Job Description

About the roleLocation : #L1 HybridTogether with you, we will continue to drive this shift with the efficient process and sustainability of our Novartis Information Management Framework (IMF) and awareness campaigns. The role will partner with senior IT and Business leads to implement and support a broad range of Information Security and Risk Management (ISRM) topics including information security, compliance and/or information risk management. In this role, provide governance/risk advice and support for an IT functional team or lead all aspects of a specific governance/risk area globallyYour Responsibilities Include but are not limited to:

• Manage an ISRM Functional Engagement & Partnership organization serving as a single touch point for Risk Management and provide Risk Mitigation guidance to IT Function, Support IT Function in understanding the risk exposure and technical safeguards for IT Risk Management there by ensuring their compliance with Information Management Policy Framework.
• Ensure functional IT asset risks are managed in line with ISC strategy, the policy framework, laws and regulations and outstanding industry standards.
• Ensure compliance to information governance within projects & operations of IT function / business organization
• Strong knowledge of internal controls and internal risk and control frameworks/standards or development and maintenance of the Information Management Policy Framework
• Provide governance/risk advice & support for associates in an IT function or support delivery of a specific governance/risk area or service globally
• Continuously monitor and analyze risks of information assets and identify potential issues and support and track risk remediation activities based on agreed risk mitigation solutions.
• Analyze impact of new technologies and regulatory changes on information security considering Cyber Security and Data Privacy Acts, Laws, and Regulations
• Develop governance dashboards and reports showcasing IT Risk management improvements at the function level.

Role Requirements

• 8-10 years of experience in Business Information Security and Compliance; Information Governance and Management; IT Risk management; Audit management.
• Experience with Good Practice Quality guidelines and regulations (GxP)
• University degree in business/technical/scientific area or comparable education/experience
• Any one of the professional Information Security certifications (preferred), either from ISACA like CISM, CRISC, CISA and/or ISC2 like CISSP, CCSP, etc.
• Experience in stakeholder management (Senior Business Execs, IT Site Heads, etc.)

Why Novartis: Our purpose is to reimagine medicine to improve and extend people\'s lives and our vision is to become the most valued and trusted medicines company in the world. How can we achieve this? With our people. It is our associates that drive us each day to reach our ambitions. Be a part of this mission and join us! Learn more here: https://www.novartis.com/about/strategy/people-and-cultureYou\'ll receive: You can find everything you need to know about our benefits and rewards in the Novartis Life Handbook. https://www.novartis.com/careers/benefits-rewardsCommitment to Diversity and Inclusion:
Novartis is committed to building an outstanding, inclusive work environment and diverse teams\' representative of the patients and communities we serve.Join our Novartis Network: If this role is not suitable to your experience or career goals but you wish to stay connected to hear more about Novartis and our career opportunities, join the Novartis Network here:
https://talentnetwork.novartis.com/networkFunctional AreaTechnology TransformationDivisionOperationsBusiness UnitDATA, DIGITAL & ITEmployment TypeRegularCommitment to Diversity & Inclusion:We are committed to building an outstanding, inclusive work environment and diverse teams representative of the patients and communities we serve.Shift WorkNoEarly TalentNo

Novartis