Independent Control Assessment Specialist

Job Description Summary

As an Independent Control Assessment Specialist, you will perform Control Maturity Assess-ments (CMA), identifying Information Management control gaps and risks across the technol-ogy organization ensuring the technology application team assessed periodically and pre-pared for inspections, internal and external audits.

Your primary responsibility will be to coordinate all CMA activities across the technology organization, working closely with technology stakeholders to maintain compliance and improve audit readiness.

Job Description

Position Purpose:

Your primary responsibility will be to coordinate all CMA activities across the technology organization, working closely with technology stakeholders to maintain compliance and improve audit readiness. Support Sandoz technology team to meet the organization’s needs for: 

Your Key Responsibilities: 

Your responsibilities include, but not limited to: 

• Control Maturity Assessments: Perform CMA Assessments against the defined plan & complete them as per service levels. Take responsibility to ensure adherence with Security and Compliance policies and procedures within ISRC. Perform comprehensive CMA assessments of IMF controls across the technology organization. Identify control gaps, weaknesses, potential risks and areas for improvement as part of CMA assessments. Document the assessment observations and recommendations in the prescribed format. Clearly articulated gaps and potential risks emerging for the assessment. Contribute and review CMA procedures and provide feedback to improve
•  Post Assessment Tracking & Support: Work closely with technology stakeholder teams to develop action plans for gaps / issues remediation plan with clear timelines. Review remediation evidence and ensure they are fulfilling with IMF, organizational controls and regulatory requirements 
• CMA, Training & Reporting​: Contribute to training programs, materials, and online resources for reference and self-paced learning focusing on CMA. Ensure all the assessment reports are uploaded and maintained within the CMA tool/repository

What you’ll bring to the role: 

Essential Requirements: 

• Big 4 IT audit/assessment 3-5 experience or 5-7 years of experience working on IT General Control testing / Internal audit and IT compliance functions in major corporate organizations. Control Testing experience with industry standards like ISO 27001, SOC 1, SOC 2, ITGC Controls, GxP etc.
• Candidates should have strong audit / security assessment hands-on experience and risk management functions.
• Working understanding of tools like MetricStream, SERVICENOW, etc and Infrastructure Technologies (UNIX, AIX, Windows, Database - SQL, Oracle, Networking concepts, Security tools, Etc.
• Excellent communication and interpersonal skills, with the ability to effectively collaborate and influence stakeholders at all levels of the organization.
• Team player with the ability to engage effectively with associates, external partners, and other stakeholders.
• Bachelor’s degree in information technology, Business Administration,
• Additional professional certifications (such as CIA, CISA, CISSP, Security+) are preferred.

Why Sandoz? 

Sandoz is the global leader in Biosimilar and Generic medicines, a segment of the healthcare industry that delivers 80% of the world’s medicines at 30% of the cost, touching the lives of more than 1 billion people across 100+ countries! While we are proud of our achievements, we have an ambition to do more so that everyone can achieve the basic human right of good health. 

With investments in new development capabilities, production sites, new acquisitions, and partnerships, we have the opportunity to shape the future of Sandoz and help even more people gain access to low-cost, high-quality medicines, sustainably.  

Our momentum is powered by an open, collaborative culture driven by our talented and ambitious colleagues, who, in return for applying their skills, experience an agile and collegiate environment with impactful careers, where diversity of thought is welcomed and where personal growth is supported!  

  

Join us, help us make healthcare fairer and faster.  

Commitment to Diversity & Inclusion:  

We are committed to building an outstanding, inclusive work environment and diverse teams representative of the patients and communities we serve. 

Skills Desired

Communication Skills, Compliance Audits, Compliance Management, Compliance Risk Assessment, Compliance Training, Influencing Skills, Quality Assurance