Executive Director, Business Information Risk Mgt & Security Job
- Employer
- Merck
- Location
- Whitehouse Station West NJ
- Closing date
- Jul 26, 2016
View more
You need to sign in or create an account to save a job.
Job Details
Executive Director, Business Information Risk Mgt & Security-SER000892
Description
Merck & Co., Inc. Kenilworth, N.J., U.S.A. known as Merck in the United States and Canada, is a global health care leader with a diversified portfolio of prescription medicines, vaccines and animal health products. Today, we are building a new kind of healthcare company – one that is ready to help create a healthier future for all of us.
Our ability to excel depends on the integrity, knowledge, imagination, skill, diversity and teamwork of an individual like you. To this end, we strive to create an environment of mutual respect, encouragement and teamwork. As part of our global team, you’ll have the opportunity to collaborate with talented and dedicated colleagues while developing and expanding your career.
The Executive Director, Information Risk Management & Security is a senior leadership position within the IT Risk Management and Security (ITRMS) at Merck & Co., Inc. The position is responsible for all aspects of business information risk management and cybersecurity within Merck’s business divisions (Research Labs, Manufacturing, Human Health, and Animal Health) and governance of the enterprise-wide information risk management function. The position reports directly to the VP, Information Technology Risk Management & CISO.
- The individual will develop and lead a global team that oversees and administers all facets of business information risk management program including risk assessments, risk treatment plans, employee education and awareness activities, internal audit support, health regulatory inspection readiness preparedness, third party risk management, and a wide array of other activities to ensure an appropriate level of information risk is maintained within each business area.
- Work closely with business and senior IT leadership to ensure security, risk management, and compliance principles are integrated into each area’s strategies & plans.
- Serve on the ITRMS leadership team work with CISO and other leadership team members to establish and implement a comprehensive cybersecurity program and risk management program for the corporation.
- Help to ensure other ITRMS leadership team members are kept abreast of changing business priorities, major product activities. and other critical issues and significant events within the business while aligning ITRMS activities to those business plans.
- Partner with Merck Corporate Audit and Assurance Services, the Global Compliance Office, the Merck Privacy Office, the Office of General Counsel, MMD Quality, MRL Regulatory Affairs, Environmental Health & Safety, Human Resources, and other global support functions in the execution of these responsibilities.
Primary responsibilities include and are not limited to the following:
*
Lead a global team of up to thirty (30) employees in the execution of the ITRMS mission. Recruit, develop, and retain key security, risk management, and compliance talent. Build a strong team that is able to leverage their security and risk management skills to advance the company’s mission and strategy.
*
Serve as the senior-most ITRMS liaison to the business. Ensure business areas are kept knowledgeable of the changing threats, new vulnerabilities and increasing risks to the business. Provide regular training, education, and awareness activities for the entire workforce.
*
Stay abreast of changing laws, regulations, standards and policies that could impact the execution of the IT function within each business area. Working closely with the Office of the General Counsel, the Global Compliance Office, MMD Quality, and MRL Regulatory Affairs, ensure business areas stay aligned with and in compliance with these statutes. Provide guidance and direction to the workforce on compliance with policy. As necessary, oversee the development or revision of SOPs to reflect legal and regulatory changes.
*
Ensure business areas are prepared for inspections by health regulatory authorities around the world. Assist in the conduct of mock inspections and assessments of GxP controls as they apply to automation and IT systems. Identify gaps and ensure corrective and preventative action plans are developed and executed in a timely manner. Provide appropriate levels of support for on-site inspections and post-inspection remediation activities.
*
Develop and govern the IT risk management processes. Serve as a subject matter expert in the application of these processes to new business initiatives, emerging technologies, and rapidly changing risks. Effectively balance security and risk management demands with business requirements. Assist the business in articulating the level of risk they are willing to accept and ensure appropriate controls are put in place to live within the specified risk appetite.
*
Facilitate the rapid identification of issues, incidents, and deviations from policy. Escalate to appropriate entities as necessary. Assist in the development of management action plans / corrective and preventative action plans in response to these issues. Track progress against these plans and ensure divisional and functional IT leaders meet their MAP/CAPA commitments on time.
*
Participate in health industry forums to stay abreast of peer companies activities in the IT risk management area. As appropriate, work together with these peers to increase the effectiveness and/or efficiency of common controls.
- As necessary, serve as the acting VP, IT Risk Management & CISO in his/her absence.
Qualifications
Education:
*
Required: BS in Computer Science or Engineering.
*
Preferred: MS or Ph.D.
Required Experience:
*
Minimum of (10) years experience in a Security, Compliance, or Information Risk Management roles at least half of which was in a direct leadership position.
*
Strong preference for Pharmaceutical industry experience or proven history in another highly-regulated industry.
*
Strong collaborator, must be seen as a business facilitator that helps the company achieve its core mission of improving health and saving lives while balancing the need for increased security and controls.
*
Exceptional written and oral communication skills. Must have the ability to communicate complex subjects simply, briefly and with impact to all levels of the corporation. Must be able to present to executive committee and board level audiences.
*
Self-motived and detail-oriented with a strong bias for action. Must be able to identify deviations from policy and SOP. Must be able to quickly develop and recommend critical actions required to ensure compliance.
*
Strong and rapid learning ability with self motivated drive for knowledge.
*
Must have self confidence and be seen as an industry leader in the information risk management, cybersecurity, or pharmaceutical IT regulatory space.
*
Must be able to operate effectively and appropriately in high stress environments over extended periods of time.
Our employees are the key to our company’s success. We demonstrate our commitment to our employees by offering a competitive and valuable rewards program. Our Company’s benefits are designed to support the wide range of goals, needs and lifestyles of our employees, and many of the people that matter the most in their lives. If you need an accommodation for the application process please email us at staffingaadar@merck.com.
Search Firm Representatives Please Read Carefully:
Merck & Co., Inc. is not accepting unsolicited assistance from search firms for this employment opportunity. Please, no phone calls or emails. All resumes submitted by search firms to any employee at Merck via email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of Merck. No fee will be paid in the event the candidate is hired by Merck as a result of the referral or through other means.
Visa sponsorship is not available for this position.
For more information about personal rights under Equal Employment Opportunity, visit:
EEOC Poster
EEOC GINA Supplement
Merck is an equal opportunity employer, Minority/Female/Disability/Veteran – proudly embracing diversity in all of its manifestations.
Job: Service Delivery/Management
Job Title:Executive Director, Service Delivery/Management
Primary Location: NA-US-NJ-Whitehouse Station West
Other Locations: NA-US-New Jersey, NA-US-Pennsylvania
Employee Status: Regular
Travel: Yes, 25 % of the Time
Number of Openings: 1
Company Trade Name:Merck
Description
Merck & Co., Inc. Kenilworth, N.J., U.S.A. known as Merck in the United States and Canada, is a global health care leader with a diversified portfolio of prescription medicines, vaccines and animal health products. Today, we are building a new kind of healthcare company – one that is ready to help create a healthier future for all of us.
Our ability to excel depends on the integrity, knowledge, imagination, skill, diversity and teamwork of an individual like you. To this end, we strive to create an environment of mutual respect, encouragement and teamwork. As part of our global team, you’ll have the opportunity to collaborate with talented and dedicated colleagues while developing and expanding your career.
The Executive Director, Information Risk Management & Security is a senior leadership position within the IT Risk Management and Security (ITRMS) at Merck & Co., Inc. The position is responsible for all aspects of business information risk management and cybersecurity within Merck’s business divisions (Research Labs, Manufacturing, Human Health, and Animal Health) and governance of the enterprise-wide information risk management function. The position reports directly to the VP, Information Technology Risk Management & CISO.
- The individual will develop and lead a global team that oversees and administers all facets of business information risk management program including risk assessments, risk treatment plans, employee education and awareness activities, internal audit support, health regulatory inspection readiness preparedness, third party risk management, and a wide array of other activities to ensure an appropriate level of information risk is maintained within each business area.
- Work closely with business and senior IT leadership to ensure security, risk management, and compliance principles are integrated into each area’s strategies & plans.
- Serve on the ITRMS leadership team work with CISO and other leadership team members to establish and implement a comprehensive cybersecurity program and risk management program for the corporation.
- Help to ensure other ITRMS leadership team members are kept abreast of changing business priorities, major product activities. and other critical issues and significant events within the business while aligning ITRMS activities to those business plans.
- Partner with Merck Corporate Audit and Assurance Services, the Global Compliance Office, the Merck Privacy Office, the Office of General Counsel, MMD Quality, MRL Regulatory Affairs, Environmental Health & Safety, Human Resources, and other global support functions in the execution of these responsibilities.
Primary responsibilities include and are not limited to the following:
*
Lead a global team of up to thirty (30) employees in the execution of the ITRMS mission. Recruit, develop, and retain key security, risk management, and compliance talent. Build a strong team that is able to leverage their security and risk management skills to advance the company’s mission and strategy.
*
Serve as the senior-most ITRMS liaison to the business. Ensure business areas are kept knowledgeable of the changing threats, new vulnerabilities and increasing risks to the business. Provide regular training, education, and awareness activities for the entire workforce.
*
Stay abreast of changing laws, regulations, standards and policies that could impact the execution of the IT function within each business area. Working closely with the Office of the General Counsel, the Global Compliance Office, MMD Quality, and MRL Regulatory Affairs, ensure business areas stay aligned with and in compliance with these statutes. Provide guidance and direction to the workforce on compliance with policy. As necessary, oversee the development or revision of SOPs to reflect legal and regulatory changes.
*
Ensure business areas are prepared for inspections by health regulatory authorities around the world. Assist in the conduct of mock inspections and assessments of GxP controls as they apply to automation and IT systems. Identify gaps and ensure corrective and preventative action plans are developed and executed in a timely manner. Provide appropriate levels of support for on-site inspections and post-inspection remediation activities.
*
Develop and govern the IT risk management processes. Serve as a subject matter expert in the application of these processes to new business initiatives, emerging technologies, and rapidly changing risks. Effectively balance security and risk management demands with business requirements. Assist the business in articulating the level of risk they are willing to accept and ensure appropriate controls are put in place to live within the specified risk appetite.
*
Facilitate the rapid identification of issues, incidents, and deviations from policy. Escalate to appropriate entities as necessary. Assist in the development of management action plans / corrective and preventative action plans in response to these issues. Track progress against these plans and ensure divisional and functional IT leaders meet their MAP/CAPA commitments on time.
*
Participate in health industry forums to stay abreast of peer companies activities in the IT risk management area. As appropriate, work together with these peers to increase the effectiveness and/or efficiency of common controls.
- As necessary, serve as the acting VP, IT Risk Management & CISO in his/her absence.
Qualifications
Education:
*
Required: BS in Computer Science or Engineering.
*
Preferred: MS or Ph.D.
Required Experience:
*
Minimum of (10) years experience in a Security, Compliance, or Information Risk Management roles at least half of which was in a direct leadership position.
*
Strong preference for Pharmaceutical industry experience or proven history in another highly-regulated industry.
*
Strong collaborator, must be seen as a business facilitator that helps the company achieve its core mission of improving health and saving lives while balancing the need for increased security and controls.
*
Exceptional written and oral communication skills. Must have the ability to communicate complex subjects simply, briefly and with impact to all levels of the corporation. Must be able to present to executive committee and board level audiences.
*
Self-motived and detail-oriented with a strong bias for action. Must be able to identify deviations from policy and SOP. Must be able to quickly develop and recommend critical actions required to ensure compliance.
*
Strong and rapid learning ability with self motivated drive for knowledge.
*
Must have self confidence and be seen as an industry leader in the information risk management, cybersecurity, or pharmaceutical IT regulatory space.
*
Must be able to operate effectively and appropriately in high stress environments over extended periods of time.
Our employees are the key to our company’s success. We demonstrate our commitment to our employees by offering a competitive and valuable rewards program. Our Company’s benefits are designed to support the wide range of goals, needs and lifestyles of our employees, and many of the people that matter the most in their lives. If you need an accommodation for the application process please email us at staffingaadar@merck.com.
Search Firm Representatives Please Read Carefully:
Merck & Co., Inc. is not accepting unsolicited assistance from search firms for this employment opportunity. Please, no phone calls or emails. All resumes submitted by search firms to any employee at Merck via email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of Merck. No fee will be paid in the event the candidate is hired by Merck as a result of the referral or through other means.
Visa sponsorship is not available for this position.
For more information about personal rights under Equal Employment Opportunity, visit:
EEOC Poster
EEOC GINA Supplement
Merck is an equal opportunity employer, Minority/Female/Disability/Veteran – proudly embracing diversity in all of its manifestations.
Job: Service Delivery/Management
Job Title:Executive Director, Service Delivery/Management
Primary Location: NA-US-NJ-Whitehouse Station West
Other Locations: NA-US-New Jersey, NA-US-Pennsylvania
Employee Status: Regular
Travel: Yes, 25 % of the Time
Number of Openings: 1
Company Trade Name:Merck
Company
Our vision is to make a difference in the lives of people globally through our innovative medicines, vaccines, biologic therapies, consumer health and animal products. We aspire to be the best healthcare company in the world and are dedicated to providing leading innovations and solutions for tomorrow.
We have made it our mission to provide innovative, distinctive products and services that save and improve lives, satisfy customer needs and to be recognized as a great place to work
You need to sign in or create an account to save a job.
Get job alerts
Create a job alert and receive personalized job recommendations straight to your inbox.
Create alert