Souhrn
About the Role
Major accountabilities:
Providing in depth expertise about security principles and ensuring controls are included as technical requirements
Advising peer architects and technologists on approved security patterns and practices
Reviewing and challenging defined IT security related internal standards for the ongoing improvement of Novartis policies and procedures
Acting as a single point of contact, collaborating closely with other Security Architects and IT Architects on IT security related matters
Promoting our IT Security culture within the business and application management team and building an external network regarding IT security relevant to the business function
Defining pragmatic solutions and recommending alternatives that meet or exceed security requirements
Performing risk/threat assessments of all IT project related to the function and reporting on the security status of projects
Managing a pool of external security and solution architects assigned to our portfolio
Managing prioritization of security assessment for the function, working with our application security risk assessment pool for low impact projects
Minimum Requirements:
Work Experience:
Degree in a business/technical/scientific area or comparable qualifications/experience
5 years of Information Security management or IT security expertise
Expert knowledge of enterprise IT infrastructure technology, systems, vulnerability management, and organisational change processes, especially in large scale implementations
Demonstrated experience of effectively engaging with senior business leaders across a matrixed environment
Familiarity with frameworks such as COSO, ISO 2700x, CobiT, NIST, SOX, GDPR
Knowledge of OWASP, SDLC, encryption, identity and access management, data integrity and other related secure software design methodologies
Nice To Have:
Professional information security certification, such as CISSP, CISM or ISO 27001 auditor / practitioner is preferred. Professional (information system) risk or audit certification such as CIA, CISA or CRISC is preferred
CSSLP, GSSP, ECCSP, CASS
Languages :
Proficiency in English (oral and written) .
Why Novartis: Helping people with disease and their families takes more than innovative science. It takes a community of smart, passionate people like you. Collaborating, supporting and inspiring each other. Combining to achieve breakthroughs that change patients’ lives. Ready to create a brighter future together? https://www.novartis.com/about/strategy/people-and-culture
Join our Novartis Network: Not the right Novartis role for you? Sign up to our talent community to stay connected and learn about suitable career opportunities as soon as they come up: https://talentnetwork.novartis.com/network