IT Audit Specialist

Position Summary:

We are seeking an experienced and dynamic Specialist in IT Risk, Audit, and Compliance to join our global Informatics community — a team of smart, engaged professionals from diverse functional backgrounds. Guided by our core values of passion, courage, integrity, and gratitude, you will play a pivotal role in ensuring our products, systems, and processes remain secure, compliant, and aligned with evolving regulations and best practices.

This position requires a unique combination of regulatory expertise, technical acumen, stakeholder management, and a collaborative mindset. You will lead and advise on compliance frameworks, risk management, and audit processes, while fostering a culture of innovation and continuous improvement.

Key Responsibilities:

• Act as the liaison between audit host managers, subject matter experts, auditors, and senior stakeholders to ensure audit actions and remediations are effectively documented, tracked, and completed.
• Partner with cross-functional global teams and external collaborators to identify needs, align expectations, and maintain a collaborative environment across multiple concurrent projects.
• Drive process improvement by streamlining existing procedures and encouraging creativity, experimentation, and innovation in compliance practices.
• Manage relationships with business partners, functional leaders, and subject matter experts, ensuring alignment on priorities and expectations.
• Analyze both internal and external organizational structures to assess security, compliance, and operational risks (e.g., internal teams vs. external partners collaborating on shared systems).
• Maintain current knowledge of global health authority governance and regulations, including but not limited to:
• Data Privacy & Security: EU GDPR, CCPA, HIPAA
• Medical Device & Pharma Regulations: MDR, 21 CFR Part 11, ISO 13485, ISO 14971
• Risk & Quality Standards: ISO 19011, ISO/IEC 27001, ISO 31000, ISO 42001, ICH Q9, ICH Q10
• Frameworks: NIST RMF, COSO, COBIT, ISACA Audit & Risk Programs

Ideal Candidate Profile:

• Proven ability to navigate complexity in a large, global organization.
• Track record as a problem solver and change leader, capable of addressing high-impact challenges.
• Skilled in relationship building and influencing stakeholders at all organizational levels.
• Pragmatic, big-picture thinker who can connect technical detail with business outcomes.
• Strong security background with practical experience in information security and security frameworks.
• Ability to assess risks in both internal corporate structures and external vendor/partner organizations.
• Experience using and managing workflows in ServiceNow.

Qualifications & Experience:

• Bachelor’s degree in Life Sciences, Informatics, Quality, or related field (Master’s degree or post-graduate studies preferred).
• 5+ years of relevant experience, with domain expertise in pharmaceutical industry internal and external audit management.
• Professional certifications highly desirable, such as:
• Audit & Risk: CISA, CIA, CRISC, ISO 31000 Risk Manager, ISO/IEC 27001 Lead Auditor
• Privacy & Security: IAPP (CIPP/E, CIPP/A), CISSP
• Strong understanding of security, privacy, ISO 27001, and compliance audit requirements.
• Knowledge of computerized system validation processes and third-party software/service provider compliance in regulated industries.
• Excellent communication skills, with the ability to convey complex topics clearly to executive stakeholders.
• Experience with security frameworks and governance processes across multiple organizational levels.
• Demonstrated leadership in cross-functional environments and ability to deliver innovative solutions to complex business problems.
• Proven problem-solving, decision-making, and customer-focused approach.
• Ability to rapidly learn business priorities in unfamiliar or ambiguous contexts.
• Evidence of adopting and applying innovative methodologies to compliance and risk management.