Director, IT Risk Management Policy and Audit Support Job - United States
Want to know company name or location? Company managed [?]
Merck & Co., Inc. Kenilworth, N.J., U.S.A. known as Merck in the United States and Canada, is a global health care leader with a diversified portfolio of prescription medicines, vaccines and animal health products. Today, we are building a new kind of healthcare company – one that is ready to help create a healthier future for all of us.
Our ability to excel depends on the integrity, knowledge, imagination, skill, diversity and teamwork of an individual like you. To this end, we strive to create an environment of mutual respect, encouragement and teamwork. As part of our global team, you’ll have the opportunity to collaborate with talented and dedicated colleagues while developing and expanding your career.
Given the exponentially increasing cybersecurity threat and complexity of those threats (including espionage, criminals, hactavists, and internal threats), the demands of the information security risk management organization have increased dramatically. Worldwide governmental legislation and regulatory risk is increasing (ex. President Obama's Cybersecurity executive order and EU Privacy laws). In response, and as a critical component of the IT transformation, the ITRMS has consolidated security activities across IT and is designing a new organization that requires leadership positions with large scope & responsibility.
The Policy and Audit Support role will be responsible for creating an IT policy governance process and to align it with our enterprise policy governance process. To foster a strong culture of information risk management and security across all divisions and provide world class services and expertise that allow the business to operate in a risk informed and risk adjusted environment. This role will lead efforts globally and assist in the creation of a comprehensive set of policies and procedures as well as the facilitation, monitoring and metrics related to business continuity planning and audits.
Primary responsibilities are required, but not limited to:
- Creating a Policy Governance Framework and alignment with enterprise policy governance process
- Execution & Communication of Policy Updates to ITRMS and broader IT organizations
- Policy Alignment with Regulations & Industry standards/frameworks (IEEE, NIST, ISO)
- Internal Audit (including SOX 404 Testing) Facilitation, Notification, Planning & Metrics
- Business Continuity Plan Monitoring and Metrics
- Engaging frequently with Divisional IT Team’s to assist in the communications of IT policies and procedures
- Ensuring compliance of company policies, procedures and external regulations.
- Avoid, Mitigate & Reduce regulatory, security and policy compliance risks
- Support a positive culture change through continuous monitoring, awareness, education, partnering with industry standard leaders and promoting best practices
- Ensuring the division creates Business Continuity Plans for the most critical systems
- Follow-up of divisional audits in coordination with the division
- Minimum of a Bachelors' degree is required
- Require at least 10 years of cyber or risk management background
- Strategic planner and executive leader with cyberspace expertise
- Extensive experience in developing strategic plans, policies and operations procedures
- Superior collaboration, written and communications skills.
- Ability to collaborate well in a matrix environment, ‘enterprise leader’
- Significant experience in leading cross-functional project teams with limited direct line responsibility and exceptional project management skills
- Ability to manage through complexity and ambiguity
- Risk certification credentials desired but not mandatory
- End to End mindset – a relentless ability to connect people, processes and information.
- Awareness of relevant industry business, information and technology trends, in and out of pharma
Our employees are the key to our company’s success. We demonstrate our commitment to our employees by offering a competitive and valuable rewards program. Our Company’s benefits are designed to support the wide range of goals, needs and lifestyles of our employees, and many of the people that matter the most in their lives. If you need an accommodation for the application process please email us at email@example.com.
Search Firm Representatives Please Read Carefully:
Merck & Co., Inc. is not accepting unsolicited assistance from search firms for this employment opportunity. Please, no phone calls or emails. All resumes submitted by search firms to any employee at Merck via email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of Merck. No fee will be paid in the event the candidate is hired by Merck as a result of the referral or through other means.
Visa sponsorship is not available for this position.
For more information about personal rights under Equal Employment Opportunity, visit:
EEOC GINA Supplement
Merck is an equal opportunity employer, Minority/Female/Disability/Veteran – proudly embracing diversity in all of its manifestations.
Job: Service Delivery/Management
Job Title:Dir, Service Delivery/Management
Primary Location: NA-US-NJ-Branchburg
Other Locations: NA-US-PA-West Point
Employee Status: Regular
Travel: Yes, 20 % of the Time
Number of Openings: 1
Shift (if applicable): 1st
Company Trade Name:Merck
Job Segment: Audit, Risk Management, Manager, Internal Audit, Law, Finance, Management, Legal