REQ-10008929
Jun 10, 2024
India

Summary

1,000+ business associates in 4 countries including a Novartis Global Service Center, should be on an attitude that embraces roll out of the latest security technology initiative and practices and protects Novartis Information. Together with you, we will continue to drive this shift with the efficient process and sustainability of our Novartis Information Management Framework (IMF) and awareness campaigns. The role will partner with senior IT and Business leads to implement and support a broad range of Information Security and Compliance (ISC) topics, specifically SOX IT General Controls (ITGC) related compliance activities, as well as broader areas of information security, compliance and/or information risk management.

About the Role

Your Responsibilities:

  • Lead SOX ITGC related compliance activities within the IT function in partnership with IT and business customers. Provide guidance to IT control owners w.r.t. SOX ITGCs, coordinate SOX program efforts within the IT function, as well as demonstrate leadership in enhancing the existing processes and capabilities so that it strengthens the overall compliance posture.

  • Ensure functional IT asset risks are managed in line with ISC strategy, the policy framework, laws and regulations and outstanding industry standards.

  • Ensure monitoring of information risk and proactive mitigation of issues - may deliver global information governance programs, e.g. risk management processes, information security awareness programs, data classification, storage and transmission guidelines, audit coordination and management, or development and maintenance of the Information Management Policy Framework.

  • Manage an ISC functional engagement and partnership organization that can Identify IT function and business demands, advice business, and IT functions (whether in projects or operationally) on information security, IT compliance and / or information risk management matters.

  • Ensure role, accountability, and responsibility of ISC is known and understood with IT Function. Vice versa, establishes clear accountability of the “first layer of defense” with IT and business, such that security and IT compliance accountability is not abdicated to ISC (which should have a “2nd layer of defense” role).

  • Lead all aspects of and pushes for remediation of threats, vulnerabilities, and risks in the ISC risk register in the IT function.

  • Identifies points of improvement or gaps in the service delivery of the central ISC teams (the Compliance Services) and works together with the central ISC Compliance Services to resolve them.

  • Systematically supports implementation and monitoring of the ISC Policy Framework on Information Technology and Operational Technology assets within the IT functions and Business organization.

  • Establish governance to ensure integrity, confidentiality and availability of information owned, controlled or processed by the Novartis organization.

  • Guide the team on information security and risk management, support global programs according to the program related roles and responsibilities for ISC; support business partners in audits in case of Business Information Management topics as well as IT audits within in scope areas; support security incidents following global guidelines and processes.

 What you’ll bring to the role:

  • University degree in business/ technical/ scientific area or comparable education/ experience.

  • Experience with quality guidelines and regulations (GxP).

  • Experience with IT operations and/ or governance, specifically w.r.t. SOX ITGCs.

  • Professional information security certification, such as CISSP, CISM or ISO 27001 auditor/ practitioner.

  • Professional (information system) risk or audit certification such as CIA, CISA or CRISC.

  • Proficient in English (written and spoken).

  • Over 10 years of experience in business information security and compliance; risk management; audit management, information governance and management.

Why Novartis? Our purpose is to reimagine medicine to improve and extend people’s lives and our vision is to become the most valued and trusted medicines company in the world. How can we achieve this? With our people. It is our associates that drive us each day to reach our ambitions. Be a part of this mission and join us! Learn more here: https://www.novartis.com/about/strategy/people-and-culture

You’ll receive: You can find everything you need to know about our benefits and rewards in the Novartis Life Handbook. https://www.novartis.com/careers/benefits-rewards

Commitment to Diversity and Inclusion: Novartis is committed to building an outstanding, inclusive work environment and diverse teams' representative of the patients and communities we serve.

Join our Novartis Network: If this role is not suitable to your experience or career goals but you wish to stay connected to hear more about Novartis and our career opportunities, join the Novartis Network here: https://talentnetwork.novartis.com/network

Why Novartis: Helping people with disease and their families takes more than innovative science. It takes a community of smart, passionate people like you. Collaborating, supporting and inspiring each other. Combining to achieve breakthroughs that change patients’ lives. Ready to create a brighter future together? https://www.novartis.com/about/strategy/people-and-culture

Join our Novartis Network: Not the right Novartis role for you? Sign up to our talent community to stay connected and learn about suitable career opportunities as soon as they come up: https://talentnetwork.novartis.com/network

Operations
CTS
India
Hyderabad (Office)
IN10 (FCRS = IN010) Novartis Healthcare Private Limited
Full time
Regular
No
Apply to Job
careers default image
REQ-10008929

Associate Director - ISC APD

Apply to Job
Operations India