Description
Skills:
- Monitor and Support adherence to information security, risk and compliance requirements.
- Analyse and facilitate right risk quantification with multiple stakeholders, so that right actions get triggered and escalate as necessary
- Ensure quality and compliance to information governance with operations of IT function
- Oversee and get remediated as needed quality of operational documents, records and trainings for supported IT function/business organization
- Ensure and facilitate identification of quality and compliance issues, gaps/risks and violations, and raising of Exceptions and Deviations
- Ensure quality and compliance to information governance with projects and Operational Projects of IT function.
- Guide project teams/PQMs to assess potential security and compliance risks,
- Facilitate identification of gaps/risks that are beyond scope of Projects/Ops activity
- Monitor Quality of output from Compliance and Security Services and provide feedback and track to closure or escalate through risk register
- Support implementation and monitoring of the Information Governance Framework within IT function to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the company
- Guide and facilitate usage of various ISRM services, eg SME guidance, Control Maturity Assessment, Security Risk Assessment, Penetration Testing, Third Party Assessment, etc.
Summary:
- At least 12 years of IT infrastructure as well as 6 years of ISRM (Information Security Risk Management) experience
- Solid background in Information and IT Security, and Risk Management
- Experience in Security Governance, Operations and Audit, Vulnerability and Risk Assessment, Information Security Controls,
- Proven experience within IT General Controls, Security Exception & Deviation, Vendor Security Management
- Experience in PMP, GxP, SOX, CISSP, CISA, Sec Architecture, HIPAA and other regulations affecting pharma industry. To be a leader, able of delivering/getting delivered under demanding timelines
- Demonstrated leadership skills with the ability to engage geographically or functionally dispersed teams
- Fluency in English (spoken and written)