Enterprise Security Architect – Data Protection

Job Description Summary

Enterprise Security Architect – Data Protection

Location: Tel Aviv (Israel), Barcelona or Madrid (Spain), Warsaw (Poland), Hyderabad (India)

About the Role:

The Enterprise Security Architect – Data Protection will be responsible for safeguarding the organization data and technology assets by designing and implementing robust security solutions. He will collaborate with various stakeholder and technical roles, assess risks, and ensure effective data protection across both on-premises and cloud environments.

This role requires close collaboration with Enterprise Architects and Functional Security Architects to ensure a holistic approach to security across the organization. The successful candidate will be a strong communicator with deep technical skills and, more importantly, a pragmatist who can think outside the box. The individual must be highly collaborative as they will need to influence functional leadership, project and application managers, architects, engineers and developers.

 

Job Description

Key Responsibilities:  

• Define objectives, technical work, and timeline for developing data protection architectures, roadmaps, and requirements, while developing and maintaining security architecture and identifying design problems within the data protection domain

• Develop and enforce security policies and procedures related to data protection across Novartis businesses to meet business and regulatory requirements

• Design security measures and overall data protection architecture for the IT landscape in line with the ISC policy framework

• Support data protection projects from evaluation to implementation and assist the delivery of the operational model

• Develop and maintain relationships with key stakeholders and vendors

• Provide ongoing support to maintain the data protection domain’s effectiveness and efficiency by defining, delivering, and supporting strategic plans for implementing information technologies

• Research and evaluate new data protection technologies, support the direction of technological research by learning the organizational goals, strategies and business drivers

• Design and maintain architecture views, models, and target architectures, create architectural description including reasons for architectural decisions and considerations

• Responsible for architecture in IT solutions with great impact for the business strategic projects or programs

• Break down the strategic objectives to requirements on the solution portfolio and target architecture, and make strategic technology choices, directly supervising the quality of designs and implementation inside and between components

• Work with improvements, by participation in the development, of the architectural principles, processes, and standards

• Secure and support the overall architectural quality and perform validation and approval of Architecture artifacts

• Resolve cross-processes and cross-portfolio architectural concerns

Essential Requirements:

• University working and thinking level, degree in business/technical/scientific area or comparable education/experience

• CISSP and Security related certification from industry standard vendors or organizations

• 8+ years of IT experience, 5+ years as Data Protection security architect, 8+ years in Data Protection domain, with 5+ years of experience of working in or providing security services to a large enterprise like Novartis

• Exceptional understanding of other security domains like Digital Workspace, Network Security, Identity and Access Management, Microsoft365 services, SIEM, Vulnerability Management

• Good understanding and experience with Cloud vendor architecture and services.

• Experience in reporting to and communicating with senior level management (with and without IT background, with and without in-depth risk management background) on information risk topics.

• Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills.

• Exceptional understanding and knowledge of general IT infrastructure technology, systems and management processes

• Experience of sourcing complex IT services, working closely with vendors and making full use of their capabilities

• Proven experience to initiate and manage projects that will affect other divisions, departments and functions, as well as the corporate environment.

Desirable requirements

• Good understanding and experience with Enterprise Architecture Frameworks like TOGAF will be an added advantage.

• Professional information security certification, such as CISM or ISO 27001 auditor / practitioner is preferred. Professional (information system) risk or audit certification such as CIA, CISA or CRISC is preferred

​Commitment to Diversity & Inclusion:

We are committed to building an outstanding, inclusive work environment and diverse teams representative of the patients and communities we serve.

Why Novartis?
Our purpose is to reimagine medicine to improve and extend people’s lives and our vision is to become the most valued and trusted medicines company in the world. How can we achieve this? With our people. It is our associates that drive us each day to reach our ambitions. Be a part of this mission and join us! Learn more here: https://www.novartis.com/about/strategy/people-and-culture

Join our Novartis Network: If this role is not suitable to your experience or career goals but you wish to stay connected to learn more about Novartis and our career opportunities, join the Novartis Network here: https://talentnetwork.novartis.com/network

Accessibility and accommodation:
Novartis is committed to working with and providing reasonable accommodation to all individuals. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the recruitment process, or in order to receive more detailed information about the essential functions of a position, please send an e-mail to and let us know the nature of your request and your contact information. Please include the job requisition number in your message.

 

Skills Desired