REQ-10026422
10月 18, 2024
India

摘要

We are looking for a motivated and skilled professional to join our DDIT ISC Governance GxP Assessments team as a Sr. Specialist. This role involves performing Control Assessments (CAs), identifying deficiencies, and reporting risks. The Sr. Specialist will also be integral in tracking risks and supporting initiatives beyond routine assessments. Furthermore, the individual will assist in developing and delivering awareness sessions and trainings related to Control Assessments.

About the Role

Job Description/ Major Responsibilities

  • Conduct Control Assessments and assist in IT Compliance Services delivery across different assets, including in-house applications, SaaS systems, mobile apps, technical platforms, OS, and databases.
  • Identify control deficiencies and potential risks during assessments.
  • Track and monitor remediation progress.
  • Help develop and update awareness sessions/trainings and deliver mandatory trainings to keep the team informed on control requirements and best practices.
  • Assess complex technology risks and internal controls, identifying opportunities for improvement.
  • Contribute to audit efficiency through automation and continuous control monitoring.

Key Performance Indicators/ Measures of Success

  • Number of assessments done versus planned according to defined service levels.
  • Identified deficiencies and potential risks from the assessment.
  • SMART criteria used for defining recommendations and remediation actions.
  • The 4-eyes principle is applied to ensure peer review, with report quality assessed against expected standards.

Minimum Requirements

  • Bachelor’s degree in computer science, Information Systems, Accounting, or a related field. Advanced degree (Post Graduation) preferred.
  • Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or similar credentials preferred.

Work Experience
 

  • Minimum of 5 years of experience in IT audit, IT risk management, IT compliance, or a similar role.
  • Strong understanding of SOX compliance requirements, internal control frameworks (e.g., COSO), and IT auditing standards (e.g., COBIT).
  • Knowledge of IT systems and processes, including system development life cycle (SDLC), IT infrastructure, and cybersecurity.
  • Knowledge of SOC Compliance (SOC1/SOC2) and skill in analyzing findings.

Language

  • Business fluent in English (written and spoken)

Why Novartis: Helping people with disease and their families takes more than innovative science. It takes a community of smart, passionate people like you. Collaborating, supporting and inspiring each other. Combining to achieve breakthroughs that change patients’ lives. Ready to create a brighter future together? https://www.novartis.com/about/strategy/people-and-culture

Join our Novartis Network: Not the right Novartis role for you? Sign up to our talent community to stay connected and learn about suitable career opportunities as soon as they come up: https://talentnetwork.novartis.com/network

Benefits and Rewards: Read our handbook to learn about all the ways we’ll help you thrive personally and professionally: https://www.novartis.com/careers/benefits-rewards

Operations
CTS
India
Hyderabad (Office)
Technology Transformation
Full time
Regular
No
A female Novartis scientist wearing a white lab coat and glasses, smiles in front of laboratory equipment.
REQ-10026422

Sr. Spec. DDIT ISC Gov GxP Assessments

Apply to Job