REQ-10010570
Jun 06, 2024
Mexiko
Summary
-Lead ISC compliance for a function or area of significant technology depth. Ensures the function can satisfy the governance and risk compliance requirements of the organization and/or projects
About the Role
Major accountabilities:
This role is responsible for the information management and compliance of the DDIT United States and International (US&I) business enablement function. Oversee related projects and manage assigned resources and PMs. Act as Single Point of Contact (SPOC) for ISC. Ensure proper transition of activities in operation when required.
- Systematically supports implementation and monitoring of the ISC Policy Framework within the IT Functions and Business organization.
- Drives the implementation of the Policy Framework with the IT Function
- Ensures usage of the methodology, services, tools and templates provided by the central ISC teams.
- Ensures that key aspects of the ISC strategy as well as key ISC messages get communicated and distributed within the function.
- Act as single point of contact for the US&I DDIT group in all the matters related to Compliance/Security
- Assign ISC resources to the projects, prepare the project charters/capital requests, define resources required to execute
- ISC Escalation point for any project associated to US&I Division
Key performance indicators:
- Effective management of information risk and compliance status leading to reduced critical audit findings for a function or technology stack.
- Level of maturity of controls in projects and operations.
- Applications and projects are secure and compliant at launch .
Minimum Requirements:
Education:
- University working and thinking level, degree in business/technical/scientific area or comparable education/experience.
Experience:
- 10+ years of working experience, six or more working in an information security and/or compliance position.
- Three or more years’ experience leading a team of five or more individual
Desirable:
- Professional information security certification, such as CISSP, CISM or ISO 27001 auditor / practitioner
- Professional (information system) risk or audit certification such as CIA, CISA or CRISC
- Healthcare or Pharmaceutical Industry experience is Highly valuable.
Skills:
- Communication Skills.
- Governance Risk Management And Compliance (Grc).
- Influencing Skills.
- IT Governance.
- People Management.
- Quality Assurance.
- Senior Stakeholder Management.
Languages :
- English.
Why Novartis: Helping people with disease and their families takes more than innovative science. It takes a community of smart, passionate people like you. Collaborating, supporting and inspiring each other. Combining to achieve breakthroughs that change patients’ lives. Ready to create a brighter future together? https://www.novartis.com/about/strategy/people-and-culture
Join our Novartis Network: Not the right Novartis role for you? Sign up to our talent community to stay connected and learn about suitable career opportunities as soon as they come up: https://talentnetwork.novartis.com/network
Operations
CTS
Mexiko
INSURGENTES
MX06 (FCRS = MX006) Novartis Farmacéutica S.A. de C.V.
Full time
Regular
No
