Assoc. Dir. DDIT ISC Gov GxP Assessments

Job Description Summary

The Associate Director - IT Control Assessments is responsible for ensuring the compliance and monitoring of GxP Applications, leading a team to deliver IT Compliance Services, and managing stakeholder relationships effectively. This role requires a strategic mindset to identify control gaps and potential risks, recommend remediation actions, and ensure timely resolution while adhering to security and compliance policies.

 

Job Description

Major accountabilities:

• Ensure security risks are managed in line with ISC strategy, the policy framework, laws and regulations and best in class industry standards

• Collaborate with business to understand threats and ensure Novartis most critical business processes and data is protected.

• Ensure implementation of the information management framework to safeguard the integrity, confidentiality and availability of information owned, controlled or processed by Novartis.

• Deliver effective security training and awareness programs and coordinate delivery across functions and countries.

• Perform assessments and verification of achieved quality levels and risks in respect to external legislative and regulatory requirements, as well as internal policies

• Manage relationships at a functional level across divisions, countries and DDIT

• Establish close collaboration with stakeholders to facilitate alignment with policies, risks as well as internal and external audits.

• Monitor adherence of the defined governance principles to ensure expected value is delivered

• Take responsibility to ensure adherence with Security and Compliance policies and procedures within Information Management Policy scope

Key performance indicators:

• Effectiveness of oversight and leadership around information security risk and compliance activities.

• Transparency level of risks across the enterprise.

• Governance elements and principles established and enforced with high efficiency and effectiveness.

• Levels of collaboration/working relationship achieved with enterprise senior management.

Minimum Requirements:
Work Experience:

• Master’s degree in science, technology, or business (or comparable)

• 10+ years professional experience in Information Security, IT Quality and/or Compliance; Big 4 experience is a plus.

• Experience with IT compliance & risk management such as SOX IT, GxP / e-compliance, Data Privacy or IT Security; Professional certifications like CISA, CISSP, CISM are a plus.

• Leadership and management experience acquired with global cross-cultural teams.

• Business risk management: Ability to understand business priorities and aligning needs with Novartis risk appetite. 

• Collaboration: Good ability to handle competing priorities, and seeking consensus when parties have different/contradicting opinions. Is perceived as a teammate.

• Communication: Excellent written and verbal communication skills; interpersonal skills and ability to professionally handle sensitive matters with high integrity.

Skills:

• Strong leadership and team management skills.

• Excellent stakeholder management abilities.

• In-depth knowledge of GxP Applications and compliance requirements is desirable

• Business Partnering.

• Communication Skills.

• Cyber Security.

Why Novartis? Our purpose is to reimagine medicine to improve and extend people’s lives and our vision is to become the most valued and trusted medicines company in the world. How can we achieve this? With our people. It is our associates that drive us each day to reach our ambitions. Be a part of this mission and join us! Learn more here: https://www.novartis.com/about/strategy/people-and-culture

You’ll receive: You can find everything you need to know about our benefits and rewards in the Novartis Life Handbook. https://www.novartis.com/careers/benefits-rewards

Commitment to Diversity and Inclusion: Novartis is committed to building an outstanding, inclusive work environment and diverse teams' representative of the patients and communities we serve.

Join our Novartis Network: If this role is not suitable to your experience or career goals but you wish to stay connected to hear more about Novartis and our career opportunities, join the Novartis Network here: https://talentnetwork.novartis.com/network

 

Skills Desired

Business Partnerships, Communication, Cybersecurity, Influencing Skills, Information Security, IT Governance, Risk Management, Stakeholder Management