IT Compliance

Location: Hyderabad

I. Risk Management & Compliance:
• Working with stakeholders – own and drive short- and long-term guidance on new/emerging or changing regulations, standards and policies and the applicability of ZTD process and controls to key business events.
• Lead ZTD projects and compliance initiatives representing TRM&C. Provide guidance to ZTD regarding regulatory compliance for projects and ongoing service delivery.
• Supports critical ZTD initiatives such as AI, ZTD Forward, Digital Transformation from a compliance perspective.
• Deliver data-driven perspectives to TRM&C leaders on the overall health of ZTD and TRM&C including progress on achieving the TRM&C strategy, obstacles inhibiting the achievement of the strategy, and considerations for the future strategic direction.
• Identify risk and compliance trends and provide insightful and actionable reports/read-outs.
• Expected to independently develop TRM&C project proposals for ZTD. Capable of supporting multiple compliance related projects and initiatives simultaneously.

II. Compliance Services:
• Risk Management supports in development and maintenance of ZTD Risk Management framework; consolidates a broad view of the internal and external regulatory environment to gain insight on new or increasing regulatory, statutory and policy compliance risk areas; drives short-term and long-term guidance on key risk areas including new regulations and policies.
• Compliance Reporting and Analytics supports in development and maintenance of ZTD compliance metrics and related analytics to assess performance and identify trends in compliance risk posture.
• Process Management supports in development and maintenance ZTD overall process framework; acts as process steward for ZTD risk management & compliance processes and contributes to automation strategies of key TRM&C processes. Continuously work to automate and simplify Digital processes to make it easier to get work done.
• Risks & Controls Management supports in development and maintenance of ZTD aggregated IT (Information Technology) compliance control requirements (e.g., Control Objectives (COB)) and supports with ZTD applicable certification events (PCI (Payment Card Industry), HIPPA and any others).
• Technology Management supports in development and maintenance of technologies to support risk and compliance activities (GRC, TPRM) utilized across Zoetis organization.
• Project Management owns and delivers value driven compliance & TPRM projects for the organization.

III. Third Party Risk Management:
• Providing uptake of TPRM program to the organization.
• Define and manage TPRM Training for ZTD and Business.
• Implement TPRM Governance.
• Operationalize TPRM Framework (services and delivery aspect)
  o Review and Approve of Third-Party Risk Profiles.
  o Review and Approve of Third-Party Risk Assessments, resulting in findings and risk recommendations.
  o Review and Approve of Risks/Findings, escalating risk recommendations to management as needed.
• Collaborate with Procurement (and Supplier Management Office, as needed) in rationalization of Third Parties for Zoetis and develop a framework for preferred third-party inventory.
• Compile quarterly reporting metric and scorecard to ZTD leadership on high risk third parties (with respect to operational deficiencies or business risk).
• Perform periodic monitoring and attestation of Third-Party providers.

IV. Data Protection (Privacy) & Audits & Inspection Support
• Identifying privacy risk pertaining to Third Parties and proposed recommendation to management.
• Identifying security risk pertaining to Third Parties and proposed recommendation to management.
• Quarterly reporting metric and scorecard to ZTD leadership & Privacy Office on high-risk processing of personal information by Third Parties.
• Collaborates with ZTD in audits and inspections readiness activities as well as supports the audits and inspections.
• Assure audit awareness & preparedness of operations and provide coaching/guidance as a compliance expert.

Experience:
• At least 5-8 years of experience in GxP Compliance and computer system validation.
• At least 8-10 years of experience in Information Technology.
• At least 5-8 years of experience in the pharmaceutical or biotech industries supporting IT initiatives.
• Expert in principles, theories, and concepts of regulatory compliance, and of pharmaceutical regulations; including industry knowledge of implementing controls within processes and tools.
• Experience with implementing controls aligned to principles and concepts of regulatory compliance, and of pharmaceutical regulations.
• Experience with SDLC methodologies, include Agile.
• Experience with working through a highly matrixed organization to support and drive key initiatives.
• Excellent stakeholder management skills and organizational skills.
• Demonstrate Project Management Knowledge and skills.
• Actively shares knowledge across multiple functions. May establish a system to share knowledge across the organization by shaping knowledge management processes/systems.
• Be able to take a plan, direct the team and efficiently deliver it.
• Demonstrates a breadth of diverse leadership experiences and capabilities including the ability to influence and collaborate with peers, develop and coach others, oversee, and guide the work of other colleagues to achieve meaningful outcomes and create business impact.
• Excellent customer relationship management skills.
• Highly self-aware, quick to establish trust, with a customer first mind set.