IT Security and Compliance Manager

Location: Miami, FL
Date Posted: 01-29-2018
IT Security and Compliance Manager- Miami, FL

My client is seeking an IT Security/Compliance Manager that will be responsible for leading the IT Compliance initiatives for new and existing systems per current Good Manufacturing Practices (GMP), Good Clinical Practices (GCP), Good Laboratory Practices (GLP), FDA, Sarbanes-Oxley, ICH, HIPAA and any other applicable regulatory guidelines. This position will be expected to have Security Operations as well as IT Compliance background and be an adaptable resource, able to oversee both technical security operations and compliance initiatives. The purpose of Security, Risk and Compliance role is to implement and continuously improve an effective and efficient information security program to ensure that security is embedded in all Information Technology services, processes and systems based on asset critical and business risk. This includes the responsibility to ensure that operational, legal, regulatory and security risks related to IT are assessed and mitigated in a cost effective manner in accordance with the business requirements and Enterprise Architecture.
  1. Provide security operations services, and champion initiatives to mature Threat & Vulnerability Management, Incident Response, Data Privacy and Encryption of data at rest.
  2. Monitor and manage security incidents and breaches and take remedial actions to prevent recurrence.
  3. Evaluate business and IT requests for exceptions to IT Policy and Standards.
  4. Facilitate self-assessment of compliance with Group IT Policies, timely reporting of issues and ensure remedial actions are carried out within agreed timeframes.
Responsible for leading ongoing IT GxP Compliance of IT Systems, Audit Remediation, and SOP authoring initiatives supporting various IT client organization including but not limited to Sales, Manufacturing, Quality, and R&D business units. Provide support to
  1. Ensure Change management, CAPA, Deviations, training ,SOP and IT systems reviews are conducted in accordance with established policies and procedures.
  2. Responsible for performing activities related to qualification, GxP validation and corresponding change management of IT systems. Support Software Validation activities. cCollect and maintain Quality metrics to support IT controls across the entire IT organization and, to support Regulatory Audits and Inspection Readiness. Lead and support Software Validation activities.
  3. Liaise with Legal, Compliance and the Business for review of contract Security clauses and Data Privacy initiatives
  4. Ensures that all activities under the control of this position are consistent with corporate and departmental goals and objectives, and that all resources are utilized in the most effective manner to accomplish tasks within established time schedules, service levels and budgets.
  5. Manages the continuing review of present systems in order to determine level of effectiveness, required modifications and/or replacement in light of corporate needs and requirements.
  6. Implements enterprise solutions and associated hardware for new office locations.
  7. Remains abreast of industry trends and technological changes to enhance business security.
  8. Systematically tracks issues and risks inherent to the project.  Makes sure mitigation strategies are in place.  Reports progress of issue and risk mitigation strategies.
  9. Ensures that project plans and related activities support key organizational business objectives and major deliverables for assigned projects. Oversees the implementation of the new system; develops project plans, prepares and conducts weekly status meetings as well as the allocation of the resources and the establishment of the timeline(s) commitments and the adherence that the timeline is met.
  10. Monitors and maintains the integrity of established TissueTech Information Technology security policies, practices, and procedures. Develops and documents standardized user (internal customer) processes and procedures and "how to" documentation. Develops and supports standards for use of network services including Active Directory group policies. Recommends policies for desktop hardware and software and writes detailed scopes of work for purchases.
  11. Supports critical systems after hours, nights and weekends as needed. Responds to emergencies on a 24/7 basis.
  12. Responsible for the IT departments management of Audit initiatives and remediation.
  13. Documentation of CAPA and NCR action plans, in conjunction with QC team.
  14. Supports on-going validation efforts of current processes for FDA compliance, including Part 11.
  15. Will assist in preparation and response to Federal regulatory agencies audits.
  • Bachelor’s degree preferably in MIS, Computer Science or related technical discipline
  • 5-7 overall years of experience in information security operations, governance, compliance, preferably in a large or Global Organization.
  • Minimum 3-5 years of experience in a security management role or alternatively leading large projects that require managing teams that do not report directly
  • Proven experience supporting Internal and External audits. Experience in the Biotechnology/Pharmaceutical FDA regulated industry to perform activities related to qualification, GxP validation and change management of IT systems is required.
  • Certifications: CISSP, CISM, CISA or similar certification required.
  • Effective in negotiations, interpersonal and partnering skills.  Ability to select the right resources needed to effectively perform the project tasks. Planning skills to evaluate negotiate and prioritize work for these resources effectively so they are managed accordingly to the organizational priority. Conceptualize logical and innovative solutions to solve complex business problems.  Ability to be on call via email, phone and urgent travel needs, when deemed necessary by management, to support enterprise system issues. Team oriented for collaboration across multiple IT areas, and business areas.   Ability to travel up to 10% of overall time to domestic and international locations.
  • Ability to effectively communicate, both orally and in writing. Ability to manage conflicting priorities and customer expectations. Ability to use good judgment, analytical abilities, and effective problem-solving skills. Ability to manage time and workload efficiently, including planning, organizing and following through on a variety of tasks, assignments, projects, and reports, paying close attention to details.
  • Effective team building and motivational skills. Ability to maintain confidentiality. Demonstrated ability to work effectively in a diverse workforce.
  • Roll-up-the-sleeves attitude and a hands-on approach.
  • Strong communication and customer focus skills; ability to work with users and vendors on issues and questions.
  • Ability to communicate effectively to all levels of the organization by providing clear concise communication.
  • Strong collaborative skills; ability to work efficiently with other team members.
Laurie Roth
President/Sr. Consultant
this job portal is powered by CATS