Duties And Responsibilities
- Collaborate with GRC and IT Leadership to:
o Establish governance objectives
o Develop and maintain policies and procedures in a manner that drives compliance
o Facilitate and support assessments, to enable risk identification
o Develop, maintain and present associated GRC program metrics
- Support the GRC Function through:
o Facilitation of Assessments including; Internal Audits, Support of External Audits, and Escalation of Assessment Findings
o Facilitation and successful closure of Occurrence Management objectives including Customer Complaints, Incidents and CAPA through use of root cause or other analysis tools
- Verify the effectiveness of implemented corrective actions to prevent the recurrence of issues.
- Drive the Policy Exception program, including review and collaboration with process owners on exception requests and communication of exception expiry.
- Review IT Controls, as needed.
Qualifications
- BA/BS (Information Technology, Scientific, Business Administration or related field preferred).
- 2+ years of related experience working as governance, risk management, compliance or quality management professional in a regulated industry.
Knowledge, Skills & Abilities
- Working knowledge of some, or all of ISO, NIST, HIPAA, FDA, Data Protection Regulations and Standards (e.g. NIST 800-53r4, ISO27001, ISO 9001, ISO 13485, 21 CFR 820, GDPR)
- Experience as a lead auditor and / or member of an auditing team
- Results-driven with excellent organization, prioritization, and time management skills
- Excellent written and verbal communication skills, with proven ability to effectively communicate within a regulated environment
- Ability to operate independently and as part of a team through collaboration and use of proven leadership skills
- Commitment to continuous improvement principles
- Operational Excellence/Six Sigma/LEAN/Project Management training or certifications is a plus