IT Resilience, Audit and Risk Specialist

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.

The Position:

Are you a compliance expert with a solid background in IT security, data privacy, quality compliance and regulatory requirements—particularly within agency-governed environments? Are you looking for a challenging, innovative, fun and collaborative workspace where you can grow your expertise while making an impact? If so, the Security, Quality, and Compliance Chapter wants to hear from you!

As a Specialist in IT Risk, Audit and Compliance, you will be an integral part of our diverse Informatics community of smart, fun, wholehearted, and engaged professionals spanning diverse functional areas. You will share our community values of passion, courage, integrity, and gratitude -- all in service of our mission, “doing now what patients need next.”

Your primary accountability is to provide expert guidance in ensuring that our IT systems and processes are compliant and aligned with applicable regulations, GxP validation methodology, SDLC, up-to-date process controls, and that risks are being managed prudently. By being deeply engaged with our stakeholders ranging from, but are not limited to, business partners, quality, procurement, and security professionals, you will demonstrate an expert understanding of GxP-related safety, clinical and medical data and build a strong framework to assess the quality and security of our systems. Professionally you demonstrate exceptional competency in supporting internal audit and external inspections.

Your success requires a blend of specialized knowledge, practical experience, and strong organizational skills. You are self-motivated and have the ability to motivate your teammates to bring impact to business value streams. As a Specialist in IT Risk, Audit and Compliance, you foster a positive team culture and collaboration with peers, establish strong relationships and manage stakeholders across the globe. You are someone who can negotiate and influence at all levels.

Responsibilities:

• Conduct internal review of IT systems and processes, ensure compliance with validation methodology, SDLC, security / privacy policies, and applicable regulatory requirements

• Communicate the results of internal review to stakeholders (written reports / oral presentations). Establish and build working relationships with SME and stakeholders

• Exhibits intellectual curiosity and sound judgment to influence and challenge SME

• Fostering innovation and simplification, seeking solutions to improve and simplify existing processes, and creating a culture that encourages creativity and continuous improvement

• Conduct risk assessments to identify potential threats and vulnerabilities within the IT Systems and platforms

• Audit and inspection Support: Provide support during internal audit or external inspections. Where applicable, collaborate and partner with applicable audit and inspection teams to resolve issues and facilitate efficient processes. Ensure comprehensive preparation, documentation readiness, and seamless execution of audit activities while maintaining compliance with GxP regulations

• Support post-Inspection Activities. Compile audit/inspection findings and coordinate response development. Support CAPA (corrective and preventive action) planning, implementation and tracking.

• Stakeholder management for business partners and subject matter / functional experts.

• Participate in ongoing enhancement initiatives and continuous improvement assignments

The Ideal Candidate:

Has a diverse background, adept at managing change during challenging periods, and excels at resolving issues and finding solutions. Wants to tackle the biggest healthcare challenges that face us globally in the 21st century. Excel at relationship building and networking. Has demonstrated the ability to navigate complexity, is pragmatic, sees the big picture, and can give examples of impact in a large global organization.

Qualifications:

• Bachelor’s degree in Life Science, Informatics, Quality, or related field. Master’s degree or post-graduate coursework are desirable.

• 5+ years of related experience, domain knowledge of the pharmaceutical industry in Internal and External audit management / regulatory inspection

• Knowledge of GxP regulations. Familiarity with industry regulations and governance such as: IT Computer Systems: FDA 21 CFR Part 11, HIPAA (Health Insurance Portability and Accountability Act), GDPR (General Data Protection Regulation), ISO/IEC 27001, NIST (National Institute of Standards and Technology), PCI DSS (Payment Card Industry Data Security Standard). Validation Methodology/SDLC: IEEE Standards, ISO/IEC 12207, GxP Guidelines, GAMP, EU Annex 11, ICH Guidelines, PIC/S.

• Solid understanding of computerized validation processes and requirements for 3rd party software and service providers in the pharmaceutical industry

• Experience leading cross-functional collaborative team environments, provide innovative solutions to complex business problems and make decisions with cross-functional impact

• Effective influence skills to communicate internal review findings, both verbally and in writing

• Strong communication skills - ability to communicate efficiently complex information, issues, and potential solutions.

• Demonstrated ability to quickly learn business priorities in unfamiliar or ambiguous areas

• Strong organizational and project management skills

• Proven skills in relationship building, customer-focus, decision-making, and problem solving

• Proven track record in adoption and use of innovative techniques

• Ability to juggle multiple work efforts and to quickly change direction

• Experience or understanding of Internal Control over Financial Reporting (ICFR) is a plus

A healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.

Let’s build a healthier future, together.

Roche is an Equal Opportunity Employer.