379140BR
Nov 10, 2023
Czech Republic
About the Role
The Novartis Global Drug Development (GDD) is in need of a Cybersecurity Solutions Architect to assist them in the development of new systems and platforms to support Novartis’ innovative drug development pipelines, clinical trials and proof of concept initiatives. GDD collaborates across scientific and organizational boundaries, with a focus on powerful new technologies that have the potential to help produce therapeutic breakthroughs for patients. As a Cybersecurity Solutions Architect, you will support these strategic initiatives by providing subject matter expertise in the domain of end-to-end security architecture.
Our Cybersecurity Solutions Architect will work with the GDD technology and science teams to ensure solutions are security designed, following approved security patterns and providing ongoing security consulting and expertise to support the following activities:
a) Review security architecture for common platforms like Salesforce, Veeva, and other major commercial and marketing technologies.
b) Review security architecture of operational changes, enhancements, and other releases related to production systems
c) Support and provide recommendations to leadership for remediating security gaps
As part of daily activities, our Cybersecurity Solutions Architect will ensure secure-by-design principles are followed for applications and technical solutions that GDD develops, provide consultation, solution architecture recommendations and work closely with domain architects to leverage Novartis’ global enterprise platforms or assist in the development of innovative new digital solutions.
The successful candidate will be a strong communicator with deep technical and security skills, especially pertaining to regulatory and GxP systems used in the pharmaceutical industry. The individual must be highly collaborative as they will need to work closely with application managers, platform engineers, 3rd party vendors, software developers and architects.
Your responsibilities include but are not limited to:
• Providing in depth expertise about security principles and ensuring controls are included as technical requirements
• Advising peer architects and technologists on approved security patterns and practices
• Reviewing and challenging defined IT security related internal standards for the ongoing improvement of Novartis policies and procedures
• Acting as a single point of contact, collaborating closely with other Security Architects and IT Architects on IT security related matters
• Promoting our IT Security culture within the business and application management team and building an external network regarding IT security relevant to the business function
• Defining pragmatic solutions and recommending alternatives that meet or exceed security requirements
• Performing risk/threat assessments of all IT project related to the function and reporting on the security status of projects
• Managing a pool of external security and solution architects assigned to our portfolio
• Managing prioritization of security assessment for the function, working with our application security risk assessment pool for low impact projects
Our Cybersecurity Solutions Architect will work with the GDD technology and science teams to ensure solutions are security designed, following approved security patterns and providing ongoing security consulting and expertise to support the following activities:
a) Review security architecture for common platforms like Salesforce, Veeva, and other major commercial and marketing technologies.
b) Review security architecture of operational changes, enhancements, and other releases related to production systems
c) Support and provide recommendations to leadership for remediating security gaps
As part of daily activities, our Cybersecurity Solutions Architect will ensure secure-by-design principles are followed for applications and technical solutions that GDD develops, provide consultation, solution architecture recommendations and work closely with domain architects to leverage Novartis’ global enterprise platforms or assist in the development of innovative new digital solutions.
The successful candidate will be a strong communicator with deep technical and security skills, especially pertaining to regulatory and GxP systems used in the pharmaceutical industry. The individual must be highly collaborative as they will need to work closely with application managers, platform engineers, 3rd party vendors, software developers and architects.
Your responsibilities include but are not limited to:
• Providing in depth expertise about security principles and ensuring controls are included as technical requirements
• Advising peer architects and technologists on approved security patterns and practices
• Reviewing and challenging defined IT security related internal standards for the ongoing improvement of Novartis policies and procedures
• Acting as a single point of contact, collaborating closely with other Security Architects and IT Architects on IT security related matters
• Promoting our IT Security culture within the business and application management team and building an external network regarding IT security relevant to the business function
• Defining pragmatic solutions and recommending alternatives that meet or exceed security requirements
• Performing risk/threat assessments of all IT project related to the function and reporting on the security status of projects
• Managing a pool of external security and solution architects assigned to our portfolio
• Managing prioritization of security assessment for the function, working with our application security risk assessment pool for low impact projects
Diversity & Inclusion / EEO
We are committed to building an outstanding, inclusive work environment and diverse teams representative of the patients and communities we serve.
Role Requirements
What You'll Need:
• Degree in a business/technical/scientific area or comparable qualifications/experience
• 5 years of Information Security management or IT security expertise
• Expert knowledge of enterprise IT infrastructure technology, systems, vulnerability management, and organisational change processes, especially in large scale implementations
• Demonstrated experience of effectively engaging with senior business leaders across a matrixed environment
• Familiarity with frameworks such as COSO, ISO 2700x, CobiT, NIST, SOX, GDPR
• Knowledge of OWASP, SDLC, encryption, identity and access management, data integrity and other related secure software design methodologies
• Proficiency in English (oral and written)
Nice To Have:
• Professional information security certification, such as CISSP, CISM or ISO 27001 auditor / practitioner is preferred. Professional (information system) risk or audit certification such as CIA, CISA or CRISC is preferred
• CSSLP, GSSP, ECCSP, CASS
Why consider Novartis?
743 million. That’s how many lives our products touched in 2022. And while we’re proud of that fact, in this world of digital and technological transformation, we must also ask ourselves this: how can we continue to improve and extend even more people’s lives?
We believe the answers are found when curious, courageous and collaborative people like you are brought together in an inspiring environment. Where you’re given opportunities to explore the power of digital and data. Where you’re empowered to risk failure by taking smart risks, and where you’re surrounded by people who share your determination to tackle the world’s toughest medical challenges.
Imagine what you could do at Novartis!
Join our Novartis Network: If this role is not suitable to your experience or career goals but you wish to stay connected to learn more about Novartis and our career opportunities, join the Novartis Network here: https://talentnetwork.novartis.com/network
We are Novartis. Join us and help reimagine medicine.
Commitment to Diversity & Inclusion:
Novartis embraces diversity, equal opportunity and inclusion. We are committed to building diverse teams, representative of the patients and communities we serve, and we strive to create an inclusive workplace that cultivates bold innovation through collaboration, and empowers our people to unleash their full potential.
• Degree in a business/technical/scientific area or comparable qualifications/experience
• 5 years of Information Security management or IT security expertise
• Expert knowledge of enterprise IT infrastructure technology, systems, vulnerability management, and organisational change processes, especially in large scale implementations
• Demonstrated experience of effectively engaging with senior business leaders across a matrixed environment
• Familiarity with frameworks such as COSO, ISO 2700x, CobiT, NIST, SOX, GDPR
• Knowledge of OWASP, SDLC, encryption, identity and access management, data integrity and other related secure software design methodologies
• Proficiency in English (oral and written)
Nice To Have:
• Professional information security certification, such as CISSP, CISM or ISO 27001 auditor / practitioner is preferred. Professional (information system) risk or audit certification such as CIA, CISA or CRISC is preferred
• CSSLP, GSSP, ECCSP, CASS
Why consider Novartis?
743 million. That’s how many lives our products touched in 2022. And while we’re proud of that fact, in this world of digital and technological transformation, we must also ask ourselves this: how can we continue to improve and extend even more people’s lives?
We believe the answers are found when curious, courageous and collaborative people like you are brought together in an inspiring environment. Where you’re given opportunities to explore the power of digital and data. Where you’re empowered to risk failure by taking smart risks, and where you’re surrounded by people who share your determination to tackle the world’s toughest medical challenges.
Imagine what you could do at Novartis!
Join our Novartis Network: If this role is not suitable to your experience or career goals but you wish to stay connected to learn more about Novartis and our career opportunities, join the Novartis Network here: https://talentnetwork.novartis.com/network
We are Novartis. Join us and help reimagine medicine.
Commitment to Diversity & Inclusion:
Novartis embraces diversity, equal opportunity and inclusion. We are committed to building diverse teams, representative of the patients and communities we serve, and we strive to create an inclusive workplace that cultivates bold innovation through collaboration, and empowers our people to unleash their full potential.
Why Novartis: Helping people with disease and their families takes more than innovative science. It takes a community of smart, passionate people like you. Collaborating, supporting and inspiring each other. Combining to achieve breakthroughs that change patients’ lives. Ready to create a brighter future together? https://www.novartis.com/about/strategy/people-and-culture
Join our Novartis Network: Not the right Novartis role for you? Sign up to our talent community to stay connected and learn about suitable career opportunities as soon as they come up: https://talentnetwork.novartis.com/network
Operations
DATA, DIGITAL & IT
Czech Republic
Prague
NOV CZE
Spain
Mexico
Full Time
Regular
No
379140BR