Corporate IT
South San Francisco, California, United States

Associate Director, Compliance and Change - IT

At Lyell, our vision is to develop curative cell-based immunotherapies for solid tumor cancers. We have innovative science originating from our founder’s world class labs and a unique and disruptive approach to research and development. Our company is first and foremost focused on understanding the science. We are a learning organization, dependent on deep collaborative relationships between all of our colleagues, partners and founders. Our culture is based on Science, Respect, Collaboration and Courage and it reflects who we are and the environment we are creating.


We are seeking a deep subject matter expertise in IT SOX requirements, strong knowledge of the GMP space, experience with ERP systems and ITGC's and/or financial key controls and experience developing policy and process frameworks. The role is responsible for managing the compliance and change program for the IT organization and will develop and manage the governance structures for IT controls, as well as build a culture of continuous compliance with various standards (i.e. SOX, CCPA, GDPR, HIPAA). This role will also partner with multiple key stakeholders to report and grow the effectiveness of Lyell's compliance programs. 


  • Established a scalable and measurable governance structure that establishes compliance for all Lyell SOX Controls so that Lyell may be in a continuous state of audit readiness
  • Help prepare, conduct, and respond to internal and external audits
  • Ensure that all findings and deficiencies are remediated sufficiently
  • Draft, create and drive approval of all organizational controls
  • Develop and deliver training on process and procedures for IT change management
  • Measure and report on compliance program(s) against a clear set of KPIs and metrics
  • Review and record requests for change (RFCs)
  • Categorize change requests
  • Prioritize changes according to business objectives
  • Manage the transition of changes from the development team to operations
  • Accept or reject RFCs
  • Develop a strategy for CAB approvals in a dynamic environment
  • Coordinate the review of documentation related to changes (implementation and rollback plans, testing and validation plans)
  • Mediate conflicts related to the change schedule where necessary
  • Create and circulate the change schedule
  • Conduct Post Implementation Reviews (PIRs) after the implementation of changes
  • Maintain all change documentation (policies, procedures, templates, etc.)
  • Produce management reports
  • Maintain the IT Change Calendar and schedule all changes
  • Manage, coordinate, monitor, and report on compliance activities
  • Audit and manage the IT compliance processes as needed for additional compliance frameworks in order to assert IT controls are in compliance.
  • Play a key role in collaborating with other IT teams in ensuring the highest level of operational service delivery
  • Act as a focal point for all escalation and communication activities related to users and IT teams to ensure effective and efficient execution of compliance and change activities.
  • Highlight and escalate risk & issues to management


  • BA/BSc in Information Technology or related technical field with a minimum of 12 years’ experience; or
  • MBA or MSc in Information Technology or related technical field with a minimum of 10 years’ experience 


  • Experience creating and operating compliance governance structures and reporting status to executives
  • Experience with designing, implementing and operating IT General Controls (ITGC) for SOX
  • Experience creating and leading cross functional Change Advisory Boards (CAB) and Change Review Boards (CRB) as part of a larger change control and governance structure
  • Experience reviewing and collaborating on necessary changes to organizational processes, policies, and skills to support sustainable change.


  • Knowledge preparing for and participating in internal and external SOX audits of ITGCs
  • Proven ability maintaining a continuous state of audit readiness and the ability to demonstrate this readiness at any time through tracking and reporting of key metrics, quality checks or internal spot checks and audits
  • Skilled in creating custom change management solutions to lead change in complex transformation efforts
  • Excellent communication and training skills
  • Strong analytical skills, with application to change management measures and metrics
  • Proficiency with Microsoft Office Suite including Word, Excel, and PowerPoint, G-Suite
  • Strong understanding of the biotechnology/pharmaceutical industry
  • Ability to understand context, evaluate risk, and understand impact of change / challenge appropriately
  • Decision making and ability to clearly articulate decisions in a team environment
  • Demonstrated ability to execute projects and process improvement activities
  • Results oriented yet team player
  • Self-starter with ability to manage rapidly changing priorities and opportunities
  • Ability to analyze data trends and report/communicate appropriately
  • Strong organizational skills, ability to establish priorities, multi-task, handle competing priorities and follow through on all open items/tasks
  • Excellent understanding in IT service management (ITSM) with proven track record in establishing, managing IT change release processes and activities within a global/regional organization
  • Working knowledge and understanding in the full technology stack such as IT Infrastructure, Security, App/Dev, Cloud Models, and Technological Change
At Lyell, we believe that highest performing teams include people from a wide variety of backgrounds and experiences who respectfully challenge each other. We are committed to building an open, diverse and inclusive culture for all employees.
Lyell is proud to be an equal opportunity employer and does not discriminate on the basis of race, color, citizenship status, national origin, ancestry, sex, sexual orientation, age, religion, creed, physical or mental disability, medical condition, marital status, veteran status or any other characteristics protected under applicable federal, state and local laws.
The Company complies with all laws respecting equal employment opportunity and does not discriminate against applicants with regard to any protected characteristic as defined by federal, state, and local law.  This position requires you to work onsite at the Company’s facilities and the Company requires that all employees working in its facilities be fully vaccinated (except as required by applicable law).  Therefore, this position requires you to be fully vaccinated from COVID-19, subject to reasonable accommodations for medical or religious reasons, and/or as otherwise required by applicable law.  The Company considers you fully vaccinated once 14 days have passed since you received either the second dose in a two-dose COVID-19 vaccine series or a single-dose COVID-19 vaccine.  The vaccine must have been FDA approved, have emergency use authorization from the FDA, or, for persons fully vaccinated outside of the U.S., be listed for emergency use by the World Health Organization.”
We’ve learned from experience that some of the best people don’t always match our requirements perfectly - if you’re interested and think you could fit, please don’t hesitate to apply.
Apply Now