Senior Specialist, IT Information Security Compliance

Major accountabilities:

• Collaborate with business to understand threats and ensure Novartis most critical business processes and data is protected.
• Ensure implementation of the information management framework to safeguard the integrity, confidentiality and availability of information owned, controlled or processed by Novartis.
• Deliver effective security training and awareness programs and coordinate delivery across functions and countries. Maintain the information security champions communities.
• Support software asset and records management governance and deliver services to support business operations as well as for mergers, acquisitions and divestitures.
• Assess security risks around third parties and deliver services to reduce exposure
• Perform assessments and verification of achieved quality levels and risks in respect to external legislative and regulatory requirements, as well as internal policies
• Establish close collaboration with stakeholders to facilitate alignment with policies, risks as well as internal and external audits.
• Monitor adherence of the defined governance principles to ensure expected value is delivered -Take responsibility to ensure adherence with Security and Compliance policies and procedures within Information Management Policy scope.
• ビジネスと協力して脅威を理解し、ノバルティスの最も重要なビジネスプロセスとデータの保護を確実にする。
• ノバルティスが所有、管理、処理する情報の完全性、機密性、可用性を保護するための情報管理フレームワークの実装を確実にする。
• 効果的なセキュリティ研修とアウェアネスプログラムを考案し、部門や国を越えて展開できるよう調整する。情報セキュリティチャンピオンコミュニティを管理する。
• ソフトウェア資産および記録管理のガバナンスをサポートし、事業運営や合併・買収・売却に係る情報セキュリティをサポートするサービスを提供する。
• サードパーティのセキュリティリスクを評価し、リスクを低減するためのサービスを提供する。
• 定義されたガバナンス原則の遵守を監視し、期待される価値が確実に提供されるようにする
• 情報管理ポリシーの範囲内で、セキュリティおよびコンプライアンスポリシーと手順の遵守を確保する責任を負う。

Minimum Requirements:

• Degree or master’s level qualification in a related discipline
• Professional certification such as CISA, CISSP, CRISC, CISM
• Japanese and Business level proficiency in English
• Multi-language communication skills. Ability to engage audiences of different sizes and across different levels of the organization
• 関連分野の学位または修士号レベルの資格
• CISA、CISSP、CRISC、CISMなどの専門資格
• 日本語およびビジネスレベルの英語力
• 多言語でのコミュニケーション能力 組織の様々な規模、様々なレベルの聴衆を巻き込む能力

Desirable Requirements: ​

• Experience as an IT auditor / consultant, creative skills using a variety of media and making local security awareness campaigns attractive e.g. video, posters would be advantageous.
• Additional Asian languages are a plus
• Knowledge of Pharmaceutical industry (GMP, GxP) is preferable
• IT監査人／コンサルタントとしての経験、効果的なセキュリティアウェアネスキャンペーンを展開するためのクリエイティブなスキルを有し、様々なメディアを活用したビデオやポスター制作などの経験やスキルがあれば尚可。
• 韓国語、北京語など アジア言語ができれば尚可
• 製薬業界（GMP、GxP）の知識があれば好ましい

Benefits and Rewards:

• You can find everything you need to know about our benefits and rewards in the Novartis Life Handbook.　novartis-life-handbook.pdf

Commitment to Diversity and Inclusion

• Novartis is committed to building an outstanding, inclusive work environment and diverse teams' representative of the patients and communities we serve.

Accessibility and accommodation

• Novartis is committed to working with and providing reasonable accommodation to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the recruitment process, or in order to perform the essential functions of a position, please send an e-mail to [email protected] and let us know the nature of your request and your contact information. Please include the job requisition number in your message.