Spec. DDIT ISC QNova

Band

Level 3

Job Description Summary

-Supports the implementation of the information security, governance and strategy per the information management framework through business partnering.

Job Description

Major accountabilities:

• Executes risk and compliance processes and oversight, operational tasks.

Key performance indicators:

• Effective management of information risk and compliance status leading to reduced critical audit findings for a subset of a function or technology.
• Level of maturity of controls in projects and operations.
• Applications and projects are secure and compliant at launch .
• Your responsibilities include but not are limited to:
  
  • Perform validation impact analysis and risk assessments, both high level and functional, to ensure requirements coverage. Author key validation deliverables, provide GxP related validation expertise and partner with key business stakeholders (i.e. Manufacturing, Quality, Validation, Risk and Compliance, etc.) in defining the CSV strategy.
  
  • Should be thorough with Document Management processes i.e. create, review, update and approve CSV deliverables including Validation Assessment, Validation Plan, Test Plan, Qualification scripts (IQ, OQ, PQ), Test protocols and reports, Traceability Matrix and Validation Summary Report.
  
  • Experience of SDLC (Waterfall or Agile methodologies or DevOPS) and responsible for tracking, monitoring and controlling validation process to ensure timely and cost-effective delivery of the system to the business users.
  
  • Ensure implementation and monitoring of IT compliance, records management and information risk management during IT projects, to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization.
  
  • Evaluates the risks arising from control deficiencies, gaps and facilitates risk mitigation planning. Supports Audits, Inspections and Assessments performed by internal and external agencies.
  
  • Manage appropriateness of preparation and readiness of the project for handover of the system/processes to the operational organization together with the project managers. First point of contact for all quality related queries on the projects, follow-up resolution of identified quality exposures and escalation to line management if critical situations are not resolved in due course.
  
  • Ensure adequate analysis have been performed for relevant testing conditions based on functional risk assessment, test overview list, test plan, test results, test deviations and change requests.
  
  • Identify and log issues found during validation execution, perform root-cause analysis to define corrective and preventive measures to be taken and work closely with relevant product teams to prioritize and track validation incidents to closure.
  
  • Strong hands - on experience in Development and Automation of Integration Solutions like EDI, API Management , Data Virtualization and (MFT) Managed File Transfer using products like IBM SI, AxwayB2Bi, APIGW and MFT and TIBCO's Data Virtualization
  
  • Development experience in any Cloud technology AWS, Azure or GCP
  
  • EDI Integrations design and development and providing Technical Support to the team.
  
  • Strong hands - on technical experience in managing platforms preferably on Linux OS and expertise in DevSecOps tool stack ( Jenkins, Artifactory, Ansible )

Minimum Requirements:
Work Experience:

• Accountability.
• Strategy Development.
• Influencing without authority.
• Collaborating across boundaries.
• Interactions with senior management.
• Experience working cross-functionally and trans-nationally.

Skills:

• Communication Skills.
• Compliance Audits.
• Compliance Management.
• Compliance Risk Assessment.
• Compliance Training.
• Influencing Skills.
• Quality Assurance.

• 
  • Bachelor's degree in Engineering/ Sciences or relevant technical experience with 5+ years of working experience in IT Quality management / Information Security and Risk management / service delivery positions in regulated environment / pharma / life sciences
  
  • Knowledge on Waterfall, Agile and DevOps methodology.
  
  • Experience working within the guidelines provided by regulatory agencies such as FDA, MHRA, etc. on one or more of the following areas: CFR Title 21 (parts 11, 210, and 211), Annex 11, GAMP, V-Model, CAPA, GxP (GMP, GLP, GCP, GVP, etc.), ERES regulations and Computer Systems Validation (CSV) coupled with ability to apply the same.
  
  • Familiar with compliance requirements (e.g. SOX, FDA/GxP, GQO, COBIT, Records Management, Privacy, Legal, BCM/Disaster Recovery).
  
  • Working knowledge of Risk Management, Audit management and periodic or control maturity assessment with adequate understanding on Change Management and Change Control Procedures, Deviation Handling, and CAPA management.
  
  • Risk management background with experience in risk management related roles.
  
  • Knowledge of various Requirement management and Test management tools (like HPALM, Jira, Confluence, etc.) and templates used throughout the Pharmaceutical industry.
  
  

Languages :

• English.

Skills Desired

Audits Compliance, Communication, Compliance Assessments, Compliance Training, Influencing Skills, Quality Assurance (QA), Regulatory Compliance Management

---