Job Title - Sr. Risk and Compliance Analyst
Do you want to be part of an inclusive team that works to develop innovative therapies for patients? Every day, we are driven to develop and deliver innovative and effective new medicines to patients and physicians. If you want to be part of this exciting work, you belong at Astellas!
Astellas Pharma Inc. is a pharmaceutical company conducting business in more than 70 countries around the world. We are committed to turning innovative science into medical solutions that bring value and hope to patients and their families. Keeping our focus on addressing unmet medical needs and conducting our business with ethics and integrity enables us to improve the health of people throughout the world. For more information on Astellas, please visit our website at www.astellas.com .
This position is based in Bengaluru and will require some on-site work.
Purpose and Scope:
This generalist role will collaborate closely with partners in DigitalX, TechnologyX, Ethics and Compliance and the business to ensure compliance with policies, data governance and regulatory requirements.
Essential Job Responsibilities:
Assists in the identification, analysis, resolution and monitoring of compliance issues.
Reviews and approves change tickets for infrastructure compliance
Identifies and reports findings, trends, problems, and activities that may indicate a need for change in policies, procedures, internal controls, or training.
Performs information security risk assessments on third party vendors and external business partners in coordination with Third Party Risk Program
Reviews and manages policy exceptions through the process
Tracks and monitors risk remediation action plans
Interpret and analyze third party security risk assessment results, report findings to business owners, and provide recommendations for remediation.
Work with business owners to coordinate and oversee the management of issues stemming from third party security risk assessments.
Collaborate with internal partners to document risks, issues and mitigation plans.
Supports data security program.
Other projects as assigned.
Qualifications Required
Bachelor's degree
3+ years of IT, Security, or GRC experience in a position related to this role (e.g., information security, compliance, audit, risk, etc.)
1+ year of experience performing security risk assessments (including AI components a plus)
Knowledge and understanding of information security best practices
Experience with regulatory compliance and/or information security management frameworks
Familiarity of domestic and global regulations related to data privacy and security
Familiarity of the data management aspects of the product development life cycle, architecture, data handling and asset classification
Strong investigative, analytical, and problem-solving skills
Organized self-starter; versatile and capable of working with minimal management oversight.
Preferred
Relevant certifications such as Certified Information Systems Auditor (CISA)
Knowledge of GRC tools and solutions.
One Trust experience a plus
Working Environment
- At Astellas we recognize the importance of work/life balance, and we are proud to offer a hybrid working solution allowing time to connect with colleagues at the office with the flexibility to also work from home. We believe this will optimize the most productive work environment for all employees to succeed and deliver. Hybrid work from certain locations may be permitted in accordance with Astellas’ Responsible Flexibility Guidelines.
Category TechX
Astellas is committed to equality of opportunity in all aspects of employment.
EOE including Disability/Protected Veterans