Are you looking for a patient-focused company that will inspire you and support your career? If so, be empowered to take charge of your future at Takeda. Join us a IT Risk Manager in our Cambridge, MA office.
Here, everyone matters and you will be a vital contributor to our inspiring, bold mission. As an IT Risk Manager working in the Risk Management team, a typical day will include:
- Manage continuous identification of IT risks and the yearly summary within IT in alignment with ITLT members and other IT resources on key themes of technology disaster and recovery, supplier risks and other risks for IT
- Lead the classification of identified risks within the Takeda IT Risk and Control Framework.
- Facilitate activities key stakeholders at all management levels to define appropriate and aligned remediation plans to address and solve risks in an efficient and cost-effective way.
- Monitor identified risks and actions, assess new global risks and manage monthly reporting to the ITLT.
- Conduct information security and data privacy 3rd party risk assessments, follow-up on remediation and work with legal to ensure proper security requirements are included in the vendor contracts
- Identifies risks in co-operation with GIT resources and ITLT- members and manage additional assessments as needed.
- Analyze and evaluate identified risks based on an assessment methodology.
- Maintains a process, risk and control framework to improve the organization s risk profile by aligning with regulatory, leading practices and internal requirements.
- Effectively impact and create mediation plans on identified and agreed risks and support management on all levels in the IT organization in an efficient and cost effective way. Monitors the delivery of mediation plans.
- Coordinates and communicates IT risk-related activities among key stake holders.
- Perform Vendor Security assessments activities include evaluation of vendor controls and practices, develop process enhancements proposals, performing on site assessments, reviewing security test reports, and analyzing and developing security requirements, monitor vendor activities to address identified gaps.
- Ensures consistent and continual alignment to the business and IT strategy through its oversight of the IT Risk Management framework and processes.
- Defines targeted and quantifiable reporting of IT Risk Management activities, including all aspects of the metrics/reporting lifecycle management.
- Monitors key risk indicators (KRIs) and key performance indicators (KPIs)
- Integrates and coordinates risk intelligence artefacts to gain efficiencies and reduce redundancy
- Provides targeted reporting to all levels of IT especially to the ITLT and Business management on a regular and structured base.
- Executes, maintains, oversees technology or GRC (governance, risk and compliance) tools
- Collaborates with all technology groups, lines of business, and corporate functional areas to define, gather and analyze metrics.
COMPETENCIES, EDUCATIONAL AND SKILLS
- Bachelor Degree or equivalent
- 5 years or more of relevant experience.
- is preferred
- Experienced in performing IT security risk assessments and experience in Information Security
- Demonstrated experience understanding of security principles, IT security controls, and related technologies and products
- Prior experience in conducting Information Security risk assessments and 3rd party security and data privacy assessment
- Strong verbal/written communication, with ability to effectively interact with professionals at all levels of responsibility and authority;
- Able to prioritize, delegate, and foster the development of high performance teams to lead/support an environment driven by customer service and team work
- Work with virtual teams located in different countries around the world, aligning and adapting different work, culture and communication styles.
- CISSP certification
- Project management experience
- Experience within the pharmaceutical industry