Director of Governance, Risk, and Compliance (GRC)

Build a career powered by innovations that matter!  At Novanta, our innovations power technology products that are transforming healthcare and advanced manufacturing—improving productivity, enhancing people’s lives and redefining what’s possible.  We create for our global customers engineered components and sub-systems that deliver extreme precision and performance for a range of mission-critical applications—from minimally invasive surgery to robotics to 3D metal printing.

Novanta is one global team with over 26 offices located in The Americas, Europe and Asia-Pacific.  Looking for a great place to work?  You have found it with a culture that embraces teamwork, collaboration and empowerment.  Come explore Novanta.

Company Overview

Build a career powered by innovations that matter.  At Novanta, our innovations power technology products that are transforming healthcare and advanced manufacturing—improving productivity, enhancing people’s lives and redefining what’s possible.  We serve as a trusted technology partner to medical and advanced industrial original equipment manufacturers (OEMs) worldwide, engineering components and sub-systems that deliver extreme precision and performance for a range of mission-critical applications—from minimally invasive surgery to robotics to 3D metal printing.

Novanta is a global organization with offices located throughout EMEA, The Americas and Asia Pacific.  Novanta is a publicly traded company on NASDAQ under symbol NOVT.

Business Unit Overview

This position is part of Novanta’s Corporate and Shared Services global teams.  Novanta’s Corporate and Shared Services teams play an important role in executing the company’s strategic mission and operations. Included in Corporate and Shared Services are the business functions including Finance, Accounting, Human Resources, Information Technology, Legal, Compliance, Corporate Development and Corporate Marketing.  The Corporate and Shared Services teams work closely with all Novanta business units to support operating initiatives contributing to the organization’s financial success.

Summary

We are seeking a highly skilled and experienced Governance, Risk, and Compliance (GRC) Leader to join our dynamic team. The GRC position will play a critical role in ensuring that our organization adheres to all regulatory requirements, mitigates risks, and maintains a robust compliance framework.

Primary Responsibilities

• Governance: Develop, implement, and maintain governance frameworks, policies, ISO, and procedures to ensure compliance with all relevant regulations and standards.
• Risk Management: Identify, assess, and mitigate risks across the organization. Conduct regular risk assessments and develop strategies to manage and reduce risks.
• Compliance: Monitor and ensure compliance with all applicable laws, regulations, ISO and industry standards. Conduct internal audits and reviews to ensure adherence to compliance policies.
• Stakeholder Engagement: Work closely with internal and external stakeholders, including regulatory bodies, auditors, and legal advisors, to ensure compliance and manage risks effectively.
• Policy Management: Develop and enhance enterprise-level security, risk, and privacy policies, processes, and controls to mitigate risk and ensure compliance with relevant laws and regulations.
• Subject Matter Expertise: Serve as the go-to expert for information security risk management principles and practices.
• Privacy Assessments: Conduct and advise on privacy impact assessments as needed.
• Develop and Implement Data Governance Policies: Create and enforce policies and procedures for data management, ensuring compliance with regulatory requirements and industry standards.
• Data Lifecycle Management: Establish processes for data classification, retention, and disposal, ensuring that data is managed effectively throughout its lifecycle.
• Data Governance Framework: Develop and maintain a data governance framework that outlines roles, responsibilities, and processes for data governance within the organization.

Required Experience, Education, Skills, Training and Competencies

• Bachelor’s degree in computer science, information management, security and engineering, or other related degree
•  Professional certification (e.g., CISA, CRISC, CISSP) is preferred.
• Minimum of 7 years of experience in governance, risk management, and compliance roles, preferably within a regulated industry.
• In-depth knowledge of regulatory requirements and industry standards (e.g., GDPR, ISO 27001, SOX).
• Strong ethical standards and a commitment to maintaining confidentiality and integrity in all activities.
• Strong analytical and problem-solving skills, with the ability to assess complex issues and develop effective solutions.
• Strong understanding of data governance principles, data quality management, data stewardship, and data lifecycle management.
• Excellent communication and interpersonal skills, with the ability to influence and collaborate with stakeholders at all levels.
• Proven ability to manage multiple tasks and projects simultaneously, with keen attention to detail.

Travel Requirements  

• As needed for projects, estimated at 15%

Physical Requirements

• Mobility to work in a standard office setting and to use standard office equipment, including a computer.
• Ability to use vison to read computer screen and read printed materials

Novanta is proud to be an equal employment opportunity and affirmative action workplace. We consider all qualified applicants without regard to race, color, religion, sex (including pregnancy), sexual orientation, gender identity or expression, national origin, military and veteran status, disability, genetics, or any other category protected by federal law or Novanta policy.

Please call +1 781-266-5700 if you need a disability accommodation for any part of the employment process.