IT Risk & Compliance Senior
Job Title: IT Risk & Compliance Senior
Languages: French, English
Purpose of the Mission
Ensure that computerized systems supporting business processes subject to regulations are validated in proportion to their potential risk to confidentiality, integrity and availability of data.
Primary Tasks & Responsibilities
• Identify and evaluate controls that ensure computerized systems to comply with regulatory and security requirements.
• Determine the most appropriate approach to validate computerized systems and identify any necessary risk mitigation measures.
• Write reports to describe risk assessment outcomes and validation strategies to allow decision-making.
• Monitor the efficiency and effectiveness of IT internal controls.
• Promote education on computer software assurance and security risk & controls.
• Act as a champion to promote the IT internal control framework.
• Assist the Tech Security & Risk partner in internal audits and regulatory inspections.
Experience, Knowledge & Soft Skill Requirements
• More than 3 years of experience in SOX404 or IT audit and 3 years+ of experience in computer system validation.
• Excellent understanding of IT and computer software assurance processes and related risks.
• Excellent report writing and communication skills and problem-solving.
• Good understanding of Pharmaceutical, SOX404 and international security standards.
• Experience to work with little supervision (incl. issues escalation to manager where appropriate).
Education, Methodology & Certification Requirements
• Master degree in IT audit. Other degrees are acceptable with appropriate education, training and/or experience indicating a sound understanding of IT processes, risks and controls.
• Certification in computer system validation and IT audit.
Language Proficiency Requirements
• English – Fluent (written and verbal)
• French – Good understanding (verbal)