Information Security Awareness Expert

Information Security Awareness Expert

Job Description

50%! Percentage of information security breaches caused by human errors. Managing the information security awareness for more than 100.000 users globally. Would you like to know more?

Role Purpose:
Run the global Information Security Awareness program that ensures:
• Identification of awareness needs with regard to information risk management, information security and IT security. A range of awareness campaigns and measures exist to tackle these awareness needs in order to stimulate a behavioral change in people towards acting in a more secure or risk averse manner in line with policies, standards, and procedures.
• Coordinate and oversee ongoing activities related to awareness campaigns across Novartis, and make sure a continuous improvement cycle is in place. Act as a thought leader within IT for security awareness and provide strategic directions in order to help Novartis be a leading company in our industry.
Engage with Business and IT functions, supporting a broad range of information security, IT compliance and information risk management topics within Novartis entities.

Major Accountabilities:
Drive the strategic direction for information security awareness program including the following:
• Maintain and improve the security awareness program. Interface with IT incident management, IT security and Corporate Security teams to understand the history and trends in terms of information security incidents that are caused by or involve people acting in a non-aware manner.
• Collaborate closely with global Communications department who owns all communication related parts of the campaigns (timing and scheduling of the campaign, design, managing external communication agencies, coordination of campaign rollout).
• Deliver content for the campaigns based on the company Information Management Policy Framework. Reach out and obtain the input of subject matter resources within the organization on topics that require their input. Ensure all awareness messages are in line with the security policy, standards, branding rules, and procedures. Deliver technology related tools supporting the penetration of the awareness messages.
• Manage the awareness network within IT and business community and coordinate rollout activities.
Monitor, track and report status and KPI’s of awareness campaigns. Display a desire to stay up-to- date with evolutions and best practices on the subject. Serve as awareness consultant to the organization for all divisions, functions, departments and entities in case of questions related to awareness and behavioral change.
• Where relevant, run selection and sourcing procedures to evaluate external vendors to support campaigns.
In the area of business stakeholder support and collaboration:
• Support implementation and monitoring of the Information Governance Framework within Novartis entities to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the Novartis Organization.
• Manage and support the community of business champions promoting information security topics within business.

Minimum requirements

What you‘ll bring to the role:
• Minimum education: Bachelor’s Degree (Economic, IT or communication degree if possible combined with IT or information security formation or education)
• CISSP, CISM or CISA certifications are a plus. PMBOK or PMP certifications are a plus.
• Languages: English (local languages a plus)
• Solid experience information in security awareness either through multiple implementations at different companies or by acting as information security awareness expert, and this in an international context.
• Desired experience in marketing, communication and pharmaceutical industry or other highly regulated industries.
• Experience with stimulating behavioral change across a company.
• Desired project management experience. Demonstrated organization, facilitation, communication, business partnering, presentation and reporting skills.

About the Novartis Global Service Center in Kuala Lumpur:

The Novartis Global Service Center (NGSC) in Kuala Lumpur delivers a broad variety of services to the Novartis divisions worldwide. Kuala Lumpur is part of a globalized network of five NGSCs, which form a successful network of services minded associates partnering with the Novartis business around the world.

What makes NGSC special?

Attractive office location, flexible time management, strong work/life balance, flexible working hours, truly multinational and dynamic organization, multicultural environment and cross-functional hub location

Why consider Novartis?
799 million. That’s how many lives our products touched in 2019. And while we’re proud of that fact, in this world of digital and technological transformation, we must also ask ourselves this: how can we continue to improve and extend even more people’s lives?
We believe the answers are found when curious, courageous and collaborative people like you are brought together in an inspiring environment. Where you’re given opportunities to explore the power of digital and data. Where you’re empowered to risk failure by taking smart risks, and where you’re surrounded by people who share your determination to tackle the world’s toughest medical challenges.
Imagine what you could do at Novartis!

Commitment to Diversity & Inclusion:
Novartis embraces diversity, equal opportunity and inclusion. We are committed to building diverse teams, representative of the patients and communities we serve, and we strive to create an inclusive workplace that cultivates bold innovation through collaboration, and empowers our people to unleash their full potential.

Join our Novartis Network: If this role is not suitable to your experience or career goals but you wish to stay connected to learn more about Novartis and our career opportunities, join the Novartis Network here:
Petaling Jaya
Information Technology
Full Time