Senior Cybersecurity GRC Specialist shaping Orion Pharma's cybersecurity governance, risk management, and compliance. Engaging with teams to enhance security posture and meet regulatory standards.
About the role
- Enterprise Security Architect responsible for security architecture in Novartis' Digital Workspace. Collaborating with teams to ensure implementations meet security policies and industry standards.
Responsibilities
- Develop and enforce security policies and procedures related Digital Workspace across Novartis businesses to meet business and regulatory requirements
- Design security measures and overall Digital Workspace architecture for the IT landscape in line with the ISC policy framework
- Support and continually review technology standards and controls related to Digital Workspace and recommend information technology strategies, policies, and procedures
- Identify design problems within the Digital Workspace domain
- Support projects to evolve Digital Workspace solutions from evaluation to implementation and assist the delivery of the operational model
- Support the auditing of security policies and procedures
- Management communication with key stakeholders and provide reports to management
- Provide ongoing support to maintain the Digital Workspace domain’s effectiveness and efficiency by defining, delivering, and supporting strategic plans for implementing information technologies
- Develop and maintain relationships with key stakeholders and vendors
- Support the direction of technological research by learning the organizational goals, strategies and business drivers
- Develop and maintain architecture diagrams and documentation related to Digital Workspace processes and procedures
- Break down the strategic objectives to requirements on the solution portfolio and target architecture
- Key contributor on products, services and/or infrastructure strategies that require complex or advanced conceptualization
- Research and evaluate new Digital Workspace security technologies and make strategic security technology choices, directly supervising the quality of designs and implementation inside and between components
- Work with improvements, by participation in the development, of the architectural principles, processes, and standards.
Requirements
- University working and thinking level, degree in business/technical area or comparable education/experience
- 15+ years of working experience in Security domain; minimum 5 years in architecture capacity; 5+ years of Digital Workspace security essential
- 5+ years of experience of working in or providing IT services to a large enterprise like Novartis.
- Exceptional understanding of other security domains like Digital Workspace, Microsoft365, Data Protection, with good knowledge of Network Security, Identity and Access Management, SIEM, Vulnerability Management
- Exceptional understanding and knowledge of general IT infrastructure technology, systems and management processes
- Experience of sourcing complex IT services, working closely with vendors and making full use of their capabilities
- Good knowledge of IT Project Management: Proven experience to initiate and manage projects that will affect other divisions, departments and functions, as well as the corporate environment.
- Experience with compliance requirements (e.g. SOX, GxQ / CSV, E-compliance, Records Management, Privacy).
- Knowledge of (information) risk management related standards or frameworks such as COSO, ISO 2700x, CobiT, ISO 24762, BS 25999, NIST, ISF Standard of Good Practice and ITIL
- Strong leadership experience, with excellent written and verbal communication and presentation skills at all levels of the organization and experience in reporting to and communicating with senior level management (with and without IT background, with and without in-depth risk management background) on information risk topics; interpersonal and collaborative skills, as well as good mediation and facilitation skills.
- Good understanding and experience with Enterprise Architecture Frameworks like TOGAF will be an added advantage.
Benefits
- Commitment to Diversity & Inclusion: We are committed to building an outstanding, inclusive work environment and diverse teams representative of the patients and communities we serve.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Product Security expert ensuring secure software development at NETGEAR. Championing security practices and monitoring vulnerabilities while collaborating with development teams.
System Architect driving secure cloud - native applications using cutting - edge technologies for Product Security at Nokia. Leading AI - driven design and architecture with collaboration across global teams.
Cyber Security Engineer protecting data from threats in a fintech startup. Collaborating with the Information Security Team and implementing security controls for technical projects.
Junior Security Incident Responder in an innovative IT service company protecting clients against cyber threats. Collaborating with teams to enhance IT security and respond to incidents.
Security Incident Responder managing IT security incidents in the Security Operations Center, analyzing threats and coordinating responses effectively for clients' safety.
Senior Security Engineer developing and enhancing security infrastructure for Bank Frick, a pioneer in blockchain banking. Responsible for managing security processes and collaborating with IT teams.
Werkstudent Cyber Security bei Wavestone, Unterstützung im IT - Consulting und Entwicklung im Bereich Cyber - Sicherheit. Analyse von Trends und aktive Teilnahme an Teamaktivitäten.
Project Manager for Security Technology managing complex security projects in MENA region. Involving internal teams and external integrators ensuring project success and client satisfaction.
Cyber Security Manager at British American Tobacco strengthening cyber resilience across Western Europe. Responsible for managing security initiatives and collaborating with regional teams.