IT Security Manager Novartis - Basel, Switzerland
Role purpose:
• Ensure implementation of IT Security policies, processes and controls within Novartis International
• Ensure that the IT security status is managed and monitored within Novartis International (via security risk assessments of projects, scanning activities of operational environment and proposal of adequate technologies) to maximize business value and opportunities through the effective and relevant use of people, processes, policies and technology
• Be part of a functional team of IT security subject matter experts in providing consistent, best in class information security management practices across Novartis.
Major accountabilities:
• Implement and monitor the Novartis IGM Control Framework for IT Security Controls across Novartis International in alignment with IGM Manager for NI.
• Eensure policies, processes and frameworks are up to date, relevant and communicated.
• Develop, implement, maintain and enforce IT security tools, documentation, processes (e.g. security incident response) and standards in line with Novartis Global IT Security Strategy
• Act as an interface for all IT security management related matters across Novartis International and with the outsourcing vendors
• Monitor, assess and report IT security risks (risk assessments) and analyze potential mitigation strategies to reduce exposure
• Provide/coordinate response to IT security alerts, threats and incidents
• Identify IT security risks associated with changes and projects on both technical and business issues and recommend a course of action
• Support audits by performing tasks associated with IT security management
• Provide IT security expertise for performing pre-production security assessment audits for new systems and applications
• Ensure that guidance, consultancy, templates, and training is available to simplify and align IT security related activities
• Support the Head of integrated services management and teams with IT security subject matter expertise
• Regularly performs IT security services reviews, qualifications and self-assessments to e.g. ensure conformance with service-, quality-, security and SOX requirements and industry best practices (in-house operations, third party suppliers and external service providers
• Ensure implementation of IT Security policies, processes and controls within Novartis International
• Ensure that the IT security status is managed and monitored within Novartis International (via security risk assessments of projects, scanning activities of operational environment and proposal of adequate technologies) to maximize business value and opportunities through the effective and relevant use of people, processes, policies and technology
• Be part of a functional team of IT security subject matter experts in providing consistent, best in class information security management practices across Novartis.
Major accountabilities:
• Implement and monitor the Novartis IGM Control Framework for IT Security Controls across Novartis International in alignment with IGM Manager for NI.
• Eensure policies, processes and frameworks are up to date, relevant and communicated.
• Develop, implement, maintain and enforce IT security tools, documentation, processes (e.g. security incident response) and standards in line with Novartis Global IT Security Strategy
• Act as an interface for all IT security management related matters across Novartis International and with the outsourcing vendors
• Monitor, assess and report IT security risks (risk assessments) and analyze potential mitigation strategies to reduce exposure
• Provide/coordinate response to IT security alerts, threats and incidents
• Identify IT security risks associated with changes and projects on both technical and business issues and recommend a course of action
• Support audits by performing tasks associated with IT security management
• Provide IT security expertise for performing pre-production security assessment audits for new systems and applications
• Ensure that guidance, consultancy, templates, and training is available to simplify and align IT security related activities
• Support the Head of integrated services management and teams with IT security subject matter expertise
• Regularly performs IT security services reviews, qualifications and self-assessments to e.g. ensure conformance with service-, quality-, security and SOX requirements and industry best practices (in-house operations, third party suppliers and external service providers
Desired Skills & Experience
• University working and thinking level, degree in computer science or comparable education / experience• Broad IT security background with at least 5-8 year experience in IT security management related roles
• Experience in (IT security) emergency response handling within a global enterprise
• Track record in delivering projects on time, quality and budget
• Excellent communication skills
• Fluent in English (written and spoken)
• Good knowledge of the company’s business
Post a Comment