Senior Security, Privacy and Compliance Manager

Switzerland, Basel-City, Basel Headquarter

defresrutritptzhja

• Job facts

At Roche, we believe it’s urgent to deliver medical solutions right now – even as we develop innovations for the future. We are passionate about transforming patients’ lives. We are courageous in both decision and action, we believe that good business means a better world.

We are committed to delivering the best possible diagnostic solutions to improve people's lives. We believe sustainable healthcare depends on diagnostics, and as the leader in the industry, we continue to shape healthcare delivery, to optimize healthcare resources, and to ultimately benefit society as a whole.

Roche Diagnostics has built a new strategic area charged with creating a modern portfolio of decision support software products that change the way patients are cared for. Our challenge is to bring together complex diagnostic and treatment data from medical devices and IT systems within a hospital and intelligently process and present this data to clinicians, researchers, and caregivers to improve research outcomes and patient care. Would you like to become a part of this? We are searching for a Senior Security, Privacy and Compliance Manager to support our Basel-based team.

Your main responsibilities would be:

Leadership Responsibilities

• Lead consultant to internal (including cross-departmental heads within dis, Roche Affiliates) and external partners (current and/or potential customer representatives, including Information Security Professionals and physicians)


• Provide oversight and direction for roll-out of DIS products in EMEA region.


• Responsible for governance of DIS risk management program and collaborates with other Roche organizations and/or Business Areas.


• Primary accountability for project-level decisions and corrective actions.

Risk Management:

• Develop and maintain an information risk assessment schedule for all information assets in DIS


• Work with groups within and outside DIS to identify and categorize areas of information risk involving customer/confidential data, systems and processes


• Assist in gathering risk related data from internal and external resources


• Prepare information risk assessments founded on the Information Risk Management Program guidelines


• Direct and coordinate efforts to formulate risk mitigation plans based on the findings in the assessments


• Track, measure, and report on the status of risk mitigation efforts resting on the mitigation plans


• Produce and provide reports and presentations that outline findings, explain risk positions and recommend changes.


• Assist in the development of policies and procedures to integrate risk management practices into daily operations.


• Recommend ways to effectively manage or reduce information risk.

Audit & Compliance:

• Perform general and application control reviews for DIS products


• Knowledge of IT security and data privacy best practices and familiarity with security policies as applicable to Cloud


• Experience with cloud security and compliance tools.


• Perform information control reviews to include system development standards, operating procedures, system security, programming controls, communication controls, backup and disaster recovery, and system maintenance.


• Perform internal control procedures and security review for systems under development and/or enhancements to current systems


• Draft and present audit finding memoranda w. working papers, concise controls assessment and systems testing reports (both narrative and table based).


• Validate proper documentation for completed audit and assessment results.


• Assess and revise client documented information security and technology policies, procedures and practices


• Maintain and modify assessment methodology in accordance with applicable standards.


• Manage vendor assessment response process, facilitate compliance and acquire/maintain related certifications as dictated by the business needs


• Ongoing audit advisory, information security compliance and governance advisory.


• Maintain a current understanding of relevant state-of-the-art technology, equipment, systems and the cybersecurity threat landscape.


• Develop and manage internal procedures, policies and processes to ensure compliance


• Interact with customers/customer support teams in response to inquiries, concerns, and service requests.


• Build positive working relationships with customers


• Serve as a liaison with vendors and other 3rd party providers.

Who You are

You’re someone who wants to influence your own development. You are wanting to work for a company where you receive the opportunity to pursue your interests across functions and geographies. Working in a multi-cultural environment motivates you. As fast learner you actively drive the quality of the requirements.

To be successful in this role, we believe you need 5+ years related work experience in execution and assessment of information security, privacy, risk management and compliance practices in medium to large enterprise organizations. Healthcare software experience is an advantage, related experience in the Medical Diagnostic Industry or experience with clinical workflow solutions or in a clinical environment are a plus.

Education:

• BS in science, engineering or relevant area of study is required, Master's degree is a plus

What other qualifications do you need in your toolbox?

• Technical expertise in cybersecurity and privacy, specifically for Cloud environments


• Effective at collaborating with various internal functions across multiple geographic locations


• Effective at producing high quality results


• Effective at articulating security and privacy compliance

Are you ready to apply? We want someone who thinks beyond the job offered - someone who knows that this position can be a rare springboard to many other opportunities at Roche.

Roche embraces diversity and equal opportunity in a serious way. We are dedicated to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be.

For questions please call the Recruiting Team Switzerland: +41616822550

• Who we areAt Roche, 94,000 people across 100 countries are pushing back the frontiers of healthcare. Working together, we’ve become one of the world’s leading research-focused healthcare groups. Our success is built on innovation, curiosity and diversity.
  
  Roche is an equal opportunity employer.


• Job facts
  
  
  
  • Location Switzerland, Basel-City, Basel Headquarter
  
  
  • Function Information Technology
  
  
  • Subfunction Data Security & Protection
  
  
  • Schedule Full time
  
  
  • Job level Individual contributor
  
  
  • Job type Regular
  
  
  • Division Diagnostics
  
  
  • Posted since 2018/10/02
  
  
  • Posted until 2018/10/30
  
  
  • Job-ID 201808-119232
  
  


• Get in touchMrs. Pelin Babacan


• You could also like these jobs

  Solution Owner Req and Test Mg Services

  Switzerland, Zug, Rotkreuz RDI

  Senior Security Engineer - Red Team

  Switzerland, Aargau, Kaiseraugst FHLR

  Vendor Governance Analyst

  Switzerland, Zug, Rotkreuz RDI