Job Portal Logo
LoginSign Up
🔔 FCM Loaded

Assoc. Director DDIT ISC BISE IES

Novartis

5 - 10 years

Hyderabad

Posted: 01/08/2025

Job Description

Summary

To lead and drive the implementation and continuous improvement of information security compliance initiatives across the organization. This role ensures alignment with global regulatory frameworks and internal policies, while proactively managing risk and audit readiness.

About the Role

Key Responsibilities

Information Security Compliance & Governance

  • Lead the design, implementation, and monitoring of security compliance programs aligned with HIPAA, SOX, NIST, CSA, and other relevant frameworks.
  • Ensure adherence to internal ISRM (Information Security Risk Management) policies and procedures.
  • Maintain up-to-date documentation and evidence for audits and regulatory inspections.

Risk Management & Audit Coordination

  • Own the end-to-end lifecycle of security risk assessments, including identification, evaluation, mitigation planning, and tracking.
  • Coordinate internal and external audits, ensuring timely and accurate responses to findings.
  • Develop and maintain risk registers and dashboards for leadership visibility.

Technical Security Oversight

  • Provide subject matter expertise on security controls related to:
  • Firewalls and network segmentation
  • Windows end-user systems and SCCM configurations
  • Active Directory security and access management
  • Vulnerability management tools and remediation workflows
  • Collaborate with IT infrastructure and endpoint teams to ensure secure configurations and patch compliance.

Metrics, Reporting & Continuous Improvement

  • Define and track key performance indicators (KPIs) and control effectiveness metrics.
  • Lead gap and vulnerability forums, driving remediation actions with stakeholders.
  • Recommend and implement enhancements to compliance monitoring tools and processes.

Stakeholder Engagement & Training

  • Act as a trusted advisor to business and IT teams on compliance and risk topics.
  • Deliver training and awareness sessions on security policies, audit readiness, and risk mitigation strategies.
  • Represent the function in cross-functional governance forums and risk committees.

Required Skills & Experience

Mandatory

  • Proven experience in Information Security Compliance, Risk Management, and Audit Readiness.
  • Deep understanding of regulatory frameworks: HIPAA, SOX, NIST, CSA.
  • Strong technical knowledge of firewalls, networks, SCCM, Windows systems, and Active Directory.
  • Hands-on experience with vulnerability management processes.

Preferred

  • Experience in a regulated industry (e.g., pharma, healthcare, finance).
  • Familiarity with ISRM tools and GRC platforms.
  • Certifications such as CISA, CISM, CISSP, or CRISC.

Total Relevant Experience

13–16 years of progressive experience in Information Security, Compliance, Risk Management, or related domains, with a proven track record of leading cross-functional initiatives and audit programs in complex enterprise environments.

You’ll receive: You can find everything you need to know about our benefits and rewards in the Novartis Life Handbook. https://www.novartis.com/careers/benefits-rewards

Commitment to Diversity and Inclusion: 
Novartis is committed to building an outstanding, inclusive work environment and diverse teams' representative of the patients and communities we serve.

Accessibility and accommodation 
Novartis is committed to working with and providing reasonable accommodation to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the recruitment process, or in order to perform the essential functions of a position, please send an e-mail to diversityandincl.india@novartis.com and let us know the nature of your request and your contact information. Please include the job requisition number in your message

Join our Novartis Network: If this role is not suitable to your experience or career goals but you wish to stay connected to hear more about Novartis and our career opportunities, join the Novartis Network here: 
https://talentnetwork.novartis.com/network(link is external)

Why Novartis: Helping people with disease and their families takes more than innovative science. It takes a community of smart, passionate people like you. Collaborating, supporting and inspiring each other. Combining to achieve breakthroughs that change patients’ lives. Ready to create a brighter future together? https://www.novartis.com/about/strategy/people-and-culture

Join our Novartis Network: Not the right Novartis role for you? Sign up to our talent community to stay connected and learn about suitable career opportunities as soon as they come up: https://talentnetwork.novartis.com/network(link is external)

Benefits and Rewards: Read our handbook to learn about all the ways we’ll help you thrive personally and professionally: https://www.novartis.com/careers/benefits-rewards

About Company

Novartis is a leading global healthcare company headquartered in Basel, Switzerland. It specializes in the research, development, manufacturing, and marketing of innovative pharmaceuticals. Formed in 1996 through the merger of Ciba-Geigy and Sandoz, Novartis focuses on areas such as oncology, neuroscience, immunology, cardiovascular diseases, and gene therapies.With a strong commitment to scientific innovation, Novartis invests heavily in R&D and collaborates with biotech companies and academic institutions worldwide. The company operates in over 140 countries and serves millions of patients globally. Novartis is also known for its efforts in access to medicine, using programs like Novartis Access and Novartis Foundation to support underserved populations.

Services you might be interested in

One-Shot Campaign

Reach out to ideal employees in one shot!

The intelligent campaign for reaching out to the ideal audience to whom you can ask for help (guidance or referral).

getmereferred logo Know more