Senior Analyst, Governance, Risk & Compliance
BeiGene
Guangzhou Commercia
6d ago

BeiGene continues to grow at a rapid pace with challenging and exciting opportunities for experienced professionals. When considering candidates, we look for scientific and business professionals who are highly motivated, collaborative, and most importantly, share our passionate interest in fighting cancer.

Job Description :

BeiGene is seeking an experienced GRC Program (Senior) Analyst to join our growing information security function, who has GRC responsibilities from a technology and security perspective across the organization.

Working closely with the IT Senior Manager of GRC, this position will be responsible for conducting and enhancing the GRC effort to raise the overall security and compliance posture for BeiGene.

This position will also be directly responsible for implementing, maintaining and improving policies, procedures and internal controls to assure compliance with applicable regulatory and legal requirements as well as best practices.

The GRC (senior) analyst will conduct risk analysis for internal and external third-party risk assessments based on controls and implementing industry best practice processes utilized across the organization.

The role will work across multiple frameworks and regulatory standards including, but not limited to, NIST CSF, ISO, GDPR, SOX, CSL / MLPS2.

0, etc. This position will liaise with business groups including but not limited to Finance, Legal, Compliance, Quality and other stakeholders to implement new solutions and processes as well as document and remediate outstanding issues.

This role will also have responsibility for the implementation of a GRC system that will be used to further the automation of the program.

Qualification Required :

Essential Functions of the job :

  • Responsible for conducting internal IT, Cybersecurity, and third-party information security risk management activities for various information services systems and processes including IT SOX compliance.
  • Responsible for implementation of controls within the GRC program, monitoring, remediation, and reporting of controls gaps in the IT and Cybersecurity program areas.
  • Provide management level status update and risk profile dashboards including current and desired future state of control maturity.

  • Articulate risks identified from various sources (IT service providers, third party, risk assessments, vulnerability scan and pen tests) in terms of business impact, and maintain the risk register up-to-date with all new risk information and changes
  • Assess, report and mature the compliance posture for internal policies and guidelines as well as regulatory requirements based on frameworks including NIST CSF, ISO, GDPR, SOX, CSL / MLPS 2.0, etc.
  • Maintain, improve, and enforce BeiGene security policies and IT security standards along with security exception processes.
  • Effectively engage IT, stakeholders, business partners, and vendors to maintain an understanding of current risks, new systems, and changes to the environment;
  • and to agree a mitigation plan, a remediation strategy and appropriate timelines for any issues found

  • Conduct and support BeiGene vendor security assessments.
  • Support regulatory compliance audits relating to SOX and GxP.
  • Assist and support the Senior Manager of GRC by bolstering detailed business and technical coordination in critical projects.
  • Follow Us on !

    Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form