This site uses cookies. To find out more, see our Cookies Policy

Senior Information Security Analyst (R1023375) in Warsaw, PL at IQVIA™

Date Posted: 5/9/2019

Job Snapshot

Job Description

Join us on our exciting journey! IQVIA™ is The Human Data Science Company™, focused on using data and science to help healthcare clients find better solutions for their patients. Formed through the merger of IMS Health and Quintiles, IQVIA offers a broad range of solutions that harness advances in healthcare information, technology, analytics and human ingenuity to drive healthcare forward.

This is a key Compliance role within the global Information Security organization.  The individual fulfilling this role will partner closely with IT professionals both within the core CIO organization and those in the Global Business Units developing and supporting technology solutions used throughout our industry. The Compliance Analyst will ensure that IQVIA technology solutions and the underlying environments they run on adhere to the corporate Information Security control framework as well as globally recognized security standards and country regulations.

To support these objectives, responsibilities of the Compliance Analyst may include maintaining and expanding the online compliance resource library, aligning security control to authoritative sources such as ISO 27001 and HITRUST, tracking remediation of open audit findings and quality issues, verifying staff training and qualification, and monitoring the accuracy of the application portfolio. This work will include designing and running various reports, coordinating the activity of accountable stakeholders, and tracking follow-up.  In general, the Compliance Analyst will serve as an expert in the security controls and processes that support and enforce regulations, guidelines, policies and procedures, and supporting management in promoting and assessing compliance.

RESPONSIBILITIES

  • Managing a portfolio of tasks as part of the delivery of the ongoing global Information Security Compliance program
  • Managing and providing support to customer audits on IQVIA IT systems and technology product offerings as well as hosting third-party audits required to maintain certifications
  • Developing, implementing, and monitoring compliance with internal security policies and procedures defined in the IQVIA Integrated Information Framework
  • Managing or supporting as necessary deployment, management, and maintenance of information security safeguards and their associated software related to compliance requirements
  • Assisting with planning, implementation and maintenance of system security administration and user access including appropriate segregation of duties based on compliance requirements
  • Providing support and coordination for annual testing of internal controls over financial reporting for Sarbanes-Oxley as applicable to IQVIA infrastructure and systems, including coordination of control owners’ remediation plans
  • Providing support and coordination for regular Service Organization Controls (SOC) audits conducted in accordance to ISAE3402 and SSAE16 professional standards
  • Providing support and coordination to audit and other assessment activities pertaining to regulatory frameworks related to security of healthcare information such as HIPAA, EU GDPR, Japan PrivacyMark and/or other applicable regional frameworks
  • Providing support and coordination to audit and other assessment activities pertaining to obtaining or ongoing maintenance or information security certification regimes such as ISO27001 or equivalent
  • Monitoring progress of remedial actions to ensure both regulatory issues and compliance-related information security issues are resolved and are closed in a timely manner with the root cause identified, delivering a sustainable solution
  • Assisting with executing an appropriate monitoring program including but not limited to: sample collateral checks of control design, sample review of control operation, review of relevant compliance metrics, and issue analysis
  • Managing and supporting investigation and resolution activities related to information security compliance incidents
  • Engaging with and managing activities of third-party specialist service providers where necessary to support information security compliance related activities, including carrying out of special reviews, assessments and investigations
  • Reporting regularly to management on the status of assigned activities including issues, risks and remediation actions
  • Cooperating with other organizational teams in compliance activities, including internal and external audits

 All responsibilities are essential job functions unless noted as nonessential (N).

REQUIRED KNOWLEDGE, SKILLS AND ABILITIES

  • Candidates should possess an Associates or Bachelor's degree, and preferably have experience within a regulated industry environment
  • Knowledge of IT processes (SDLC, ITIL) supporting pharmaceutical research and development processes in a regulated environments
  • Excellent written and verbal communication skills
  • Effective organization and time management skills
  • Ability to write with purpose, clarity and accuracy
  • Ability to work both within a team environment and independently to initiate and prioritize tasks
  • Ability to establish and maintain effective working relationships with coworkers and management in a global environment
  • Skilled with word-processing, spreadsheet, and presentation applications
  • SharePoint experience

MINIMUM REQUIRED EDUCATION AND EXPERIENCE

  • Candidate should have a minimum of 5 years IT compliance experience, strong communication and interpersonal skills; or equivalent combination of education, training and experience
  • CISA, CISM, CRISC, or CISSP certification a plus

PHYSICAL REQUIREMENTS

  • Extensive use of telephone and face-to-face communication requiring accurate perception of speech
  • Extensive use of keyboard and mouse requiring repetitive motion of fingers and wrists
  • Regular sitting for extended periods of time
  • There is the potential for some travel (up to 15%)

We know that meaningful results require not only the right approach but also the right people. Regardless of your role, we invite you to reimagine healthcare with us. You will have the opportunity to play an important part in helping our clients drive healthcare forward and ultimately improve human health outcomes. Whatever your career goals, we are here to ensure you get there! We invite you to join IQVIA™



Job ID: R1023375