Sr. Director GRC - Governance & Operational Excellence
With our new CDTO mandate to elevate the GRC Tech function to lead across all Tech, providing active Governance, Risk Management and Compliance Management and set modern strategies, policies and build capabilities to enable Tech to accelerate our pivot to be more Business focused, Digital enabled and Cloud-first organization.
The Sr. Director, GRC shall provide thought leadership and shape the future and set the right risk tone & tolerance aligned to GSK enterprise risks and frame risk as both opportunities to exploit and risks to be mitigated.
The Sr. Director GRC will need to have equal and credible Leadership capability, standing shoulder to shoulder with GSK Tech LT members and their direct reports, Business partners in Quality management, GSK Legal & Compliance, Audit & Assurance, Finance Controller and GSK’s external auditor. Executive Leadership, Teamwork, Agility, and negotiating & influencing skills will be critical to transform GRC, Tech and advancing GSK into Digital Enterprise with the right risk framework, tolerance, and tone, managed effectively.
1) Global R&D Digital & Tech BU Business Partner – provide the leadership and management of GRC initiatives and be recognized as a critical leader to the R&D Tech Business Unit (BU) leadership and staff. Through a deep understanding of the various business strategies and needs, deliver GRC Services to enable the R&D Tech BU to achieve their goals. Provide expert consultation to the R&D Tech BU on best practices in the execution of ITMS, Smart Controls, and Software Development Methodologies
2) Governance of Risk and Compliance - lead the R&D Tech BU Risk Management Compliance Board (RMCB). Ensure R&D Tech BU RMCB is aligned to the Global Tech RMCB and operates effectively. Ensures priority actions, findings and Corrective and Preventive Actions (CAPAs) for the R&D Tech BU is managed with clear accountabilities and tracking.
3) Risk Management – aligned with Enterprise Risks and ROCC; identify, mitigate, and manage all critical and major risks across R&D Tech BU both strategic and operational. Provide Risk and Compliance Consultancy on strategic R&D programs.
4) Compliance – enable R&D Tech BU through clear and simplified policies and methods to ensure compliance with all world-wide internal & external regulatory, legal, and corporate policies. Responsible for oversight of all Privacy laws impacting R&D. Provide GRC support and oversight during application development and maintenance. Partner with Business Quality Assurance teams to ensure GxP compliance across all R&D related systems, platforms, and infrastructure.
5) Accountable for developing and managing GSK Global Digital & Tech Policies, SOPs, Standards - GRC is the owner and custodian of GSK Global Tech Policies, SOPs, standards, and controls (ITMS, et al). Partner with VP of GRC and peers to execute on authoring and publishing of new and modified Global Tech policies, SOPs, Standards and Risk Processes including incorporating all Security Policies and standards into Tech ITMS/Master Controls, then deploy, train and change manage across the R&D Tech BU.
6) Quality – Accountable for developing and integrating Quality by design into Tech ITMS and Ways of Working. Develop, publish, and promote Tech-wide Quality metrics, ensure process adherence and compliant state of operations.
7) Training & Awareness – Train the R&D Tech BU on all applicable external Regulation, SOX, GxP and Enterprise Policies and Risk. Build a culture within R&D Tech BU of continuous Learning and agile adoption of new SOPs and smart controls.
8) Digital & Cloud – build capability to pivot Tech ways of working, including risk oversight into a cloud-first, Digital ML/AI capable function, using data & analytics and automation to enable appropriate posture in an environment of agile ways of working. Ability to evaluate and recommend appropriate usage of modern digital tools.
9) Leadership - provide leadership and motivation to the team of GRC professionals to deliver work effectively across geographies across employees and service providers. Grow the next generation of GRC talent with appropriate succession planning and digital expertise. Develop strong relationship with the following internal and external organizations: Quality organization in R&D, Finance Controller for SOX, Corp Compliance & Legal and GSK Privacy Officer – Be an active enterprise leader in all Quality / Compliance matters. Develop Partnership and influence to drive reasonable findings and outcomes with the GSK external auditor.
MS Information Tech, MS Computer Science / Engineering or related field
This job requires a high degree of Pharma Industry Regulation, modern Computer Science technologies (AI/ML. Cloud) and deep understanding Risk Analysis
Minimum Level of Job-Related Experience Required
8- 10 Years in Pharma / high regulated Compliance / Risk Leadership
GSK is a global biopharma company with a special purpose – to unite science, technology and talent to get ahead of disease together – so we can positively impact the health of billions of people and deliver stronger, more sustainable shareholder returns – as an organisation where people can thrive. Getting ahead means preventing disease as well as treating it, and we aim to positively impact the health of 2.5 billion people by the end of 2030.
Our success absolutely depends on our people. While getting ahead of disease together is about our ambition for patients and shareholders, it’s also about making GSK a place where people can thrive. We want GSK to be a workplace where everyone can feel a sense of belonging and thrive as set out in our Equal and Inclusive Treatment of Employees policy. We’re committed to being more proactive at all levels so that our workforce reflects the communities we work and hire in, and our GSK leadership reflects our GSK workforce.
GSK is an Equal Opportunity Employer and, in the US, we adhere to Affirmative Action principles. This ensures that all qualified applicants will receive equal consideration for employment without regard to race, color, national origin, religion, sex, pregnancy, marital status, sexual orientation, gender identity/expression, age, disability, genetic information, military service, covered/protected veteran status or any other federal, state or local protected class.
Important notice to Employment businesses/ Agencies
GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.
Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, GSK may be required to capture and report expenses GSK incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure GSK’s compliance to all federal and state US Transparency requirements. For more information, please visit GSK’s Transparency Reporting [Register to View] site.