Sr. Manager, Governance Risk and Compliance

Company: GlaxoSmithKline
Location: Philadelphia
Posted on: May 16, 2022

Job Description:

Standort: USA - Pennsylvania - PhiladelphiaDatum: Mar 23 2022As a Sr. Manager, Governance Risk and Compliance, you will be responsible for providing management and day to day support to the TSR - GRC Director for Governance, Risk & Compliance activities across the assigned business unit ensuring that Tech risks & controls from project inception to support within their business unit are identified, prioritized, effectively managed, and monitored. - Additionally this role should work within the business unit to ensure Tech follows the required internal and external compliance standards and delivers a reduction in the overall risk profile for our customers.This role will provide YOU the opportunity to lead key activities to progress YOUR career. These responsibilities include some of the following:The role encompasses the following 5 responsibilities :

• Risk Management
• Quality & Compliance (including Operations, Program/Product and Project support)
• IBM/MM monitoring
• Audit Support
• Information Policy Formation
• GRC ConsultingRisk Management
  • Contribute to identification and initiation of Risk mitigation projects to address significant risks impacting a Business unit, using Smart Controls assessments
  • Facilitate risk identification and risk discussions within the business unit, both operational risk, product/project and strategic risk
  • Assist Tech Business Unit management to make risk informed decisions through a comprehensive Risk Dashboard
  • Raise and approve(where necessary) Policy Exceptions and significant Risks through RMS/Archer
  • Input into, review and enforce compliance within Tech Policies and Standards as required within Business Unit
    • Ensure emerging risks are identified and escalated appropriately and in a timely manner
      • Perform GRC requirements within third party framework
      • Support Product owners in the management of their project risks, ensuring risk identification process is embedded and operational
      • Ensure awareness of Computer Security Incident Response (CSIR) process and report suspected security breach
      • Partner with other TSR GRC and Security staff to deliver a continuous training and education program to ensure ongoing awareness on new and updated Policies and Standards within their Business Unit.Governance Risk & Compliance:
        • Contribute to maintenance of the Business Unit delivery and operational frameworks (Activities, deliverables, roles and responsibilities) and ensure alignment to ITMS
        • Monitor deliverable quality, ensure quality standards are being met for products/ projects, programs or operations within their remit, following a risk based approach, according to ITMS, Smart Controls assessments, local SOPs and projects PQPs
        • Contribute to providing Project Quality assurance oversight depending on the specific project risk profile, including specific assurance reviews as requested by stakeholders
        • Ensure Business Unit activities align with Regulatory requirements and liaise with Business Quality Groups to contribute to the overall GxP validation or Sox status of the business facing application systems or services
        • Contribute to ensuring Business Unit is keeping up with regulatory and legal requirements through a pro-active knowledge management program
        • Contribute to ensuring Sarbanes-Oxley compliance of Business Unit systems and applicable processes
        • Quality assurance over the system change control within the Business Unit
        • Supporting Product teams to maximize their velocity by right sizing their governance approachManagement Monitoring/Independent Business monitoring (MM/IBM)
          • Execute relevant self-inspection programs within remit through Management monitoring and Independent Business monitoring where requiredAudit Support
            • Contribute to ensuring Business Unit is ready to host external inspections from regulatory bodies (FDA, EMEA, tax authorities, external (Deloitte) and internal auditors (A&A, GCV,CSQA))
            • Support management of overall Business Unit inspection readiness activities and CAPAs in liaison with the business
            • Report status on CAPA's to Business Unit RMCBInformation Policy Formation
              • Work with the TSR GRC GxP lead/Controls owners and ITMS team to review and approve the policy, standards, procedures, guidance and training for compliance with relevant legislation and GSK Requirements.
              • Support reviews of the information systems for compliance with legislation and specifies any required changes within their Business Unit
              • Support the TSR GRC Director to implement policies, standards and procedures with aligned Tech BusinessGRC Consulting
                • Support various GRC planned or remediation activities consulting with Tech BU staff to deliver
                • Support implementation of relevant Management monitoring programs in Business Unit for processes not owned by TSR GRC
                • Partner with other TSR GRC staff to design a management monitoring and independent business controls monitoring schedule. Work with TSR IBM team to Plan, execute, report agreed IBM controls monitoring, including controls in-scope for Sarbanes-Oxley, independently from Process owners
                • Provide interpretation and results updates at Business Unit RMCBWhy you?Basic Qualifications: We are looking for professionals with these required skills to achieve our goals:
                  • Bachelor's Degree in Information Technology, Business Technology, Computer Science
                  • 7+ years experience in Risk Management, Quality Assurance and Compliance in a pharmaceutical environmentPreferred Qualifications: If you have the following characteristics, it would be a plus:
                    • Master's in Information Security or related field
                    • Certifications in CISA, CISM, CISSP
                    • Experience with GXP, SOX and Data Privacy RegulationsWhy GSK? Our values and expectations -are at the heart of everything we do and form an important part of our culture.These include Patient focus, Transparency, Respect, Integrity along with Courage, Accountability, Development, and Teamwork. As GSK focuses on our values and expectations and a culture of innovation, performance, and trust, the successful candidate will demonstrate the following capabilities:
                      • Agile and distributed decision-making - using evidence and applying judgement to balance pace, rigor and risk
                      • Managing individual and team performance.
                      • Committed to delivering high quality results, overcoming challenges, focusing on what matters, execution.
                      • Implementing change initiatives and leading change.
                      • Sustaining energy and well-being, building resilience in teams.
                      • Continuously looking for opportunities to learn, build skills and share learning both internally and externally.
                      • Developing people and building a talent pipeline.
                      • Translating strategy into action - a compelling narrative, motivating others, setting objectives and delegation.
                      • Building strong relationships and collaboration, managing trusted stakeholder relationships internally and externally.
                      • Budgeting and forecasting, commercial and financial acumen.*LI-GSK*LI-RIf you require an accommodation or other assistance to apply for a job at GSK, please contact the GSK Service Centre at 1-877-694-7547 (US Toll Free) or +1 801 567 5155 (outside US).GSK is an Equal Opportunity Employer and, in the US, we adhere to Affirmative Action principles. This ensures that all qualified applicants will receive equal consideration for employment without regard to race, color, national origin, religion, sex, pregnancy, marital status, sexual orientation, gender identity/expression, age, disability, genetic information, military service, covered/protected veteran status or any other federal, state or local protected class.At GSK, the health and safety of our employees are of paramount importance. As a science-led healthcare company on a mission to get ahead of disease together, we believe that supporting vaccination against COVID-19 is the single best thing we can do in the US to ensure the health and safety of our employees, complementary workers, workplaces, customers, consumers, communities, and the patients we serve. -GSK has made the decision to require all US employees to be fully vaccinated against COVID-19, where allowed by state or local law and where vaccine supply is readily available. The only exceptions to this requirement are employees who are approved for an accommodation for religious, medical or disability-related reasons.Important notice to Employment businesses/ AgenciesGSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, GSK may be required to capture and report expenses GSK incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure GSK's compliance to all federal and state US Transparency requirements. For more information, please visit GSK's Transparency Reporting site.

Keywords: GlaxoSmithKline, Philadelphia , Sr. Manager, Governance Risk and Compliance, Executive , Philadelphia, Pennsylvania