All offersGdańskPMExpert IT Governance, Risk & Compliance
Expert IT Governance, Risk & Compliance
PM
IT Kontrakt powered by Avenga

Expert IT Governance, Risk & Compliance

IT Kontrakt powered by Avenga
Gdańsk
Type of work
Undetermined
Experience
Senior
Employment Type
B2B
Operating mode
Remote

Tech stack

    GXP
    advanced
    ITIL
    advanced
    Management
    advanced

Job description

Online interview
Expertise and Competencies to be Successful:

  • Experience in IT internal controls, governance frameworks (e.g. ITIL, COBIT, NIST), audit, risk and compliance management, strongly preferable in pharma industry
  • Knowledge of GxP, health authority regulations, computer systems validation, infrastructure qualification and ITIL processes
  • Self-starter and ability to work independently
  • Strong project management and analytical skills
  • Strong communication and stakeholder management skills
  • The Subject Matter Expert regarding any IT Governance, Risk and Compliance matters within IT
  • Support IT assessments, internal and external audit and other assurance work 

 Governance

  • Support development, implementation and maintenance of strong governance framework, risk & compliance processes
  • Support implementation of IT Service Management and IT Operations processes according to ITIL/ITSM methodology
  • Continuously improve the IT methodologies, standards, and internal control
  • Govern and report on findings, track status, and ensure corrective actions are complete and sustainable
  • Sustain purpose-driven engagement and effective interaction with Auditors, Regulators, and compliance partners.

 

Risk and Compliance

  • Develop policies and procedures for IT Units that reflects: Legal regulations and legislations (e.g. FDA, RODO, SOX, etc.), standards and Good practices (GxP, GAMP), to ensure IT environment is fully compliant
  • Support risk identification & assessments, response & mitigation, control monitoring &reporting
  • Gather and evaluate information, including to support Auditors, Regulators, and compliance partners
  • Develop and perform tests, to evaluate the design and effectiveness of key controls as is necessary for compliance
  • Review test findings, identify control weaknesses, present results, and recommend actions to remediate issues.
  • Support Computerized Systems Validation process in projects of implementation of IT solutions
  • Support workforce security activities including culture, awareness and training

 

Other:

  • IT infrastructure qualification – create qualification plan and drive retrospective qualification for existing IT infrastructure. Develop an overall strategy, standards, processes or/and procedures describing approach for qualification of newly arrived IT infrastructure components, for both local and cloud-based solutions.
  • Support establishing system classification process for computerised systems