Information Technology Risk Management and Security has become an essential component of the current IT enterprise that provides IT & Automation support to the Pharmaceutical Research, Supply Chain and Marketing organizations.
Increased risks in both the information security (e.g. cyber threats, malware, etc.) and the regulated areas have required that staff possessing such skills is fully embedded within the IT organization.
The enterprise is now dependent on these security and compliance experts for identifying, escalating and remediating such IT Risks in a timely and efficient manner.
Also, emerging technologies like cloud, mobility and data analytics require strong IT Risk and Compliance early involvement.
We are seeking energetic, forward thinking professionals to join our Information Technology group in Prague as an IT Risk Management Lead.
This position will act as the primary contact, in the EMEA region for IT Risk Management topics.
You will have the opportunity to work on global teams to identify the biggest opportunities as well as tackle the biggest challenges at the intersection of healthcare, information and technology with a focus on cyber security.
Primary activities / responsibilities
Manage a small team of IT Risk Management professionals in Prague to ensure alignment with the global strategy.
Perform IT risk advisory and assessments for company stakeholders, their vendors and other 3rd party collaborators. This includes working with the IT organization and peer risk organizations (e.
g. Privacy, Physical Security, Supplier Management and Human Resources) to identify IT Risks globally and to provide consultative services to assess and prioritize those risks.
Ensure compliance with corporate information security policies and other industry standards.
Partner with global IT Risk Management and Security functions to perform IT security risk identification, prioritization and mitigation- treatment.
Contribute to enterprise-wide risk mitigation programs, processes and technologies focusing effort on identification of the highest risks.
Serves as an expert on IT Security and Compliance policies. Maintains current state awareness and understanding of internal and industry practices relative to IT security & compliance.
Knowledgeable of evolving trends, industry citations, etc.
Elevate IT security awareness in general and targeted audience within the organisation, service providers and other vendors
Required experience and skills :
The candidate must possess strong leadership qualities and work well in a highly diverse environment.
The candidate is expected to have excellent collaboration skills, communication, and conflict resolution skills. They must have proven ability to build strong working relationships within their organization and external to their organization.
The candidate must be self-motivated and act as an effective mentor for staff members
Familiarity with information security processes, solutions and products.
Solid technical understanding of IT, passion for problem solving and a desire to learn.
The candidate must be able to adapt and rapidly learn new technologies / technical concepts.
Technical knowledge and understanding of SDLC and GxP principles.
Experience in performing IT Risk Identification, Assessments, Treatment, Prioritization and advisory
Relevant professional certifications are desired, such as CRISC, CISA, CISM
Current Employees apply
Current Contingent Workers apply
Search Firm Representatives Please Read Carefully
Merck & Co., Inc., Kenilworth, NJ, USA, also known as Merck Sharp & Dohme Corp., Kenilworth, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities.
All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company.
No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place.
Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.
Employee Status : Regular
Relocation : No relocation
VISA Sponsorship :
Travel Requirements :
Flexible Work Arrangements :
Valid Driving License :
Hazardous Material(s) :