|Location: Prague, Czech Republic||Salary: Negotiable|
|Sector: Pharma & Health||Type: Contract|
|Reference #: 90909_1601917196|
Process Security Governance Expert - 6 months - Remote Working
Ensure business critical information and systems for the entire group are identified and data processed, stored and transmitted in a secure way.
Data Protection Governance processes and policies improvements (As-IS processes review, definition of improvements, to-be process definition, formalization, IMF and other processes alignment, Processes awareness, communication and trainings).
Following process areas are in scope: CJ identification and classification process, CJ onboarding process, CJ Onboarding monitoring process, CJ Gap and acceptances management process, CJ Reporting process, Securing the Crown Jewels e2e.
- Support definition and management of an appropriate program to protect security critical assets including crown jewels across the business
- Review data protection governance processes and policies, propose and formalize improvements
- Monitor adherence of the defined governance principles to ensure expected value is delivered
- Ensure that ISRM provides high business value and develops an environment which fosters a risk-based, high-performance and innovative organization
- Collect continuous feedback on the governance framework, to ensure change requests can be effectively captured and incorporated in a timely manner
- Interact with internal and external security and compliance experts to identify industry trends and focus areas, evaluate applicability for Novartis and provide recommended course of action
- Introduce new emerging ideas and technologies to optimize the protection of security critical assets
- Take responsibility to ensure adherence with Security and Compliance policies and procedures within Data Protection Governance scope
KPIs/Measures of Success
Reworked business designs; Compliance level of ISRM policies; Participation in functional trainings; Strategic programs and governance elements delivered and implemented according to timelines; Levels of collaboration/working relationship achieved with ISRM, NBS IT and Business stakeholder; target group satisfaction rate