*summary*:
- support implementation of enterprise information security risk and control processes to protect patients and company information both internally and at third parties. -implement activities to establish security governance principles and processes across functions leveraging enterprise policies, awareness and training programs as well as in-country business partnering.
*about the role*:
*major accountabilities*:
- ensure security risks are managed in line with isrm strategy, the policy framework, laws and regulations and best in class industry standards -collaborate with business to understand threats and ensure novartis most critical business processes and data is protected.
- ensure implementation of the information management framework to safeguard the integrity, confidentiality and availability of information owned, controlled or processed by novartis.
- deliver effective security training and awareness programs and coordinate delivery across functions and countries.
- manage compliance with relevant country regulations.
- support software asset and records management governance and deliver services to support business operations as well as for mergers, acquisitions and divestitures.
- assess security risks around third parties and deliver services to reduce exposure -perform assessments and verification of achieved quality levels and risks in respect to external legislative and regulatory requirements, as well as internal policies -manage relationships at a functional level across divisions, countries and tt -establish close collaboration with stakeholders to facilitate alignment with policies, risks as well as internal and external audits.
- monitor adherence of the defined governance principles to ensure expected value is delivered -take responsibility to ensure adherence with security and compliance policies and procedures within information management policy scope
*key performance indicators*:
- effectiveness of oversight and leadership around information security risk and compliance activities.
- transparency level of risks across the enterprise.
- governance elements and principles established and enforced with high efficiency and effectiveness.
- levels of collaboration/working relationship achieved with enterprise senior management.
*minimum requirements*:
*work experience*:
- accountability.
- strategy development.
- influencing without authority.
- relationship management.
- collaborating across boundaries.
- interactions with senior management.
- experience working cross-functionally and trans-nationally.
*skills*:
- business partnering.
- communication skills.
- cyber security.
- influencing skills.
- information security.
- it governance.
- risk management.
- stakeholder management.
*languages*:
- english.
- spanish
division
operations
business unit
cts
location
mexico
site
insurgentes
company / legal entity
mx06 (fcrs = mx006) novartis farmacéutica s.a. de c.v.
Functional area
technology transformation
job type
full time
employment type
regular
shift work
no