Sr. Spec. DDIT IES Governance Sec

Job Description

The SOX Compliance Specialist will support the planning, execution, and tracking of SOX assessments across different environments. This role includes working closely with auditors to ensure audit requirements are met efficiently and on schedule. The specialist will collaborate with application managers and key stakeholders to gather evidence, identify gaps, and ensure SOX compliance. They will help evaluate and document SOX controls for systems, processes, and infrastructure, conducting regular compliance assessments. Additionally, the specialist will assist in identifying control deficiencies and collaborate with technical teams to resolve them. Major Accountabilities Actively contribute to professional and reliable technology delivery for business systems, platforms, and processes for business domain/function(s) in scope. Actively contribute to on time, within budget, compliant, secure, and quality delivery of portfolio/ respective engagements. Effectively engage with the chosen SI Partner(s) and collaboratively strive to deliver business value. Contribute enterprise grade and state of the art Solution Design and Architecture with maximizing reusability, configurability and scalability. Ensure top class and state of the art engineering delivery, code management, automation and strive for highest efficiency. Run efficient DevSecOps for platforms, products, or systems ensuring availability and optimal performance in line with the specific role. Follow industry trends and emerging practices to drive agility, speed, efficiency, and effectiveness. Ensure the overall user experience is taken into account when designing deploying new solutions and services. Ensure adherence to Security and Compliance policies and procedures as we'll as with other Novartis guidelines and standards. Additional Specifications Access Management: Responsible for providing Governance over access management process of various infrastructure services. Able to ensure that Access Management Process is followe'd in line Information Management Framework and IAM Policies defined by Novartis. Represent Infrastructure Services in Audits like SOX and guide communication in right direction. Able to perform internal audits in order to identify compliance issues in the process and collaborate with teams to identify appropriate action plan for their remediation. Discussion with other Technology / Customer Function to resolve Access Related problems or escalation from Process Perspective. Should have good collaboration skills, be bold and should be able to challenge status quo within the organization. Should have understanding of Access Management concepts and terminologies. Vulnerability and Security Configuration Management: Should be able to monitor and govern Vulnerability and Security Configuration Management across infrastructure services. Monitor and analyze Security KPI s associated with the process and able to address issues which are impacting the KPi s with respective teams Able to identify Novartis VM and SC Process gaps impacting infrastructure and able to address them with appropriate external teams. Ensuring that Infrastructure teams are meeting the timelines for remediation and address any concerns that might impact the KPI s Key Performance Indicators (KPIs) Delivery on agreed KPIs including business impact. Launch of innovative technology solutions across Novartis at scale. Business impact and value generated from TT solutions. Adoption and development of Agile, Productization and DevSecOps practices. Operations stability and effective risk management. Feedback on customer experience. Ideal Background Education Qualifications Languages English Experiences Industry/ Business Exposure Project Management Working in multinational context and across countries Competencies 2/3 Applied Business Insights Managing Change Organizational Savvy Stakeholder Engagement Technical / Functional Skills Knowledge Consulting IT Governance Infrastructure Management Strategic thinking and planning