Compliance IT System Manager

Position:ComplianceIT Systems Manager

Location: Hyderabad, India (Remote)

Duration: Full Time

Purpose/Summary

TheComplianceIT System Manager is responsible for the lifecycle management ofcomplianceand ethics systems supporting a global pharmaceutical organization. This remote role, delivered through a Managed Services model, focuses on maintaining systems that enable regulatory adherence, transparency reporting, grant management, and workplace investigations. The System Manager ensures these mission-criticalcomplianceplatforms operate reliably, maintain audit trails for regulatory inspection, and support the organization's commitment to ethical business practices in the highly regulated pharmaceutical industry.

Core Responsibilities

• System Lifecycle Management:Oversee the complete lifecycle ofcompliancesystems from requirements gathering through retirement, ensuring alignment with regulatory obligations and organizationalcompliancestrategies
• IT Risk Assessment (ITRA):Conduct regular IT risk assessments specific tocompliancesystems, identifying and implementing appropriate risk controls for data integrity, confidentiality, regulatory adherence, and audit readiness
• Requirements and Design Management:Collaborate withCompliance, Legal, Ethics, HR, Medical Affairs, and IT stakeholders to definecompliancesystem requirements, design solutions, and obtain appropriate approvals
• Vendor/Supplier Management:Manage relationships withcomplianceplatform vendors including IQVIA, Bonterra (CyberGrants), and HR Acuity, encompassing contract negotiations, SLA monitoring, performance reviews, and issue resolution
• Implementation Planning and Execution:Plan and execute system implementations, regulatory updates, and integrations scaled appropriately to complexity, coordinating with multi-functionalcomplianceteams
• Verification and Release Management:Ensure appropriate testing including User Acceptance Testing (UAT) andcompliancevalidation for system changes, managing releases according to change control procedures with emphasis on regulatory impact assessment
• Operational Management:Maintain comprehensive Operations & Maintenance (O&M) documentation, manage user access provisioning forcompliancepersonnel, and coordinate incident response forcompliancesystem issues with sensitivity to regulatory reporting deadlines
• Change and Configuration Management:Manage all system changes through ServiceNow ITSM, Azure DevOps, or similar tools, maintaining accurate configuration records and ensuring change control procedures meet regulatory inspection standards
• Compliance and Security:Ensurecompliancesystems meet pharmaceutical industry regulations (FDA, OIG, EFPIA, state transparency laws), data privacy requirements (GDPR, CCPA), and SOX controls, implementing comprehensive audit trails and electronic signature capabilities per 21 CFR Part 11 where applicable
• Continuous Improvement:Identify opportunities to enhancecompliancesystem efficiency, data quality, and reporting capabilities, conducting periodic evaluations and staying current with evolving transparency regulations across global markets

Systems Portfolio

This role manages threecompliancesystems supporting regulatory transparency, medical affairs grant management, and workplace ethics investigations:

IQVIA Transparency System ITR (Transparency Reporting)

Cloud SaaS Platform | IQVIA | Global TransparencyCompliance

Enterprise cloud platform for capturing, aggregating, and reporting healthcare professional (HCP) and healthcare organization (HCO) spend to meet global transparency disclosure requirements. IQVIA Transparency Reporting is the industry-leading solution with 100+ global implementations, providing end-to-end management of transfers-of-value (TOV) reporting from data ingestion through government submission.

Regulatory Coverage (324 Reports across 48+ Countries):

• US Physician Payments Sunshine Act / Open Payments Program (CMS reporting)
• EFPIA Disclosure Code (European pharmaceutical industry transparency requirements)
• French Sunshine Act (Loi Bertrand), Italian Sunshine, Greek transparency laws
• MedTech Europe Disclosure Code (medical device industry requirements)
• State and local regulations (e.g., Chicago Pharma Rep Disclosure, Vermont, Massachusetts)
• Emerging markets: Brazil (Minas Gerais TOV), Colombia, Argentina, Saudi Arabia, South Korea, Philippines, Australia
• Dutch Registry (Netherlands), Portugal Infarmed, Ontario (Canada) transparency requirements

Key Capabilities:

• Multi-source data ingestion from CRM (Veeva, Salesforce), ERP (SAP), Travel & Expense (Concur), and manual entry portals
• Integration with IQVIA OneKey (global HCP/HCO reference database with 11M+ healthcare professionals)
• Automated data validation, augmentation, and remediation workflows to improve data quality
• Configurable business rules engine to enforce company-specific TOV policies and disclosure thresholds
• Built-in analytics engine (IQVIA Transparency Analytics) with pre-configured dashboards forcompliancemonitoring
• Embedded legal monitoring with automated alerts for new regulatory requirements
• Comprehensive audit trails for regulatory inspection readiness (FDA, OIG, EMA)
• Multi-language support for global reporting requirements
• Automated government submission file generation in jurisdiction-specific formats (XML, CSV, PDF)

Business Context:Transparency reporting is mandatory in the pharmaceutical industry to disclose financial relationships between manufacturers and healthcare professionals. Misreporting carries severe penalties including civil monetary penalties, reputational damage, and exclusion from federal healthcare programs. The system aggregates spend data from numerous sources, applies complex business rules to determine reportability, and generates submissions meeting jurisdiction-specific technical requirements. ITR's dedicated legal team tracks 320+ reports and 40+ industry codes, automatically updating system configurations as regulations evolve. System uptime during critical reporting windows (typically annual submissions with quarterly updates) is mission-critical.

ComplianceCertifications:SOC 1/2 Type II, ISO 27001/27017/27018, GDPR/CCPA compliant, supports SOX controls for financial reporting accuracy.

CyberGrants (Medical Affairs Grant Management)

Cloud SaaS Platform | Bonterra (formerly CyberGrants) | Life Sciences Grant Programs

Enterprise grants management platform purpose-built for pharmaceutical and medical device companies to manage Medical Education grants, Expanded Access Programs, and Investigator-Initiated Research grants. CyberGrants for Life Sciences is trusted by global pharmaceutical leaders including Pfizer, AstraZeneca, Novartis, and Merck, providing end-to-end grant lifecycle management from application intake through disbursement and post-award reporting.

Grant Program Types:

• Independent Medical Education (IME):Funding for development, delivery, and evaluation of educational programs for healthcare providers including conferences, online education, and workshops supporting disease management and patient safety initiatives
• Research Grants:Pharmaceutical products and/or funding to support Investigator-Initiated Trials (IITs) and research studies advancing scientific knowledge, treatment improvements, and healthcare quality
• Expanded Access Programs (EAP):Non-commercially approved pharmaceutical products for patients with life-threatening illnesses who have exhausted approved treatment options (also known as Early Access, Compassionate Access, or Managed Access programs)
• Event Sponsorships:Support for medical conferences, symposia, and professional association activities
• Charitable Donations:Corporate philanthropy supporting patient advocacy organizations, disease foundations, and healthcare access initiatives

Key Capabilities:

• Online application portals for healthcare providers, investigators, and nonprofit organizations
• Flexible, rule-based workflow engine for multi-level approval routing with configurable decision criteria
• Integration with OIG Exclusions List, FDA Debarment List, and other watchlists for automatedcompliancescreening
• Accounts Payable system integration for automated grant disbursement (system of record for medical affairs payments)
• Product-specific approval workflows for Expanded Access Programs (each drug may have unique approval requirements)
• Built-in communication tools for grantee correspondence and milestone tracking
• Post-award reporting with deliverable tracking, budget monitoring, and outcomes measurement
• Comprehensive audit trails and reporting for regulatory inspection readiness
• Impact reporting capabilities for demonstrating medical education effectiveness and research outcomes

Business Context:Medical affairs grant programs support legitimate scientific education and research while navigating complex anti-kickback regulations. Grant decisions must be based on scientific merit rather than business considerations, with thorough documentation demonstrating fair market value and independence from commercial influence. The system enforces separation between grant review and commercial operations, maintains complete audit trails for OIGcompliance, and ensures watchlist screening prevents grants to excluded individuals. Expanded Access Programs require rapid response for critically ill patients while maintaining rigorous approval protocols. Integration with transparency reporting systems ensures all medical affairs grants are properly disclosed to regulatory authorities.

Regulatory Considerations:OIGComplianceProgram Guidance for Pharmaceutical Manufacturers, FDA regulations for Expanded Access (21 CFR 312.320), Anti-Kickback Statutecompliance, PhRMA Code on Interactions with Healthcare Professionals, transparency reporting requirements for all grant payments.

HR Acuity (Employee Relations Case Management)

Cloud SaaS Platform | HR Acuity | Workplace Investigations & Ethics

Purpose-built employee relations case management and workplace investigations platform trusted by hundreds of leading organizations including Workday, Bloomberg, and Lyft. HR Acuity provides centralized, secure infrastructure for documenting, investigating, and analyzing employee relations issues from harassment and discrimination through policy violations and workplace safety concerns. The platform combines decades of employee relations expertise with AI-powered analytics (olivER) and structured investigation methodologies to ensure consistent, compliant, and defensible workplace investigations.

Core Functionality:

• Case Intake & Reporting (Speakful):Multi-channel employee reporting including AI-powered intake, live agents, and web portals available in 35+ languages across 50+ countries, supporting both named and anonymous reporting
• Case Management:Centralized tracking system for all employee relations issues with customizable categorization (harassment, discrimination, retaliation, workplace violence, policy violations, performance issues, etc.)
• Investigation Management:Proprietary three-step investigation methodology (Plan, Investigate, Determine) with built-in best practices, configurable interview templates, and guided workflows ensuring consistency across global investigation teams
• olivER (Defensible AI):AI assistant trained on 20+ years of employee relations insights providing case summaries, trend identification, interview question suggestions, and benchmarking without drawing conclusions (designed to enhance, not replace, human judgment)
• managER (People Leader Tools):Empowers managers to handle everyday employee issues with access to company policies, triage guidance, real-time coaching, and employee history for consistent documentation
• Analytics & Insights:Real-time dashboards identifying trends, hotspots, and patterns across geography, business units, and issue types enabling proactive intervention before escalation
• Aftercare Management:Post-resolution task sets and reminders ensuring appropriate follow-up with affected employees to demonstrate care and accountability
• Document Generation:Automatically generated case reports with standardized, court-ready documentation; integrated letter templates for consistent communication

Security &ComplianceFeatures:

• Encrypted platform with tamper-proof audit trails and detailed access logs
• Role-based permission controls with ability to protect attorney-client privilege
• Secure handoffs to decision-makers with confidentiality controls to prevent retaliation
• Multi-language support for global investigations
• Integration capabilities with HRIS systems for employee data synchronization

Business Context:Effective workplace investigations are critical for pharmaceutical organizations facing heightened scrutiny around workplace culture, DEI initiatives, and employee wellbeing. Inconsistent investigation processes create legal liability, erode employee trust, and expose organizations to discrimination claims, retaliation lawsuits, and regulatory penalties. HR Acuity standardizes investigation methodology globally, provides real-time visibility into emerging hotspots (e.g., specific managers, locations, or behaviors), and generates defensible documentation for EEOC charges, litigation defense, and regulatory inquiries. The analytics capabilities enable proactive culture management by identifying concerning patterns before they escalate to legal claims or public relations crises. For pharmaceutical companies, workplace ethics andcomplianceare inseparable from product integrity and patient safety.

Regulatory Alignment:EEOCcompliance, Title VII investigations, SOX whistleblower protections, state and local anti-discrimination laws, GDPR data privacy for global investigations, supports FDA OCI (Office of Criminal Investigations) readiness for pharmaceuticalcompliancematters.

Key Tasks

• Monitor regulatory landscape for transparency reporting changes across 48+ countries and ensure timely IQVIA ITR system updates
• Coordinate annual and quarterly transparency reporting cycles, ensuring data quality and on-time government submissions
• Manage CyberGrants workflow configurations for medical education, expanded access, and research grant programs
• Implement and maintain OIG/FDA watchlist integration for automatedcompliancescreening in grant applications
• Support HR Acuity investigation workflows, ensuring consistent global investigation methodology and documentation standards
• Troubleshoot data integration issues betweencompliancesystems and upstream sources (CRM, ERP, HRIS, T&E)
• Generatecompliancedashboards and analytics for leadership visibility into transparency spend, grant program activity, and workplace investigation trends
• Maintain comprehensive system documentation for regulatory inspection readiness (FDA, OIG, EEOC, state regulators)
• Coordinate user training oncompliancesystem features and regulatory requirements
• Support internal and external audits by providing system access, data extracts, and audit trail documentation
• Evaluate emergingcompliancetechnologies and recommend system enhancements to improve efficiency and regulatory coverage

Required Skills and Experience

• 5-8 years of experience managing business-critical IT systems in enterprise or highly regulated environments, preferably with exposure tocompliance, legal, or ethics systems
• Strong understanding of pharmaceutical industrycompliancerequirements including transparency reporting, anti-kickback regulations, and workplace ethics investigations
• Experience with SaaS/cloud platforms and vendor management for enterprise software solutions
• Demonstrated ability to manage complex data integrations between multiple systems (CRM, ERP, HRIS, T&E platforms)
• Knowledge of IT risk management principles and information security best practices, particularly as applied to sensitivecompliancedata
• Proficiency with ITSM tools (ServiceNow strongly preferred) and Application Lifecycle Management platforms (Azure DevOps, GitHub, Jira)
• Excellent stakeholder engagement skills with ability to collaborate acrossCompliance, Legal, Ethics, HR, Medical Affairs, IT Security, and Finance
• Strong written and verbal communication skills in English, with ability to explain technical concepts tocomplianceprofessionals and vice versa
• Analytical mindset with ability to interpret regulatory requirements and translate them into system configurations
• Ability to work independently in a remote environment with reliable internet connectivity, while coordinating effectively with US East Coast time zones (EST/EDT)

Desirable Qualifications

• Bachelor's degree in Information Technology, Computer Science, Business Information Systems, or related field
• Professional certifications such as ITIL Foundation, PMP, CISSP, CertifiedCompliance& Ethics Professional (CCEP), or vendor-specific certifications (IQVIA, Bonterra, HR Acuity)
• Direct experience with IQVIA Transparency Reporting, CyberGrants/Bonterra, or HR Acuity platforms
• Knowledge of pharmaceuticalcomplianceregulations: US Sunshine Act/Open Payments, EFPIA Disclosure Code, OIGComplianceProgram Guidance, FDA Expanded Access regulations, Anti-Kickback Statute, PhRMA Code
• Familiarity with CRM platforms (Veeva, Salesforce), ERP systems (SAP, Oracle), Travel & Expense systems (Concur), and HRIS platforms (Workday, SAP SuccessFactors)
• Understanding of data privacy regulations (GDPR, CCPA, HIPAA) as they apply tocompliancedata and workplace investigations
• Experience supporting regulatory audits and inspections (FDA, OIG, state transparency agencies, EEOC)
• Knowledge of SOX controls for financial reporting systems
• Experience with 21 CFR Part 11compliancerequirements for electronic records and signatures
• Scripting or programming skills (SQL, Python, PowerShell) for data analysis and automation ofcompliancereporting tasks

KEY INTERFACES

Internal Stakeholders:

• Complianceand Ethics teams (transparency reporting operations, grantcomplianceoversight, ethics hotline management)
• Legal and Regulatory Affairs (regulatory interpretation, audit support, legal hold requirements)
• Medical Affairs (grant program management, medical educationcompliance, Expanded Access Programs)
• Human Resources and Employee Relations (workplace investigations, case management, diversity & inclusion)
• Finance and Accounts Payable (grant disbursements, TOV data validation, SOX controls)
• Commercial Operations (CRM data governance for transparency reporting, HCP master data)
• IT Security and Data Privacy (access controls, data classification, privacy impact assessments)
• Quality Assurance (system validation, audit trail review, change control approval)
• Internal Audit (SOX testing,compliancesystem audits, control documentation)

External Vendors:

• IQVIA (Transparency Reporting platform vendor,complianceadvisory services)
• Bonterra (CyberGrants platform vendor, grant management advisory)
• HR Acuity (employee relations platform vendor, investigation methodology experts)
• Regulatory agencies (CMS Open Payments, EFPIA, state transparency offices, FDA, OIG, EEOC)