1. Home
  2. Data Protection Governance Expert
Expires soon
Novartis

Data Protection Governance Expert

  • CDI
  • Basel (Basel-Stadt)
  • IT development
Apply Now

Job description

Job Description

Novartis Business Services IT (NBS IT) is working to support Novartis to deliver better patient outcomes through innovative use of information and technology. As technology is reshaping the healthcare industry, IT will be a differentiator for our businesses, inspiring new ideas and enabling Novartis to reimagine medicine.

To continue to add even greater value for the business we need to have the right people with the right capabilities in the right location. We need to be customer-oriented and focus on bringing the best services and solutions to the business – both globally and locally – to support our patients.

NBS IT offers this extraordinary work experience with a real opportunity to develop in a highly fast-paced technology-driven environment where collaboration and innovation are at the heart of who we are and what we do.

The “Data Protection Governance Expert” is part of the Information Security and Risk Management Team (ISRM) within NBS IT.

Role Purpose:
Ensure business critical information and systems for the entire Novartis group are identified and data processed, stored and transmitted in a secure way.
Govern data protection processes leveraging new technologies around data loss prevention and anomalous system behavior & analytics.

Major Accountabilities:
- Define and manage an appropriate program to protect security critical assets across Novartis
- Work together with IRSM leadership team providing contextual advice to protect business critical data
- Translate information protection requirements for security critical assets into actionable plans
- Govern and deliver through others enabling services to manage Novartis most valuable information assets
- Develop and enhance relationships with business and IT stakeholders to understand data protection needs, manage expectations and monitor satisfaction levels
- Monitor adherence of the defined governance principles to ensure expected value is delivered
- Ensure that ISRM provides high business value and develops an environment which fosters a risk-based, high-performance and innovative organization
- Collect continuous feedback on the governance framework, to ensure change requests can be effectively captured and incorporated in a timely manner
- Develop and apply new technologies and concepts and ensure continuous improvement of the assigned activities and benchmark versus industry best practices
- Interact with internal and external security and compliance experts to identify industry trends and focus areas, evaluate applicability for Novartis and provide recommended course of action
- Introduce new emerging ideas and technologies to optimize the protection of security critical assets
- Manage relationships at a global level across divisions and IT functions as well as across ISRM

About Novartis
Novartis provides innovative healthcare solutions that address the evolving needs of patients and societies. Headquartered in Basel, Switzerland, Novartis offers a diversified portfolio to best meet these needs: innovative medicines, cost-saving generic and biosimilar pharmaceuticals and eye care. Novartis has leading positions globally in each of these areas. In 2016, the Group achieved net sales of USD 48.5 billion, while R&D throughout the Group amounted to approximately USD 9.0 billion. Novartis Group companies employ approximately 121,000 full-time-equivalent associates. Novartis products are sold in approximately 155 countries around the world. For more information, please visit http://www.novartis.com

Desired profile

Minimum requirements

Experienced in Information Security, IT Compliance, IT Auditing (Big4) or IT Consulting
University level degree in business/technical/scientific area or comparable education (e.g. Fachhochschule)
English (Speaking & Writing)

Desirable (Optional):
- Experience with Data Loss Prevention concepts and products (such as Symantec DLP, Digital Guardian, RSA or Mcafee DLP, etc…)
- Professional information security certification, such as CISSP, CISM or ISO 27001 practitioner
- Experience with IT regulations and frameworks such as GDPR / Data Privacy, SOX IT, NIST

Make every future a success.
  • Job directory
  • Business directory
    •