Security Solutions Architect (Mergers & Acquisitions)

Job Description Summary

Location: Prague, Czechia; Barcelona, Spain; Hyderabad, India

The Novartis Mergers and Acquisition IT (M&A) is in need for an experienced Functional Security Architect (FSA) to assist them in acquisition due diligence. This includes, but not limited to, network and application security reviews and security consultation of newly acquired companies as well as support of potential divestitures. M&A IT collaborates across scientific and business organizational boundaries, with a focus on maximizing the return of value for each acquisition while managing risk throughout the deal lifecycle. As a Functional Security Architect (FSA), you will support these strategic initiatives by providing subject matter expertise in the domain of end-to-end security architecture for typical enterprise services found across small, medium and large companies including startups.

The FSA will work with the M&A deal teams and technology peers to review, identify, report and eventually, ensure systems, applications, and networks of new company are compliant to security best practices and processes. FSA will also consult with new company’s IT staff, leadership and management, Novartis’ security standards and approved security patterns while providing ongoing security consultion and expertise. M&A FSA responsibilities will include support of the following activities:

a) Review current state of security controls and architecture for a variety of core IT network designs, applications, and solutions including, but not limited to, scientific platforms, master data management systems, clinical trial systems, regulatory reporting solutions, 3rd party IT suppliers, as well as business systems that support H/R, finance and operations, and other relevant business functions.
b) Review existing security processes along with operational changes, enhancements, and other releases related to production systems
c) Support and provide detailed recommendations (remediation plan) to new company’s leadership for remediation of identified security gaps and risks.
d) Articulate and present identified risks to Novartis security and compliance leadership

As part of daily activities, the FSA will ensure secure-by-design principles are being followed for applications and technical solutions that new company requires, to integrate into Novartis’ IT ecosystem by providing consultation and solution architecture recommendations.

The successful candidate will be a strong communicator with deep technical and security skills, especially pertaining to network security architecture, application security architecture, AWS and Azure Cloud architecture. The individual must be highly collaborative as they will need to work closely with application managers, platform engineers, 3rd party vendors, software developers and architects, apart from leadership.

 

Job Description

Your Responsibilities will include but not limited to:

• Advises peer architects and technologists about approved security patterns and practices

• Reviews, and challenges defined IT security related internal standards for the ongoing improvement of Novartis policies and procedures

• Acts as single point of contact, collaborating closely with other Security Architects and IT Architects on IT security related matters

• Promotes IT Security culture within the business and application management teams

• Defines pragmatic solutions and recommends alternatives that meet or exceed security requirements

• Reports on security status of various M&A projects 

• Builds external network and eminence regarding IT security relevant to the business function

• Performs risk/threat assessment of all IT project related to the function

• Where needed, manages pool of external security and solution architects assigned to portfolio

• Manages prioritization of security assessment for the function

What you will bring to the role:

• University working and thinking level, degree in business/technical/scientific area or comparable education/experience

• 7+ years’ work experience, 5 years within Information / Cyber Security / IT security expert

• Experience in mergers and acquisition IT area is preferable

• Expert knowledge of enterprise IT infrastructure technology, systems, vulnerability management, and change management processes, especially in large scale implementations

Desirable:

• Professional information security certification, such as CISSP, CISM or ISO 27001 auditor / practitioner is preferred. Professional (information system) risk or audit certification such as CIA, CISA or CRISC is preferred

• CSSLP, GSSP, ECCSP, CASS

• AWS and Azure Security Architect certifications

You’ll receive (Czechia only):

Monthly pension contribution matching your individual contribution up to 3% of your gross monthly base salary; Risk Life Insurance (full cost covered by Novartis); 5-week holiday per year; (1 week above the Labour Law requirement) ; 4 paid sick days within one calendar year in case of absence due to sickness without a medical sickness report; Cafeteria employee benefit program – choice of benefits from Benefit Plus Cafeteria in the amount of 12,500 CZK per year; Meal vouchers in amount of 90 CZK for each working day (full tax covered by company); public transportation allowance; MultiSport Card. Find out more about Novartis Business Services: https://www.novartis.cz/

Why consider Novartis?

Our purpose is to reimagine medicine to improve and extend people’s lives and our vision is to become the most valued and trusted medicines company in the world. How can we

achieve this? With our people. It is our associates that drive us each day to reach our ambitions. Be a part of this mission and join us! Learn more here:

https://www.novartis.com/about/strategy/people-and-cultureImagine what you could do here at Novartis!

Imagine what you could do here at Novartis!

Join our Novartis Network: If this role is not suitable to your experience or career goals but you wish to stay connected to learn more about Novartis and our career opportunities, join the Novartis Network here:  https://talentnetwork.novartis.com/network

Accessibility and accommodation:

Novartis is committed to working with and providing reasonable accommodation to all individuals. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the recruitment process, or in order to receive more detailed information about the essential functions of a position, please send an e-mail to and let us know the nature of your request and your contact information. Please include the job requisition number in your message.

 

Skills Desired

Communication Skills, Compliance Audits, Compliance Management, Compliance Risk Assessment, Compliance Training, Influencing Skills, Quality Assurance