Filter these job results to find a perfect match.
  • Keywords can include skills or a job number. If using multiple keywords, insert ‘or’ or ‘and’ between for best results (e.g. Java or Oracle)
  • Advanced Options...
  • X

Director, IT Compliance

  • Location: Somerset, NJ
  • Start Date: 1/13/2020
  • Job ID: 20-00019
  • Posting Date: 1/13/2020
  • Job Type: Direct Placement
Continue to apply for this job >
This position is responsible for leading the Information Security (InfoSec) and Compliance portfolio. The role involves performing activities in support of creating and maintaining systems compliance such as GxP (Good X Practices), HIPAA, Privacy, SOX, Information Security controls and other contractual compliance requirements.

Develop, maintain and enhance risk & security management plan and provide periodic updates to the management and business leaders on the information risk and security compliance.
Lead the implementation of contractual compliance requirements including GxP, HIPAA, Information Security, SOX and Privacy controls.
Ensure all IT systems, policies and procedures fully comply with applicable regulations and the master service agreement signed for the client engagement. Develop and monitor security & quality metrics; track CAPAs.
Monitor and evaluate security measures to protect against reasonably anticipated threats or hazards to the privacy, security or integrity of sensitive information. Review security exceptions for the engagement and identify risks.
Collaborate directly with internal and client senior management for all things related to InfoSec solution development, assessment and implementation.
Prepare and implement effective security and quality compliance SOPs and training for employees to ensure that any changes in regulations are applied and communicated in a timely manner.
Represent company during client, FDA audits & customer visits for Information Security and GxP Compliance Assessments.
Conduct periodic internal and vendor InfoSec and GXP compliance audits, prepare reviews, reports and reconciliation.
Lead the effort to create, manage, and maintain CSV (Computer Systems Validation) of the servers which fall under GxP regulatory requirements. Develop and maintain IT GxP compliance and infrastructure documentation.
Develop and establish quality assurance standards and measure for the information technology services within the organization.
Assure compliance with GxP (cGMP, GCP, GLP), HIPAA requirements.
Track the creation of, review and approve Validation Test Plan (VTP), Validation Summary Report (VSR), Installation Qualifications (IQ), Operational Qualifications (OQ) and Performance Qualifications (PQ) and other GxP documents.
Prepare Validation package per policy and procedure to support the validation of an application/system for Go-Live per SDLC, CSV, Annex 11, FDA 21 CFR Part 11, and GxP (GCP/GMP/GLP) standards.

The above duties are meant to be representative of the position and not all-inclusive.

Bachelor's degree in Computer Science or equivalent certification is required.
Minimum 5 years of experience in information security (InfoSec), preferably in the Life Sciences field.
Minimum 5 years of experience in FDA GxP, HIPAA and security controls implementation and monitoring.
Security certifications desired such as CISA, CISSP, CISM, CRISC.
In-depth understanding of network and system security technology and practices across all major-computing areas (Servers, Networks, client/server etc.)
Ability to interact with all levels of management.
Minimum 5 years of experience in implementing and auditing quality and CSV in GxP environment.
Excellent knowledge of cGMPs, FDA and EMEA guidelines including 21 CFR Part 11.
Deep insight of best practice standards such as ISO 27001, SOC, NIST are required

Excellent organizational; verbal and written communication skills
People management experience preferred

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Posted by Matthew Lemay