REQ-10053040
6月 02, 2025
Mexico

摘要

The Information Security & Compliance team is looking for a highly skilled and experienced Business Information Security Expert to join our team. The successful candidate will be responsible for ensuring Information Security Compliance across our organization. This role requires a deep understanding of information security principles, risk management, and regulatory requirements, including HIPAA, GDPR, and GxP, technical knowledge in Data Analytics, Artificial Intelligence & Cloud Security & Compliance

About the Role

Your responsibilities include, but are not limited to:

  • Develop, implement, and maintain information security policies, procedures, and guidelines to ensure compliance with industry standards and regulatory requirements.
  • Conduct regular security assessments, audits, and risk analyses to identify vulnerabilities and ensure the effectiveness of security controls.
  • Collaborate with various departments to ensure that information security requirements are integrated into business processes and projects.
  • Provide expert guidance on information security best practices and emerging threats to senior management and other stakeholders.
  • Lead incident response efforts and coordinate with internal and external teams to address security breaches and mitigate risks.
  • Develop and deliver information security training and awareness programs to employees at all levels.
  • Conduct regular Risk Committee Meetings and drive accountability & remediations.
  • Conduct Annual Risk Identification Workshops to identify Risks, assign ownership and gain agreements on Remediation Plans and target dates.
  • Stay up-to-date with the latest developments in information security, HIPAA, GDPR, and GxP regulatory requirements to ensure the organization remains compliant and secure.

Role Requirements:

  • Bachelor's or Master's degree in Computer Science, Information Technology, or a related field.
  • 12 - 16 years of experience in information security, with a focus on compliance, risk management, HIPAA, GDPR, and GxP.
  • Data Analytics & Artificial Intelligence expertise
  • Minimum of one certification among CISSP, CISA, CISM, CCSP.
  • Strong knowledge of information security frameworks, standards, and regulations (e.g., ISO 27001, NIST, GDPR, HIPAA).
  • Excellent analytical, problem-solving, and decision-making skills.
  • Strong communication and interpersonal skills, with the ability to effectively convey complex security concepts to non-technical stakeholders.
  • Proven ability to work independently and as part of a team in a fast-paced, dynamic environment.

Preferred Skills:

  • Experience with security tools and technologies such as MS Azure, AWS, Data bricks, Data Analytics, and vulnerability management.
  • Knowledge of cloud security principles and best practices.
  • Experience in conducting security assessments and audits.
  • Familiarity with data privacy regulations and requirements.

Why Novartis: Helping people with disease and their families takes more than innovative science. It takes a community of smart, passionate people like you. Collaborating, supporting and inspiring each other. Combining to achieve breakthroughs that change patients’ lives. Ready to create a brighter future together? https://www.novartis.com/about/strategy/people-and-culture

Join our Novartis Network: Not the right Novartis role for you? Sign up to our talent community to stay connected and learn about suitable career opportunities as soon as they come up: https://talentnetwork.novartis.com/network

Benefits and Rewards: Read our handbook to learn about all the ways we’ll help you thrive personally and professionally: https://www.novartis.com/careers/benefits-rewards

Operations
CTS
Mexico
INSURGENTES
Technology Transformation
Full time
Regular
No
A female Novartis scientist wearing a white lab coat and glasses, smiles in front of laboratory equipment.
REQ-10053040

Assoc. Dir. Business Information Security Expert DDIT ISC US&I

Apply to Job
Technology Transformation Operations Mexico