BioSpace · 8 hours ago
Associate Director - Business Risks & Controls - US Consumer
Maximize your interview chances
BiotechnologyCommunities
Comp. & BenefitsNo H1B
Insider Connection @BioSpace
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
Create and manage the first line Risk & Controls Assurance Program for the Global Customer Office ensuring a sustainable and disciplined end-to-end control environment and serve as the primary business liaison to second line teams
Establish GCO’s control framework process including the identification, classification and review of the control environment
Proactively monitor and evaluate control effectiveness, define key control indicators, identify gaps, and recommend enhancements to strengthen risk posture
Recognized technical authority for GCO privacy and cyber controls
Support technical, legal and compliance teams in the quality, completeness and accuracy of enterprise control frameworks applied to the GCO organization (ex: NIST and Process, Risk & Control frameworks) for Personal Information including Sensitive Personal Information
Partner with control and process owners to recommend corrective actions and improvements, provide challenge to ensure appropriate escalation in accordance with Issue Management and Escalation policies
Responsible for incident management processes associated with controls
Ensure effective identification, quantification, communication, and management of GCO’s risks, focusing on root cause analysis and resolution recommendations
Develop and maintain robust relationships, becoming a trusted partner with second line teams, technologists, assessment teams, and data officers to facilitate cross-functional collaboration and progress toward shared goals
Execute reporting and governance of controls, policies, issue management, and measurements, offering senior management insights into control effectiveness and inform governance work
Provide expertise and understanding of regulatory environment and new developments; develop and recommend action plans for initiatives that have regulatory impact
Apply specialized knowledge in particular non-financial risk domains, and broad acumen across facets of all domains including data, privacy, cybersecurity, technology, cloud, operational resiliency, third party and product risk
Coordinate risk and control responsibilities and ensure accountabilities are embedded within the business, including providing training and leading by example
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Bachelor's degree or higher preferably in STEM-related field (e.g., Computer Science, Cybersecurity, Engineering, Data Science, or Applied Mathematics)
4+ years of experience in technology risk management and controls governance
Qualified candidates must be legally authorized to be employed in the United States. Lilly does not anticipate providing sponsorship for employment visa status (e.g., H-1B or TN status) for this employment position.
Preferred
Strong understanding of regulatory compliance requirements, best practices, and industry risk and control frameworks such as NIST CSF, CRI Cyber Profile, CSA Cloud Controls, ISO 27000, COBIT, Basel Operational Risk Principles
Familiarity with global laws and regulations related to technology, cyber and privacy
Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies
Excellent leadership, analytical, and problem-solving skills
Demonstrated ability to communicate, translate and simplify complex technical risk and control concepts for non-technical stakeholders to enable clear understanding and informed decision-making
Strong collaborator able to build and maintain strong relationships with agile teams and internal/external stakeholders
High intellectual curiosity with a passion for data privacy and security controls
Experience in highly regulated industries including pharmaceutical, device manufacturer, health or financial services industries
IT-control related certifications (e.g., CISSP, CRISC, CISA, CISM, CIPT, CIPP)
Familiarity with Agile development
Benefits
Company bonus
Company-sponsored 401(k)
Pension
Vacation benefits
Eligibility for medical, dental, vision and prescription drug benefits
Flexible benefits (e.g., healthcare and/or dependent day care flexible spending accounts)
Life insurance and death benefits
Certain time off and leave of absence benefits
Well-being benefits (e.g., employee assistance program, fitness benefits, and employee clubs and activities)
Company
BioSpace
BioSpace is the leading online community for industry news and careers for life science professionals.
Funding
Current Stage
Growth StageTotal Funding
$10M2000-08-24Series B· $10M
Recent News
Company data provided by crunchbase