playbooks to follow. Others you will build from scratch. 

There is real ownership, real variety, and real exposure to a company scaling fast in a genuinely complex industry. If that excites you more than a defined lane, keep reading.

Role Purpose

• To execute the operational risk and compliance, Insurance & ESG workload for the Deciphex Group under the direction of the CRCO. 
• The CRCO sets direction and owns the framework. You make it work day to day basis. 
• This role is the operational engine of the function.
• This is a hands-on execution role.
• There is NO strategic, policy-setting, board, or regulator-facing element.

Core Workstreams 

You will own the operational delivery of our Group risk and compliance function. 

• That means keeping the infrastructure running , risk register maintained and prioritised, insurance renewals coordinated, critical supplier risks identified and tracked, ESG data gathered and accurate, incidents logged and chased to closure.

But it also means more than coordination. 

• You will be expected to look across the business, spot what others are too close to see, ask the questions that don't get asked, and bring the right things to the surface.

You will own multiple core workstreams:

• Risk register and reporting  - gather and consolidating risk inputs from across the Group into a single, prioritised view ready  for Board and investor audiences
• Critical supplier risk (spans across the businesses) - identifying dependencies that could hurt the business if they failed, and making sure those risks are understood, owned, and actively managed
• Insurance programme - coordinating multi-entity renewals, mid-term changes, certificate requests, and claims across Ireland, UK, US, and Canada (broker manages technical interpretation; you manage the process)
• ESG data -  gathering and quality-checking our annual ESG data for investor reporting and customer due diligence (knowledge is trainable; what matters is rigour and ownership)
• Incident and compliance coordination  - maintaining the Group incident log, tracking items to closure, and supporting audit and diligence requests
• Compliance Calendar & Workflow Operations  Run the operational rhythm of the function including; Maintain the consolidated compliance calendar built by the CRCO — audit dates, accreditation renewals, regulatory submission deadlines, policy review dates, insurance renewals, vendor reassessments. Prepare the CRCO's regular reporting packs by pulling status updates from functional leads.

What This Role Does NOT Do

• Build frameworks, policies, registers, or methodologies -  that is the CRCO's work.
• Engage with the board, audit committee, investors, or regulators directly.
• Set risk appetite, policy positions, or escalation thresholds.
• Lead investigations, incident response, or audit findings — those stay with the relevant specialist function.
• Own clinical governance, ISO standards, GDPR decisions, regulatory submissions, or AI Act compliance — Quality, IS/IT, DPO, Regulatory Affairs, and AI Governance respectively - we have lean teams for that. 
• Negotiate contracts or interpret legal positions — General Counsel do that. 

Person Specification

Essential

• 5+ years in a risk or compliance role in healthcare, life sciences, medtech, or clinical services
• Comfortable as a coordinator across senior functional leads — chases, collates, follows up without needing to escalate everything.
• Can hold ten live workstreams without dropping items.
• Experience with enterprise risk registers and reporting to senior stakeholders
• Discreet — handles sensitive insurance, incident, and commercial data appropriately.
• Demonstrated ability to manage complex, multi-stakeholder workflows independently
• The judgment to distinguish what matters from what doesn't. And the confidence to act on it
• Discretion with sensitive commercial and operational data
  
• Demonstrable experience running multi-stakeholder operational workflows to deadline.
• Highly organised. Detail-oriented. Calendar-driven.

Desirable

• Experience owning or contributing to a critical supplier or third-party risk programme, including dependency mapping and resilience assessment.
• Exposure to vendor risk management, ESG data coordination, or incident reporting workflows in a regulated environment.
• Working familiarity with GDPR, ISO 27001, MDR/IVDR, CLIA/CAP — enough to coordinate with specialists, not to own the domain.
• Multi-entity, multi-jurisdiction group experience.

• Familiarity with ESG data frameworks and reporting obligations

What Good Looks Like Here

• You do not need to be an expert in everything this role touches.
•  ESG and insurance are learnable, we know that, and we will support you.
• What cannot be trained is the ability to look at a list of 50 risks across five teams and know instinctively which three actually need attention.
•  That judgment, combined with the drive to do something about it, is what we are hiring for.
• We need someone who understands the rules well enough to know when to break them — not someone who hides behind a process, and not someone who ignores it.
• Your Operationally relentless, organised, methodical, deadline-driven.

• Strong written communicator for diligence responses, audit packs, and broker submissions.
  

One last thing.

• We review every application personally. A generic CV sent to twenty companies will not get you an interview here. 
• Take the time to show us — specifically — how your background maps to what this role asks for. (customize it) 
• That kind of thinking is exactly what we're looking for. 

What the role offers you 

• A defined operational mandate with the CRCO setting direction.
• Hands-on exposure across insurance, vendor risk, ESG, and Group-wide compliance coordination.
• Competitive salary and benefits.

What are the benefits of working with Deciphex? 

• Work from Home options
• A true sense of meaning in your work by contributing to better patient outcomes. 
• The opportunity to work alongside a world-class high performing team in a hyper-growth startup environment.
• A chance to work on exciting and challenging unique projects. 
• Regular performance feedback and significant career growth opportunities.
• Competitive salary with performance based annual increments.
• A highly collaborative and supportive multi cultural team. 

About us; 

Through the work that we do, the team at Deciphex helps pharma to accelerate the process of essential drug development and helps cancer patients get timely and accurate diagnosis. 

Founded in Dublin in 2017, Deciphex has scaled rapidly to a team of over 230 people and counting who are providing software solutions to address the pathology gap in research pathology and clinical areas. We have offices in Dublin, Exeter & Oxford (England), Chicago and Toronto and are expanding our team throughout the world. 

We are software developers, clinical specialists, AI engineers, operations professionals and so much more, all working as one team to support our customers and patients. 

We are looking for highly motivated & individuals who are excited to take on challenges and value making a difference in their day-to-day work to join our team! 

Read more about Deciphex here and more about our incredible team on our Careers Page here 

Deciphex is an equal opportunities employer and we are committed to the principle of equality. All qualified applicants will be considered for employment without regard to age, race,  religious beliefs, political views, gender identity, affectional or sexual orientation, national origin, family or marital status (including pregnancy), disability, membership of the traveling community or any other classification protected by applicable law.

A copy of our Privacy Policy can be viewed here