Process Security Governance Expert - Remote

Location: Prague, Czech Republic Salary: Negotiable
Sector: Pharma & Health Type: Contract
Reference #: 90909_1601917196

Process Security Governance Expert - 6 months - Remote Working

Role Purpose

Ensure business critical information and systems for the entire group are identified and data processed, stored and transmitted in a secure way.

Major Accountabilities

Data Protection Governance processes and policies improvements (As-IS processes review, definition of improvements, to-be process definition, formalization, IMF and other processes alignment, Processes awareness, communication and trainings).

Following process areas are in scope: CJ identification and classification process, CJ onboarding process, CJ Onboarding monitoring process, CJ Gap and acceptances management process, CJ Reporting process, Securing the Crown Jewels e2e.

- Support definition and management of an appropriate program to protect security critical assets including crown jewels across the business

- Review data protection governance processes and policies, propose and formalize improvements

- Monitor adherence of the defined governance principles to ensure expected value is delivered

- Ensure that ISRM provides high business value and develops an environment which fosters a risk-based, high-performance and innovative organization

- Collect continuous feedback on the governance framework, to ensure change requests can be effectively captured and incorporated in a timely manner

- Interact with internal and external security and compliance experts to identify industry trends and focus areas, evaluate applicability for Novartis and provide recommended course of action

- Introduce new emerging ideas and technologies to optimize the protection of security critical assets

- Take responsibility to ensure adherence with Security and Compliance policies and procedures within Data Protection Governance scope

KPIs/Measures of Success

Reworked business designs; Compliance level of ISRM policies; Participation in functional trainings; Strategic programs and governance elements delivered and implemented according to timelines; Levels of collaboration/working relationship achieved with ISRM, NBS IT and Business stakeholder; target group satisfaction rate