Position Summary
The Senior IT Security, Risk & Compliance Analyst supports IT compliance, risk management, and computer systems validation in a regulated life sciences environment, ensuring IT systems and processes meet applicable regulatory, security, and corporate governance requirements.
Responsibilities
- Advise project teams on validation scope, risk, and validation strategies
- Maintain and manage the status of validated applications for ongoing compliance
- Perform audit readiness assessments and support internal/external audits
- Gather system/project requirements with business users and technical teams
- Coordinate/support IT change management to ensure compliance with validation and regulatory requirements
- Review system changes and provide compliance assessments with audit-ready documentation and closure summaries
- Investigate systems issues/deviations/failures; perform root cause analysis; support non-conformances and CAPAs
- Support development and execution of computer systems validation activities
- Ensure IT systems and processes comply with regulations and internal policies
- Identify compliance risks and recommend mitigation strategies
- Collaborate with IT, Quality, and business stakeholders for compliant implementation and operations
- Contribute to continuous improvement of compliance, validation, and risk management processes
Qualifications
- Bachelorโs degree (Masterโs preferred); 8+ years Computer Systems Validation or related experience in life sciences/health sciences
- Strong oral and written communication to advise stakeholders on regulatory compliance
- Strong organizational skills; ability to manage multiple validation projects
- Experience collaborating cross-functionally on validation strategy
- Experience validating enterprise applications and with test management tools
- Ability to articulate risk-based validation strategy
- Working knowledge of 21 CFR Part 11 and other applicable GxP regulations
- Experience with software development lifecycle activities, methodologies, testing, and validation
- Experience with IT infrastructure/applications (e.g., virtualization, directory services, storage, DBMS)