Information Security GxP Manager

Roles & Responsibilities:GxP Governance Leadership

• Support the GRC organization in leading a team of GxP and/or policy analysts performing tasks related to information security governance, GxP deviation management, document management, audit commitments, and/or policy exception processes.

GxP Deviation and CAPA Management

• Manage and own technology related GxP deviations, CAPA, and CAPA-EV records
• Manage GxP reporting and monitoring metrics for Technology/IT records
• Collaborate with record owners and QA to ensure timely record resolution
• Lead the identification and evaluation of risks associated with GxP deviation records.
• Identify and support new record owners across IT/Technology (e.g. office hours, ad-hoc meetings, document management support).
• Attend enterprise network meetings and Quality Forums as needed to represent the Technology / IT function .

• GxP Deviation Monitoring and Improvements:

  Recommend deviation management improvement strategies across Technology/IT.
• Collaborate with Quality, IT application, cybersecurity, and business teams to supervise and resolve identified risks and vulnerabilities associated with deviations and CAPA s.
• Lead and manage conducting CAPA applicability assessments, time studies, and related initiatives to identify impacts and improvement opportunities in IT systems, processes, and policies.
• Supervise, monitor, and report on the efficiency of existing GxP records, trends, and recommend improvements as needed.

• Governance and Regulatory Support:

  Ensure compliance with relevant industry standards and regulatory requirements (e.g., GxP, GDPR, SOX, NIST).
• Lead proactive measures to facilitate compliance, such as collaborating with partners to initiate periodic reviews
• Lead the preparation for audits and inspections by internal and external parties, providing documentation and evidence of IT GxP deviation management practices.
• Support the development and implementation of IT governance, risk, and compliance frameworks and continuous improvements.
• Support the development and implementation of IT governance, risk, and compliance policies as well as supporting documentation, and their continuous improvements.
• Track and monitor document reviews, and support document owners to ensure timely periodic review completion.

What we expect of you

Basic Qualifications:

• Doctorate degree and 2 years of IT GxP deviation management, IT quality management, IT auditing, or information security experience OR
• Master s degree and 8 to 10 years of IT GxP deviation management, IT quality management, IT auditing, or information security experience OR
• Bachelor s degree and 10 to 14 years of IT GxP deviation management, IT quality management, IT auditing, or information security experience OR
• Diploma and 14 to 18 years of IT GxP deviation management, IT quality management, IT auditing, or information security experience

Preferred Qualifications:

Skills and Competencies

• Solid understanding of GxP deviation management , controlled document management, IT infrastructure & systems, and security standard methodologies.
• Ability to assess technical and business risk related to information systems.
• Excellent problem-solving, analytical, and communication skills.
• Ability to communicate complex GxP and risk concepts to non-technical partners.
• Familiarity with regulatory frameworks and compliance standards (e.g., GxP, GDPR, HIPAA, SOX).

Technical Knowledge

• Proficiency with GxP deviation management tools, GRC (Governance, Risk, and Compliance) software, controlled document management tools enterprise organisational change tools, and security incident management tools.
• Experience with security controls related to networks, databases, and cloud environments.

• Soft Skills:

  Excellent analytical and troubleshooting skills
• Strong verbal and written communication skills
• Ability to work effectively with global, virtual teams
• High degree of initiative and self-motivation
• Ability to manage multiple priorities, budget, and PI plan successfully
• Ability to manage a team of Information Security experts
• Team oriented, with a focus on achieving team goals
• Strong presentation and public speaking skills