* Provide guidance to project teams in fulfilling the ISRM controls framework, policies and procedures requirements.
* Monitor and Support adherence to information security, risk and compliance requirements.
* Analyse and Facilitate right risk quantification with multiple stakeholders, so that right actions get triggered and escalate as necessary.
* Prepare, Facilitate, review and present Risk Meetings.
* Oversee and get remediated as needed quality of operational documents, records and trainings for supported IT function/business organization to ISRM and QMS requirements.
* Analyze gaps/Failed controls to synthesize and identify and Document risks.
* Ensure gap remediation and Quality and timeliness of Maintenance.
* Monitor KPIs and Initiate actions with Stakeholders.
* Ensure and facilitate identification of quality and compliance issues, gaps/risks and violations, and raising of Exceptions and Deviations.
* Facilitate, review and present Audit closure/extension requests.
* Lead quality of information improvement governance repositories of HLCCD/IRM/3PAS/IT360.
* Guide project teams/PQMs to assess potential security and compliance risks.
* Facilitate identification of gaps/risks that are beyond scope of Projects/Ops activity.
* Define plan and approach for implementation of Security and Compliance policies and procedures, eg IT Sec Baselines, Qualification.
* Trigger the usage of Compliance and Security Services including and through PQMs.
* Identify and get included the usage of PQM as a service in the CARs.
* Monitor Quality of output from Compliance and Security Services and provide feedback and track to closure or escalate through risk register.
* Analyse impact of new technologies and regulative changes on information security.
* Cascade information to IT function.
* Support implementation and monitoring of the Information Governance Framework within IT function to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the Novartis Organization.
* Contribute and get decisions arrived on QMS and IGM requirements, and ISRM industry standards and practices.
* Guide and facilitate usage of various ISRM services, eg SME guidance, Control Maturity Assessment, Security Risk Assessment, Penetration Testing, Third Party Assessment, etc.
* GxP, 21 CFR Part 11, SDLC, GAMP knowledge and SOX knowledge
* Preparation for compliance audit, attending meetings and assisting in addressing any issues. Also Supporting PM in risk management activities
* Understand and adhere to the SOPs on Project Management, Change Management, Document Management and Computerized System Validation concept
* Should have worked in large programs.
Able to manage direct relations with stakeholders and project team members.