363503BR
Sep 22, 2023
Espagne
Job Description
2023 will see Sandoz become a standalone organization! As a global market leader in Generics and Biosimilar medicine, Sandoz is stepping forward from a position of strength! Those joining Sandoz in the coming months will help shape the future of the company, it’s growth, innovation, culture and how Sandoz impacts the lives of millions. These will be careers with genuine impact! This is one such role!
Are you ready to make a difference?
Job Summary/Purpose :
Responsible for data governance, classification, and security across the data lifecycle in close collaboration with the wider ISRM team and external stakeholders (e.g.: DPO, Legal, etc.).
Your Key Responsibilities
- Define and manage policies and standards related to Data Security across the data lifecycle (data collection, classification, processing, storage, and destruction).
- Classify the data as per Sandoz's information classification policy and facilitate management of data-by-data owners in other Technology functions and in the business.
- Track compliance against relevant data security and privacy rules and regulations, in close collaboration with regional ISRM, Legal, and DPO (Data Privacy Officer) colleagues.
- Maintain data processing operations records and monitor for data integrity issues.
- Define encryption and certificate requirements based on the sensitivity and risk level of Sandoz's information and data storage methods.
- Assign retention periods for all data types and support Data Owners in adhering to relevant SOPs (Standard Operating Procedures).
- Determine Data Archiving strategy for systems and regularly archive information stored.
- Support the migration of data to be archived into archival systems, manage access, and perform security checks.
- Mandate disposal of data that is no longer needed, in a secure manner, in accordance with information security standards and provide / check evidence as required.
Are you ready to make a difference?
Job Summary/Purpose :
Responsible for data governance, classification, and security across the data lifecycle in close collaboration with the wider ISRM team and external stakeholders (e.g.: DPO, Legal, etc.).
Your Key Responsibilities
- Define and manage policies and standards related to Data Security across the data lifecycle (data collection, classification, processing, storage, and destruction).
- Classify the data as per Sandoz's information classification policy and facilitate management of data-by-data owners in other Technology functions and in the business.
- Track compliance against relevant data security and privacy rules and regulations, in close collaboration with regional ISRM, Legal, and DPO (Data Privacy Officer) colleagues.
- Maintain data processing operations records and monitor for data integrity issues.
- Define encryption and certificate requirements based on the sensitivity and risk level of Sandoz's information and data storage methods.
- Assign retention periods for all data types and support Data Owners in adhering to relevant SOPs (Standard Operating Procedures).
- Determine Data Archiving strategy for systems and regularly archive information stored.
- Support the migration of data to be archived into archival systems, manage access, and perform security checks.
- Mandate disposal of data that is no longer needed, in a secure manner, in accordance with information security standards and provide / check evidence as required.
Diversity & Inclusion / EEO
We are committed to building an outstanding, inclusive work environment and diverse teams representative of the patients and communities we serve.
Minimum Requirements
What you’ll bring to the role:
- Bachelor's Degree (or equivalent) in Computer Science, Information Systems Management, Mathematics, Informatics, Accounting/Auditing, or other related fields.
- Certification or accreditation in Information Security (CISM, CISA, CISSP etc) is a plus
- Fluent in written and spoken English.
- At least 6 years of work experience in Data Rights Management, Data Classification, and Data Privacy in an operational capacity
- At least 2 years of experience in managing teams across geographies and seniority levels
- Good understanding of data encryption and data loss prevention
- Operational experience with Data protection technologies
- Broad understanding of data privacy laws and regulations like GDPR, EU Data Protection Directives, GxP requirements, etc.
- In-depth familiarity with industry standards such as NIST, ISO 27001, etc.
- Ability to collaborate with management in international corporate environments to drive decisions and communicate effectively
#Orbit
Why Sandoz?
500 million patients were touched by Sandoz generic and biosimilar medicines in 2021 and while we’re proud of this, we know there is more we could do to continue to help pioneer access to medicines for people around the world.
How will we do this? We believe new insights, perspectives and ground-breaking solutions can be found at the intersection of medical science and digital innovation. That a diverse, equitable and inclusive environment inspires new ways of working.
We believe our potential can thrive and grow in an unbossed culture underpinned by integrity, curiosity and flexibility. And we can reinvent what's possible, when we collaborate with courage to aggressively and ambitiously tackle the world’s toughest medical challenges. Because the greatest risk in life, is the risk of never trying!
Imagine what you could achieve here at Sandoz!
Join our Sandoz Network : If this role is not suitable to your experience or career goals but you wish to stay connected to hear more about Sandoz and our career opportunities, join the Network here: https://talentnetwork.novartis.com/sandoztalentpool
- Bachelor's Degree (or equivalent) in Computer Science, Information Systems Management, Mathematics, Informatics, Accounting/Auditing, or other related fields.
- Certification or accreditation in Information Security (CISM, CISA, CISSP etc) is a plus
- Fluent in written and spoken English.
- At least 6 years of work experience in Data Rights Management, Data Classification, and Data Privacy in an operational capacity
- At least 2 years of experience in managing teams across geographies and seniority levels
- Good understanding of data encryption and data loss prevention
- Operational experience with Data protection technologies
- Broad understanding of data privacy laws and regulations like GDPR, EU Data Protection Directives, GxP requirements, etc.
- In-depth familiarity with industry standards such as NIST, ISO 27001, etc.
- Ability to collaborate with management in international corporate environments to drive decisions and communicate effectively
#Orbit
Why Sandoz?
500 million patients were touched by Sandoz generic and biosimilar medicines in 2021 and while we’re proud of this, we know there is more we could do to continue to help pioneer access to medicines for people around the world.
How will we do this? We believe new insights, perspectives and ground-breaking solutions can be found at the intersection of medical science and digital innovation. That a diverse, equitable and inclusive environment inspires new ways of working.
We believe our potential can thrive and grow in an unbossed culture underpinned by integrity, curiosity and flexibility. And we can reinvent what's possible, when we collaborate with courage to aggressively and ambitiously tackle the world’s toughest medical challenges. Because the greatest risk in life, is the risk of never trying!
Imagine what you could achieve here at Sandoz!
Join our Sandoz Network : If this role is not suitable to your experience or career goals but you wish to stay connected to hear more about Sandoz and our career opportunities, join the Network here: https://talentnetwork.novartis.com/sandoztalentpool
SANDOZ
Global Functions STO
Espagne
Barcelona
Sandoz Farmacéutica, S.A.
Inde
Espagne
Technology Transformation
Full Time
Regular
No
