Job Description
5 Petabyte of data hosted, 49 countries supported, 15000 servers and thousands of devices to connect locations and businesses.
Information is clearly one of Novartis` most valuable asset.
In ISRM (Information Security and Risk Management), we implement and maintain solutions that secure the Novartis environment, protect our data and provide the necessary control framework to enable compliance with the various regulations associated with the healthcare industry.
105,000 outstanding individuals work with Novartis all with different needs and aspirations. Aligned to a single inspirational purpose to reimagine medicine for millions of patients across the world.
Join us and directly contribute to Novartis vision to Reimagine Medicine.
Your responsibilities included but are not limited to :
.Lead project compliance work streams and responsible for end to end quality and compliance aspect of the project and validation work. Perform validation impact analysis and risk assessments, both high level and functional, to ensure requirements coverage.
.Author key validation work, provide GxP related validation expertise and partner with key business Partners (i.e. Manufacturing, Quality, Validation, Risk and Compliance, etc.) in defining the CSV strategy. Should be detailed with Document Management processes i.e. build, review, update and approve CSV work including Validation Assessment, Validation Plan, Test Plan, Qualification scripts (IQ, OQ, PQ), Test protocols and reports, Traceability Matrix and Validation Summary Report.
.Manages compliance of the system during its lifecycle, with regards to Regulatory and Novartis Internal Standards. This is performed through document reviews & coordination of various activities including testing, performing Project Tollgates etc., Experience of SDLC (Waterfall or Agile methodologies or DevOPS) and Accountable for tracking, supervising and controlling validation process to ensure timely and efficient delivery of the system to the business users.
.Provides compliance & risk management direction for IT projects, including the evaluation, implementation and monitoring of information security controls. Ensure compliance, records management and information risk management during IT projects, to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization.
.Chip in to business decisions in the definition and assessment of IT requirements. Work with business and IT partners to ensure Novartis practices are aligned with regulatory expectations and industry standard methodologies. Supports Audits, Inspections and Assessments performed by internal and external agencies.
.Evaluates the risks arising from control deficiencies, gaps and facilitates risk mitigation planning First point of contact for all quality related queries on the projects, follow up resolution of identified quality exposures and partner concern to line management if critical situations are not resolved in due course. Ensure adequate analysis have been performed for relevant testing conditions based on functional risk assessment, test overview list, test plan, test results, test deviations and change requests.
.Train and mentor the project team, as the need arises, on relevant project procedures, good documentation practice, good testing practice and CSV basics, where applicable Lead appropriateness of preparation and readiness of the project for handover of the system/processes to the operational organization together with the project managers.
.Identify and log issues found during validation execution, perform root-cause analysis to define corrective and preventive measures to be taken and work closely with relevant product teams to prioritize and supervise validation incidents to closure
Minimum requirements
.Bachelor’s degree in Engineering/ Sciences or relevant technical experience , 3 + years of working experience in IT Quality management / Information Security and Risk management / service delivery positions in regulated environment / pharma / life sciences
.Experience working within the guidelines provided by regulatory agencies such as FDA, MHRA, etc. on one or more of the following areas: CFR Title 21 (parts 11, 210, and 211), Annex 11, GAMP, V-Model, CAPA, GxP (GMP, GLP, GCP, GVP, etc.), ERES regulations and Computer Systems Validation (CSV) coupled with ability to apply the same. Knowledge on Waterfall, Agile and DevOps methodology.
.Familiar with compliance requirements (e.g. SOX, FDA/GxP, GQO, COBIT, Records Management, Privacy, Legal, BCM/Disaster Recovery). Proven understanding of Risk Management, Audit management and periodic or control maturity assessment. Should have adequate understanding on Change Management and Change Control Procedures, Deviation Handling, and CAPA management.
.Experience with cloud-based applications, Documentum, enterprise applications and Infrastructure services is a plus.
.Certifications in the area of Information security (e.g. CISA, CISSP, CISM etc.) , Regulatory areas would be added advantage.
.Able to challenge status quo or traditional approach and propose a risk based approach keeping in mind both agility and quality. Risk management background with experience in risk management related roles.
Why consider Novartis
799 million. That’s how many lives our products touch. And while we’re proud of that fact, in this world of digital and technological transformation, we must also ask ourselves this: how can we continue to improve and extend even more people’s lives
We believe the answers are found when curious, courageous and collaborative people like you are brought together in an inspiring environment. Where you’re given opportunities to explore the power of digital and data. Where you’re empowered to risk failure by taking smart risks, and where you’re surrounded by people who share your determination to tackle the world’s toughest medical challenges.
Imagine what you could do at Novartis!


Source link