Information, IT Security & Risk Manager

Job Description

Send me Jobs like this
        Primary role focus is to ensure riskmanagement

is performed w

        ithin CommercialIT

according to IGM Policy Framework. Ensure through advise and outlining risk that information and


systems are adequately protected against unauthorized disclosure (confidential

        ity), unauthorized alteration (integrity), unavailability (availability) and any non-compliance related to information orIT


        ity and risk management. Proactively work with relevant stakeholders to ensure implementation of and compliance with the IGM Policy Framework, as well as legal and regulatory requirements for information management



in regards of Information and 



        ity matters. Ensure that the Information and IT


        ity risks of Commercial IT

are tracked and managed on a global level. Rollout IGM secur

        ity related activities according to the Global IGM strategy in alignment with the Commercial IT

Leadership Team and relevant business stakeholders (e.g. QA, Legal, Finance, etc.). Facil

        itate the preparation and follow-up on internal and external audit. Coordinate, where required, security incidents within the Commercial IT. Coordinate data privacy related matters, including data security, with the relevant data privacy officers. Act as an interface with the Global IGM for all CommercialIT

Information and



        ity & RiskManagement

related matters. Be enabler for innovation and new technology solutions to increasevalue propos

      ition towards business growth.
        Takes a key role in the execution of the following key IGM activities within the CommercialIT: Support Information inventorymanagement

(including identification of the classification of the information types). Completion of HLCCDs in


projects. Operational Information and



        ity and risk IGM guidance towardsIT

teams and supporting the development and delivery of related trainings. Supports the creation of and reviews relevant


Standard Operating Procedures (SOPs) to ensure they meet IGM requirements. Guidance and support in the remediation after assessments, aud

        its or other activities that identified a control gap. Supports, provides advice in CommercialIT

third party secur

        ity risks assessments and suggests potential mitigation strategies to reduce security exposures. Guidance and support for CommercialIT

teams in their



        ity andIT

compliance related activ

        ities and initiatives. Supports, where assigned (advise, facilitate, manage) the CommercialIT

project teams w

        ith allIT


        ity andIT

compliance aspects and operationally assist to ensure all change and project steps are taken in a compliant manner. IGM exception

        managementprocess (i.e. being responsible for assessing, approving exceptions within the CommercialIT). Support or coordination in the roll-out of Global IGM efforts. Facilitation and collaboration with other IGM teams that have a checker role. Support and facilitation of audits and assessments related to IT

compliance, information /



        ity and information management. Collaborate – where assigned – with Country IGM Managers in their local country IGM activities (e.g. support Think First roll out on a site). Weigh off the risks versus potential business benefits of innovation and new technologies applied in the commercial landscape and define appropriate level of control, while enabling business to take maximum benefit

of such new trends. Systematically supports implementation of the Novartis IGM Policy Framework w

        ithin the CommercialIT: Supports and guidesIT


        ity related activities within the CommercialITManages and reports Information andIT

risks per the IGM Policy Framework w

      ithin the CommercialIT:

Salary:Not Disclosed by Recruiter

Industry:Pharma / Biotech / Clinical Research

Functional Area:IT Software – Network Administration , Security

Role Category:Admin/Maintenance/Security/Datawarehousing



IT SecurityRisk Managementdata securityIT Security ManagerIT Risk ManagerSOX IT compliance

Desired Candidate Profile


UG:Any Graduate – Any Specialization

PG:MBA/PGDM – Any Specialization, M.Tech – Any Specialization, Any Postgraduate – Any Specialization

Doctorate:Doctorate Not Required

        Essential: University master level degree in business/technical/scientific area or comparable education/experience Desirable: Professional information security certification, such as CISSP, CI English Essential Over 2 years of professional experience in a similar or related role. Experienced Information Security Officer,IT


        ity Manager,IT Risk Manager or similar; Over 2 years of professional experience in risk management. Over 4 years of hands on technical experience as system administrator, system engineer, software developer or similar Understanding of general privacy requirements in an IT

context. Experience in 



        ity advisory and vulnerability management. Desired Experience in reporting to and communicating with non-IT

stakeholders on information risk topics. Experience w

        ith SOXIT

compliance requirements.

Company Profile:

Novartis Healthcare Pvt. Ltd.

A global healthcare leader, Novartis has one of the most exciting product pipelines in the industry today. A pipeline of innovative medicines brought to life by diverse, talented and performance driven people. All of which makes us one of the most rewarding employers in our field.
View Contact Details

Recruiter Name:HR

Reference Id:171048BR