Compliance Questionnaire Manager

About Chemaxon

Chemaxon is an industry-leading cheminformatics software company helping early-stage drug discovery and chemistry research for more than 25 years. Our clients are top pharmaceutical companies, innovative biotech startups, and leading academic institutions. 
We are agile, innovative and friendly, offering compelling opportunities for frequent collaboration and cross-training with teammates and stakeholders

We have been acquired by Certara, a US-based model-informed drug development services and software company. We are in an exciting time of organizational and business growth, so now is the perfect time to join our team!

Certara is a growing company that provides a dynamic and exciting place to work. Our purpose is to assist in accelerating the development of meaningful medicines that make an impact on our society and the people that need them most. Innovation and creativity are highly valued, and everyone is given the opportunity for training and continuous development. Our portfolio spans the discovery, preclinical, clinical and post-marketing phases of drug development, working with 1,200 commercial companies, 250 academic institutions, and numerous regulatory agencies.

About the role

As a Compliance Questionnaire Manager in the Compliance Standards & Data Privacy organization within Certara, you are part of a global, fast-paced IT organization with the primary mission to provide capable & resilient world class oversight and guidance to professional services, software, and corporate business units ensuring our team members have the ability to perform as the highest level in service of our customers.

The Compliance Standards & Data Privacy function relies on experience and judgment to plan and accomplish goals through implementation of GRC best practice methodologies, governance, and tooling. The Compliance Questionnaire Manager role will lead the completion and management of compliance-related questionnaires, security assessments, and due diligence requests from clients, partners, and regulatory bodies. This role will be responsible for ensuring timely, accurate, and consistent responses that align with industry standards, regulatory requirements, and company policies.

The ideal candidate will have strong compliance expertise, excellent project management skills, and the ability to collaborate across departments.

The role requires understanding of consulting services & software organizations as well as internal corporate functions.

About the team

• Oversee the intake, prioritization, and completion of compliance questionnaires, security assessments, and vendor due diligence requests
• Develop and maintain a centralized repository of compliance responses to ensure consistency and efficiency
• Collaborate with internal teams, including Legal, IT Security, Risk, and Operations, to gather and verify information
• Ensure responses align with regulatory frameworks such as GDPR, HIPAA, SOC 2, ISO 27001, PCI DSS, and other relevant compliance standards
• Continuously improve response processes, leveraging automation tools and best practices to enhance efficiency
• Identify compliance gaps or risks and work with leadership to develop mitigation strategies
• Track, analyze, and report on compliance questionnaire trends to inform risk management strategies
• Train and mentor team members on best practices for responding to compliance questionnaires and security assessments
• Support internal and external audits by providing relevant compliance documentation

Experience, skills and knowledge you should bring to us

• 5+ years of experience in compliance, risk management, legal, or a related field
• 5+ years of experience in a technical role (IT or software development) preferred in Healthcare Industry
• Strong knowledge of compliance frameworks such as GDPR, HIPAA, SOC 2, ISO 27001, and NIST
• Experience managing compliance questionnaires, security assessments, and vendor risk evaluations
• Excellent project management skills with the ability to manage multiple priorities and deadlines
• Strong written and verbal communication skills, fluency in English
• Experience with governance, risk, and compliance (GRC) platforms and methodologies

What we offer

• Hybrid-way of working (8 days/month home office)
• Private health insurance (Medicare)
• Daily entry into Life1 Fitness Clubs
• Generous annual training budget supporting your professional development (off-site training, international conferences, e-books)
• We work with global Top500 companies (R&D) and leading academic institutions, giving you a chance to gain insights into these dynamically evolving industries.
• Inspiring working environment - leisure and recreation area, playing corner for children, English lessons, yearly user conference with social programs, innovation days 
• You will be a valued member of a creative and supportive agile team 
• Everyday use of English in a multicultural environment