About the Role
Location : #L1 Hybrid
The ISC Third Party Risk team within Information Security and Compliance function is responsible for managing the cyber security risk arising out of engaging third party information technology and / or data services, this includes evaluating, assessing and monitoring of third party security programs and ensuring protections for all aspects of third party security landscape for the scope of services. The role will conduct information security assessments of vendors providing services to Novartis, analyze and review independent security audit reports, analyze threat data, security incidents (if any) of the vendor and ensure mitigations actions are recommended
Your Responsibilities Include but are not limited to:
• Information Security Areas and controls (Infrastructure Security, IAM / Access Management, Physical Security, Vulnerability Management, Application Security, Cloud Security, OT Security, Generative AI etc.)
• IT Compliance, Data Privacy / GDPR Compliance and SOX Compliance
• Enterprise Risk Management. Ability to articulate clearly the risk arising out of the gaps / issues identified.
• Very good understanding of NIST, ISO 27001, CIS Benchmarks, SDLC, COBIT standards etc.,
• Previous information technology/security audit/assessment experience preferred.
• Ensure the security process is governed by organizational policies and practices that are consistently applied.
Diversity & Inclusion / EEO
We are committed to building an outstanding, inclusive work environment and diverse teams representative of the patients and communities we serve.
Role Requirements
• Enforce compliance with the security program in a balanced and consistent manner across the organization.
• Ability to leverage attention to detail and analytical skills,
• Ability to multi-task and work both independently as well as part of an assessment team.
• Ability to plan, execute and document assessment activities following established processes and procedures
• Ability to identify information security gaps of third party environment and articulate the risk arising out of it.
Why Novartis: Our purpose is to reimagine medicine to improve and extend people's lives and our vision is to become the most valued and trusted medicines company in the world. How can we achieve this? With our people. It is our associates that drive us each day to reach our ambitions. Be a part of this mission and join us! Learn more here: https://www.novartis.com/about/strategy/people-and-culture
You'll receive: You can find everything you need to know about our benefits and rewards in the Novartis Life Handbook. https://www.novartis.com/careers/benefits-rewards
Commitment to Diversity and Inclusion:
Novartis is committed to building an outstanding, inclusive work environment and diverse teams' representative of the patients and communities we serve.
Join our Novartis Network: If this role is not suitable to your experience or career goals but you wish to stay connected to hear more about Novartis and our career opportunities, join the Novartis Network here:
https://talentnetwork.novartis.com/network
No video provider was found to handle the given URL. See the documentation for more information.
Division
Operations
Business Unit
DATA, DIGITAL & IT
Location
India
Site
Hyderabad, AP
Company / Legal Entity
Nov Hltcr Shared Services Ind
Functional Area
Technology Transformation
Job Type
Full Time
Employment Type
Regular
Shift Work
No
zpostcode 
Recruit 
weather 
mreligion 
Yellowpages 
sport 
constellation 
shopping 
name 
game 
directory 
literature 
Word 
tour 
furnish 
Lottery 
tftnews 
lyrics 
News 
digital 
car 
dir 
Edu 
Finance 
