TSR GRC Manager at GSK in Durham, NC
As a TSR GRC Manager, you will be responsible for providing management and day to day support to the TSR - GRC Director for Governance, Risk & Compliance activities across the assigned business unit ensuring that Tech risks & controls from project inception to support within their business unit are identified, prioritized, effectively managed, and monitored. Additionally this role should work within the business unit to ensure Tech follows the required internal and external compliance standards and delivers a reduction in the overall risk profile for our customers. This role will provide YOU the opportunity to lead key activities to progress YOUR career. These responsibilities include some of the following:
The role encompasses the following 5 responsibilities :
Risk Management Quality & Compliance (including Operations, Programme/Product and Project support) IBM/MM monitoring Audit Support Information Policy Formation GRC Consulting Risk Management Contribute to identification and initiation of Risk mitigation projects to address significant risks impacting a Business unit, using Smart Controls assessments Facilitate risk identification and risk discussions within the business unit, both operational risk, product/project and strategic risk Assist Tech Business Unit management to make risk informed decisions through a comprehensive Risk Dashboard Raise and approve(where necessary) Policy Exceptions and significant Risks through RMS/Archer Input into, review and enforce compliance within Tech Policies and Standards as required within Business Unit Ensure emerging risks are identified and escalated appropriately and in a timely manner Perform GRC requirements within third party framework Support Product owners in the management of their project risks, ensuring risk identification process is embedded and operational Ensure awareness of Computer Security Incident Response (CSIR) process and report suspected security breach Partner with other TSR GRC and Security staff to deliver a continuous training and education programme to ensure ongoing awareness on new and updated Policies and Standards within their Business Unit. Governance Risk & Compliance:
Contribute to maintenance of the Business Unit delivery and operational frameworks (Activities, deliverables, roles and responsibilties) and ensure alignment to ITMS Monitor deliverable quality, ensure quality standards are being met for products/ projects, programmes or operations within their remit, following a risk based approach, according to ITMS, Smart Controls assessments, local SOPs and projects PQPs Contribute to providing Project Quality assurance oversight depending on the specific project risk profile, including specific assurance reviews as requested by stakeholders Ensure Business Unit activities align with Regulatory requirements and liaise with Business Quality Groups to contribute to the overall GxP validation or Sox status of the business facing application systems or services Contribute to ensuring Business Unit is keeping up with regulatory and legal requirements through a pro-active knowledge management programme Contribute to ensuring Sarbanes-Oxley compliance of Business Unit systems and applicable processes Quality assurance over the system change control within the Business Unit Supporting Product teams to maximise their velocity by right sizing their governance approach Management Monitoring/Independent Business monitoring (MM/IBM) Execute relevant self-inspection programmes within remit through Management monitoring and Independent Business monitoring where required Audit Support Contribute to ensuring Business Unit is ready to host external inspections from regulatory bodies (FDA, EMEA, tax authorities, external (Deloitte) and internal auditors (A&A, GCV,CSQA)) Support management of overall Business Unit inspection readiness activities and CAPAs in liaison with the business Report status on CAPA's to Business Unit RMCB Information Policy Formation Work with the TSR GRC GxP lead/Controls owners and ITMS team to review and approve the policy, standards, procedures, guidance and training for compliance with relevant legislation and GSK Requirements. Support reviews of the information systems for compliance with legislation and specifies any required changes within their Business Unit Support the TSR GRC Director to implement policies, standards and procedures with aligned Tech Business GRC Consulting Support various GRC planned or remedation activities consulting with Tech BU staff to deliver Support implementation of relevant Management monitoring programmes in Business Unit for processes not owned by TSR GRC Partner with other TSR GRC staff to design a management monitoring and independent business controls monitoring schedule. Work with TSR IBM team to Plan, execute, report agreed IBM controls monitoring, including controls in-scope for Sarbanes-Oxley, independently from Process owners Provide interpretation and results updates at Business Unit RMCB Why you? Basic
Qualifications:
We are looking for professionals with these required skills to achieve our goals:
Bachelor's Degree in Information Technology, Business Technology, Computer Science 7
years experience in Risk Management, Quality Assurance and Compliance in a pharmaceutical environment Preferred
Qualifications:
If you have the following characteristics, it would be a plus:
Master's in Information Security or related field Certifications in CISA, CISM, CISSP Experience with GXP, SOX and Data Privacy Regulations
Salary Range:
$100K -- $150K
Minimum Qualification
Risk & Quantitative AnalysisEstimated Salary: $20 to $28 per hour based on qualifications.
The role encompasses the following 5 responsibilities :
Risk Management Quality & Compliance (including Operations, Programme/Product and Project support) IBM/MM monitoring Audit Support Information Policy Formation GRC Consulting Risk Management Contribute to identification and initiation of Risk mitigation projects to address significant risks impacting a Business unit, using Smart Controls assessments Facilitate risk identification and risk discussions within the business unit, both operational risk, product/project and strategic risk Assist Tech Business Unit management to make risk informed decisions through a comprehensive Risk Dashboard Raise and approve(where necessary) Policy Exceptions and significant Risks through RMS/Archer Input into, review and enforce compliance within Tech Policies and Standards as required within Business Unit Ensure emerging risks are identified and escalated appropriately and in a timely manner Perform GRC requirements within third party framework Support Product owners in the management of their project risks, ensuring risk identification process is embedded and operational Ensure awareness of Computer Security Incident Response (CSIR) process and report suspected security breach Partner with other TSR GRC and Security staff to deliver a continuous training and education programme to ensure ongoing awareness on new and updated Policies and Standards within their Business Unit. Governance Risk & Compliance:
Contribute to maintenance of the Business Unit delivery and operational frameworks (Activities, deliverables, roles and responsibilties) and ensure alignment to ITMS Monitor deliverable quality, ensure quality standards are being met for products/ projects, programmes or operations within their remit, following a risk based approach, according to ITMS, Smart Controls assessments, local SOPs and projects PQPs Contribute to providing Project Quality assurance oversight depending on the specific project risk profile, including specific assurance reviews as requested by stakeholders Ensure Business Unit activities align with Regulatory requirements and liaise with Business Quality Groups to contribute to the overall GxP validation or Sox status of the business facing application systems or services Contribute to ensuring Business Unit is keeping up with regulatory and legal requirements through a pro-active knowledge management programme Contribute to ensuring Sarbanes-Oxley compliance of Business Unit systems and applicable processes Quality assurance over the system change control within the Business Unit Supporting Product teams to maximise their velocity by right sizing their governance approach Management Monitoring/Independent Business monitoring (MM/IBM) Execute relevant self-inspection programmes within remit through Management monitoring and Independent Business monitoring where required Audit Support Contribute to ensuring Business Unit is ready to host external inspections from regulatory bodies (FDA, EMEA, tax authorities, external (Deloitte) and internal auditors (A&A, GCV,CSQA)) Support management of overall Business Unit inspection readiness activities and CAPAs in liaison with the business Report status on CAPA's to Business Unit RMCB Information Policy Formation Work with the TSR GRC GxP lead/Controls owners and ITMS team to review and approve the policy, standards, procedures, guidance and training for compliance with relevant legislation and GSK Requirements. Support reviews of the information systems for compliance with legislation and specifies any required changes within their Business Unit Support the TSR GRC Director to implement policies, standards and procedures with aligned Tech Business GRC Consulting Support various GRC planned or remedation activities consulting with Tech BU staff to deliver Support implementation of relevant Management monitoring programmes in Business Unit for processes not owned by TSR GRC Partner with other TSR GRC staff to design a management monitoring and independent business controls monitoring schedule. Work with TSR IBM team to Plan, execute, report agreed IBM controls monitoring, including controls in-scope for Sarbanes-Oxley, independently from Process owners Provide interpretation and results updates at Business Unit RMCB Why you? Basic
Qualifications:
We are looking for professionals with these required skills to achieve our goals:
Bachelor's Degree in Information Technology, Business Technology, Computer Science 7
years experience in Risk Management, Quality Assurance and Compliance in a pharmaceutical environment Preferred
Qualifications:
If you have the following characteristics, it would be a plus:
Master's in Information Security or related field Certifications in CISA, CISM, CISSP Experience with GXP, SOX and Data Privacy Regulations
Salary Range:
$100K -- $150K
Minimum Qualification
Risk & Quantitative AnalysisEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
