Senior GRC Manager

Senior GRC Manager

GlaxoSmithKline Pte Ltd
12-15 years
Not Specified

Job Description


Job Description :
Site Name: Bengaluru Luxor North Tower Posted Date: Nov 19 2021 Why Consumer Healthcare Right now, we're on an incredible journey as we prepare to become the first independent, 100% focused consumer healthcare company. We're doing this at a time when the work we do has never mattered more. Better everyday health is about improving the health and wellness of the consumers that we touch every year - over a billion and a half of them - and it goes beyond products. It's about truly helping people manage their health proactively in different ways as consumer needs evolve. With category leading brands such as Sensodyne, Voltaren and Centrum, built on trusted science and human understanding, and combined with our passion, knowledge and expertise, we're uniquely placed to do this and to grow a strong, successful business. This is an exciting time to join us and help shape the future. It's an opportunity to be part of something special. Diversity, Equity and Inclusion In Consumer Healthcare we embrace our diverse workforce by creating an inclusive environment that celebrates our unique perspectives, generates curiosity to create unmatched understanding of each other, and promotes fair and equitable outcomes for everyone. We're striving to create a climate where we celebrate our diversity in all forms by treating each other with respect, listening to different viewpoints, supporting our communities, and creating a workplace where your authentic self belongs and thrives. This role will provide YOU the opportunity to lead key activities to progress YOUR career. These responsibilities include some of the following. The role is responsible for providing management and day to day support to the TSR - GRC Director for Governance, Risk & Compliance activities across the assigned business unit ensuring that Tech risks & controls from project inception to support within their business unit are identified, prioritized, effectively managed, and monitored. Additionally, this role should work within the business unit to ensure Tech follows the required internal and external compliance standards and delivers a reduction in the overall risk profile for our customers The role may or may not have a number of TSR GRC Managers or TSR GRC Specialists reporting into it, as well as multiple matrix relationships across Tech, other business functions and the external supplier base. This role will also work with a Managed Service group of team members. This role description forms a generic outline of the TSR GRC Manager role. Particular roles could encompass some, but not all elements and may focus on particular areas, e.g., Programme rather than Operations. The TSR GRC Manager may support one or more Tech Business Units. Key Responsibilities: The role encompasses the following 5 core responsibilities: Risk Management Quality & Compliance (including Operations, Programme/Product and Project support) IBM/MM monitoring Audit Support Information Policy Formation GRC Consulting Risk Management Contribute to identification and initiation of Risk mitigation projects to address significant risks impacting a Business unit, using Smart Controls assessments Facilitate risk identification and risk discussions within the business unit, both operational risk, product/project and strategic risk Assist Tech Business Unit management to make risk informed decisions through a comprehensive Risk Dashboard Raise and approve (where necessary) Policy Exceptions and significant Risks through RMS/Archer Input into, review and enforce compliance within Tech Policies and Standards as required within Business Unit Ensure emerging risks are identified and escalated appropriately and in a timely manner Perform GRC requirements within third party framework Support Product owners in the management of their project risks, ensuring risk identification process is embedded and operational Ensure awareness of Computer Security Incident Response (CSIR) process and report suspected security breach Partner with other TSR GRC and Security staff to deliver a continuous training and education programme to ensure ongoing awareness on new and updated Policies and Standards within their Business Unit. Governance Risk & Compliance: Contribute to maintenance of the Business Unit delivery and operational frameworks (Activities, deliverables, roles and responsibilities) and ensure alignment to ITMS Monitor deliverable quality, ensure quality standards are being met for products/ projects, programmes or operations within their remit, following a risk-based approach, according to ITMS, Smart Controls assessments, local SOPs and projects PQPs Contribute to providing Project Quality assurance oversight depending on the specific project risk profile, including specific assurance reviews as requested by stakeholders Ensure Business Unit activities align with Regulatory requirements and liaise with Business Quality Groups to contribute to the overall GxP validation or Sox status of the business facing application systems or services. Contribute to ensuring Business Unit is keeping up with regulatory and legal requirements through a pro-active knowledge management programme Contribute to ensuring Sarbanes-Oxley compliance of Business Unit systems and applicable processes Quality assurance over the system change control within the Business Unit Supporting Product teams to maximise their velocity by right sizing their governance approach Management Monitoring/Independent Business monitoring (MM/IBM) Execute relevant self-inspection programmes within remit through Management monitoring and Independent Business monitoring where required Support implementation of relevant Management monitoring programmes in Business Unit for processes not owned by TSR GRC Partner with other TSR GRC staff to design a management monitoring and independent business controls monitoring schedule. Work with TSR IBM team to Plan, execute, report agreed IBM controls monitoring, including controls in-scope for Sarbanes-Oxley, independently from Process owners Provide interpretation and results updates at Business Unit RMCB Audit Support Contribute to ensuring Business Unit is ready to host external inspections from regulatory bodies (FDA, EMEA, tax authorities, external (Deloitte) and internal auditors (A&A, GCV,CSQA)) Support management of overall Business Unit inspection readiness activities and CAPAs in liaison with the business Report status on CAPA's to Business Unit RMCB Information Policy Formation Work with the TSR GRC GxP lead/Controls owners and ITMS team to review and approve the policy, standards, procedures, guidance and training for compliance with relevant legislation and GSK Requirements. Support reviews of the information systems for compliance with legislation and specifies any required changes within their Business Unit Support the TSR GRC Director to implement policies, standards and procedures with aligned Tech Business GRC Consulting Support various GRC planned or remediation activities consulting with Tech BU staff to deliver We are looking for professionals with these skills to achieve our goals. If you have them, we would like to speak to you. BSc Information Technology, BSc Business Technology 12+ years experience experience in a combination of Risk Management, Quality Assurance and Compliance function in a Pharmaceutical environment. Demonstrable experience of successfully managing Assurance or operational activities within a Business Unit Current knowledge of how ERP solutions support business processes to that business unit Strong understanding of the regulatory trends in the Pharmaceutical industry is foundational to success in this role Proven management experience of cross functional teams located globally Certifications - CIRC or CISA (any of them) Proven line management experience in prior roles, if role requires line management Awareness of the regulatory trends within the Pharmaceutical industry Understanding of ITMS, Smart Controls and how a business unit deploys this methodology Experience of operating in an international environment with tact, diplomacy and cultural sensitivity Experience in interpreting policies, procedures and processes for ensuring compliance with risk management programs Knowledge of Tech Support processes, such as ITIL Good knowledge of Software Quality Assurance Knowledge of Information security standards (e.g. ISO27001) and Privacy Regulations Understanding of Agile, Kanban and Scrum basics Learning agility, including participating in #godigital learning and ensuring they keep up to date with GRC and Security trainings Good understanding of emerging technology risks e.g. cloud (SAAS, PAAS and IAAS), Automation etc Knowledge of a combination of the following: Cyber - NIST, CSA GxP - FDA, Code of Federal Regulations Title 21 Part 210 (Current Good Manufacturing Practice in Manufacturing Processing, packing, or Holding of Drugs) & 211 (Current Good Manufacturing Practice for Finished Pharmaceuticals) and MHRA - rules and guidance for pharmaceutical distributors Sox - Sarbanes Oxley Act of 2002 Privacy - EDPB guidelines (Data Protection by Design and by Default) Why GSK Our values and expectations are at the heart of everything we do and form an important part of our culture. These include Patient focus, Transparency, Respect, Integrity along with Courage, Accountability, Development, and Teamwork. As GSK focuses on our values and expectations and a culture of innovation, performance and trust, the successful candidate will demonstrate the following capabilities. #GSKIndia_TechConsumer *LI-GSK Our goal is to be one of the world's most innovative, best performing and trusted healthcare companies. We believe that we all bring something unique to GSK and when we combine our knowledge, experiences and styles together, the impact is incredible. Come join our adventure at GSK where you will be inspired to do your best work for our patients and consumers. A place where you can be you, feel good and keep growing. Important notice to Employment businesses/ Agencies GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site. It has come to our attention that the names of GlaxoSmithKline or GSK or our group companies are being used in connection with bogus job advertisements or through unsolicited emails asking candidates to make some payments for recruitment opportunities and interview. Please be advised that such advertisements and emails are not connected with the GlaxoSmithKline group in any way. GlaxoSmithKline does not charge any fee whatsoever for recruitment process. Please do not make payments to any individuals / entities in connection with recruitment with any GlaxoSmithKilne (or GSK) group company at any worldwide location. Even if they claim that the money is refundable. If you come across unsolicited email from email addresses not ending in gsk.com or job advertisements which state that you should contact an email address that does not end in 'gsk.com', you should disregard the same and inform us by emailing [Confidential Information], so that we can confirm to you if the job is genuine.

Similar Jobs

Career Advice to Find Better