Aug 31, 2023
Czech Republic

Job Description

Location: Barcelona (Spain) or Prague (Czech Republic) #LI-Hybrid

Our Information Security and Compliance (ISC) team provide a critical service to the Novartis Community, protecting information assets and ensuring compliance with internal and external ISC requirements. This team is looking for an “Associate Director, Country Information Security and Compliance” to join the team!

In this role, you'll partner with business and DDIT in countries in scope as well as central DDIT and ISC teams to support, monitor, and report on adherence to information security requirements including applicable country regulatory requirements. You will also be required to improve cyber culture among Country Associates, analyze risk impact on important data assets and apply risk mitigation measures, and support security incident management and initiatives in countries.

Your responsibilities include, but are not limited to:

• Partner closely with Country Senior Business and DDIT stakeholders within countries in scope, to implement Novartis Information Management Framework (IMF) and sustain its implementation within projects and operations of the business organization, to ensure integrity, confidentiality and availability of information owned, controlled or processed by the Novartis Organization
• Ensure implementation of applicable country regulatory requirements in scope of ISC e.g., Cyber Security, Data Privacy, and/or use of government tools
• Analyze the security impact of and support ISC requirements for new technologies and digital initiatives e.g., Generative AI and third party technology
• Raise awareness among Associates on information security and compliance topics, communicate and follow up at the Country level
• Support security incidents within the countries including third party vendors, following global guidelines and processes
• Ensure clear governance around records and information management and support business to implement requirements within countries
• Continuously monitor and analyze risk of information assets in operations as well as projects and identify potential issues, and support and track risk remediation activities based on agreed risk mitigation solutions
• Support the business on audits in areas around Information Management framework
• Support compliance of 3rd party vendors handling Novartis data
• Facilitate implementation of global programs according to the program related roles and responsibilities for Country ISC and security initiatives affecting end users
• Drive reporting on ISC activities within the country

Diversity & Inclusion / EEO

Novartis is committed to building an outstanding, inclusive work environment and diverse teams representative of the patients and communities we serve.

Minimum Requirements

What you’ll bring to the role:

• University Degree in relevant domains and/or comparable education/experience
• Over 6 years of experience in information security, compliance, risk management, and/or audit; information security generalist experience
• Extensive knowledge of Information Governance and Management including industry standard, frameworks, and/or best practices
• Fluency in Spanish or French
• Proficiency in English (oral and written)

Nice to have:
• Professional information security certification, such as CISSP, CISM, CISA, CRISC, or ISO 27001 auditor / practitioner
• Additional language, e.g. Italian

Novartis is unable to offer relocation support for this role: please only apply if this location is accessible for you

You’ll receive:
Monthly pension contribution matching your individual contribution up to 3% of your gross monthly base salary; Risk Life Insurance (full cost covered by Novartis); 5-week holiday per year; (1 week above the Labour Law requirement) ; 4 paid sick days within one calendar year in case of absence due to sickness without a medical sickness report; Cafeteria employee benefit program – choice of benefits from Benefit Plus Cafeteria in the amount of 12,500 CZK per year; Meal vouchers in amount of 90 CZK for each working day (full tax covered by company); car allowance; MultiSport Card. Find out more about Novartis Business Services: https://www.novartis.cz/

Why consider Novartis?
743 million. That’s how many lives our products touched in 2022. And while we’re proud of that fact, in this world of digital and technological transformation, we must also ask ourselves this: how can we continue to improve and extend even more people’s lives?

We believe the answers are found when curious, courageous and collaborative people like you are brought together in an inspiring environment. Where you’re given opportunities to explore the power of digital and data. Where you’re empowered to risk failure by taking smart risks, and where you’re surrounded by people who share your determination to tackle the world’s toughest medical challenges.

Imagine what you could do at Novartis!

Join our Novartis Network: If this role is not suitable to your experience or career goals but you wish to stay connected to learn more about Novartis and our career opportunities, join the Novartis Network here: https://talentnetwork.novartis.com/network
We are Novartis. Join us and help reimagine medicine.

Commitment to Diversity & Inclusion:
Novartis embraces diversity, equal opportunity and inclusion. We are committed to building diverse teams, representative of the patients and communities we serve, and we strive to create an inclusive workplace that cultivates bold innovation through collaboration, and empowers our people to unleash their full potential.
Czech Republic
Technology Transformation
Full Time
careers default image

Associate Director, Country Information Security and Compliance

Apply to Job Access Job Account