Novartis Pharmaceuticals INFORMATION SECURITY MANAGER in Fort Worth, Texas

Job ID 198438BR


Division NBS

Business Unit IT NBS

Country USA

Work Location Fort Worth, TX

Company/Legal Entity Novartis Corporation

Functional Area Information Technology

Job Type Full Time

Employment Type Regular

Job Description Information Security Manager

Position Purpose

The IGM Manager ensures activities to design, develop and implement IT infrastructure services are continuously maturing and satisfy the requirements of the organization and the business. The role expects planning and execution of following baseline role including quality, security and maturation are carried out according to all laws, regulatory requirements, and internal policies applicable. Oversee and evaluate change initiatives in the IS organization are delivering sustainable solutions from compliance and security perspective. Challenge and influence where risks per the executing the roles as applicable could lead to (Governance, Security Risk or Compliance) GRC issues in future.

IGM Manager Baseline Role: Systematically ensures implementation and monitoring of IGM activities to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the Novartis Organization. Defines the process strategy. Quality Manager: The Quality Manager systematically ensures that all the activities necessary to design, develop, deploy, operate and retire IT services satisfy IGM requirements.

Major Accountabilities

Project and Operations Quality Manager:

• Supports the project throughout project delivery by ensuring project compliance with IGM requirements. Information Lifecycle Manager:

• The Information Lifecycle Manager assumes responsibility for the optimal design, delivery and deployment of processes, practices and other activities to ensure security of information throughout its lifecycle.

IT Service Continuity (ITSC) Manager:

• The IT Service Continuity Manager assumes responsibility for the optimal design, delivery and deployment of IT Systems, processes and practices to ensure IT Service Continuity including Disaster Recovery (DR).

IGM Controls Assessor:

• The IGM Controls Assessor evaluates the maturity of IGM controls. SOX IT Coordinator: Ensures compliance of information systems with Sarbanes-Oxley IT requirements.

Information Risk Manager:

• The Information Risk Manager is responsible for managing information risks (threats, vulnerabilities, impact) in the assigned Novartis Organization.

• This includes identifying threats to information and evaluating how vulnerable information is to threats.

Process Owner:

• For IGM owned Processes. Sponsors, designs and manages change to the process and its metrics. Process Manager:

• Responsible for the operational management of a process.

• The Process Manager's responsibilities include planning and coordination of all activities required to carry out, monitor and report on the process. Resource Manager:

• The Resource Manager receives the Demand, ensures available Capacity for the demand, and ensures up to date Resource Management Database and Resource Management Process.

• Ability to influence in geographically spread environment.

• Learning agility to understand and operate in matrix environment of projects/operations and IGM organization

• Information risk and compliance status proactively monitored and improved to ensure reduction of critical audit findings.

• Be personally accepted by business management. •Quality of relationships with business partners, e.g. account management and within service management teams.

EEO Statement

The Novartis Group of Companies are Equal Opportunity Employers and take pride in maintaining a diverse environment. We do not discriminate in recruitment, hiring, training, promotion or any other employment practices for reasons of race, color, religion, gender, national origin, age, sexual orientation, marital or veteran status, disability, or any other legally protected status.

Minimum requirements


Higher education, such as a degree in information technology (IT) and/or relevant business education. ITIL Certification and ISACA Certification.


•Master’s degree. ISO 9001 Cert

•10+ years of working experience in IT and/or risk management (preferably in management positions). •Excellent understanding and knowledge of general IT, project management and compliance domains. •Demonstrated leadership skills with the ability to manage geographically or functionally dispersed teams. •Working experience with a broad range of information security, data protection, quality standards and best practices, such as ISO 27000, ISO 9001, CobiT, GxP/CSV, and ITIL.

•Fluency (oral and written) in English, other languages an asset. Key Performance Indicators Education Experience