Skip to main content

This job has expired

You will need to login before you can apply for a job.

Policy Exception and Audit Governance Specialist

Employer
Amgen
Location
Washington D.C., District of Columbia
Start date
Oct 15, 2024
View more categoriesView less categories
Discipline
Clinical, Clinical Medicine, Quality
Required Education
High School or equivalent
Position Type
Full time
Hotbed
Best Places to Work

Job Details

HOW MIGHT YOU DEFY IMAGINATION?

Youve worked hard to become the professional you are today and are now ready to take the next step in your career. How will you put your skills, experience and passion to work toward your goals? At Amgen, our shared missionto serve patientsdrives all that we do. It is key to our becoming one of the worlds leading biotechnology companies, reaching over 10 million patients worldwide. Come do your best work alongside other innovative, driven professionals in this meaningful role.

Policy Exception and Audit Governance Specialist

Live

What you will do

Lets do this. Lets change the world. In this vital role you will be a vital part of Amgens Cybersecurity & Digital Trusts (CDT) Governance, Risk and Compliance team. In this position you are responsible for implementing and maintaining audit, policy exception and security issue management processes to stabilize and enhance the performance of these services. This role includes hands-on activity to manage policy exceptions, track audit commitments, and manage security issues.

To be successful, you will require strong collaboration with control owners, service owners, engineers, and other Amgen internal partners such as Law, Compliance, Corporate Audit, Quality and Finance to maintain and enhance Amgens IS governance landscape. You will also develop and enforce SLAs (Service Level Agreements) to ensure consistent and reliable security service delivery.

The Specialist is expected to deliver services and solutions that support the mission, priorities, and objectives of Amgens Cybersecurity & Digital Trust (CDT) team. You will be responsible for:

Policy Exceptions

  • Stabilize and manage a process for handling policy exceptions, including the review, approval, and documentation of exceptions.

  • Create and document policy exception records in ServiceNow IRM.

  • Analyze policy exceptions to understand and mitigate potential impacts.

  • Track, monitor, and measure all policy exceptions to ensure they are revisited and reassessed regularly.

  • Work with stakeholders to communicate policy exception process, develop compensating controls for policy exceptions, and ensure timely closure.

  • Develop and implement processes for continuous monitoring and improvement of policy exception management.

  • Own and maintain process documentation (e.g. SOP, knowledge base articles) to deliver the service and help inform stakeholders

Audit

  • Coordinate and prepare documentation and evidence required for audits, ensuring timely and accurate responses to audit requests.

  • Support addressing audit findings and recommendations

  • Create and document corrective action records (Remediation Tasks) in ServiceNow IRM to facilitate resolution and improve security posture.

  • Track, monitor, and measure the progress of audit corrective actions to ensure they are completed as planned.

  • Develop and implement processes for continuous monitoring and improvement of audit commitment management.

  • Identify and implement KPIs

  • Own and maintain process documentation (e.g. SOP, knowledge base articles) to deliver the service and help inform stakeholders

Security Issue Management

  • Create and document Issue records in ServiceNow IRM to facilitate remediation and improve security posture.

  • Track, monitor, and manage security issues from observation to resolution.

  • Support control owners and service owners in determining underlying causes of security issues, identifying applicable control objective(s), and developing remediation approaches. Remediation Task records are recorded and tracked in ServiceNow IRM.

  • Coordinate with accountable owners to ensure timely resolution of Issues and Remediation Tasks.

  • Develop and implement processes for continuous monitoring and improvement of security issue management.

  • Ability to prioritize operational excellence of the service and supporting technology to deliver a safe, secure, reliable, compliant services and achieve operational objectives

  • Actively engage with management to stabilize services and gain stakeholder support to achieve operational objectives

Win

What we expect of you

We are all different, yet we all use our unique contributions to serve patients. The security professional we seek will have these qualifications.

Basic Qualifications:

Doctorate degree

OR

Masters degree and 2 years of Information Security experience

Or

Bachelors degree and 4 years of Information Security experience

Or

Associates degree and 8 years of Information Security experience

Or

High school diploma / GED and 10 years of Information Security experience

Preferred Qualifications:

  • ServiceNow IRM experience

  • Prior policy exception, audit, and service management experience

  • Attention to Detail: Ensure accuracy and thoroughness in policy exception and audit preparation.

  • Adaptability: Adjust to changing regulatory requirements and security threats.

  • Service Orientation: Focus on stabilizing and enhancing the quality of security services.

  • Collaboration: Work effectively with cross-functional teams, inform and educate stakeholders, and build strong relationships with stakeholders.

  • Ability to independently handle priorities and meet deadlines in a fast-paced, virtual team environment

  • Superb communication, organization, and planning skills

  • Technical curiosity with strong logical, problem solving, and decision-making skills

  • Driven and thorough with the ability to deal with complexity and ambiguity

  • Working experience in Agile / DevOps environment

  • Must be team-oriented, placing priority on the successful completion of team goals

  • Practical Knowledge of Information Security standards and frameworks such as ISO 27001/27002, NIST, and others

Preferred certifications:

  • CISM, CISA, CompTIA Security, CISSP, GIAC

Thrive

What you can expect of us

As we work to develop treatments that take care of others, we also work to care for our teammates professional and personal growth and well-being.

The expected annual salary range for this role in the U.S. (excluding Puerto Rico) is posted. Actual salary will vary based on several factors including but not limited to, relevant skills, experience, and qualifications.

Amgen offers a Total Rewards Plan comprising health and welfare plans for staff and eligible dependents, financial plans with opportunities to save towards retirement or other goals, work/life balance, and career development opportunities including:

  • Comprehensive employee benefits package, including a Retirement and Savings Plan with generous company contributions, group medical, dental and vision coverage, life and disability insurance, and flexible spending accounts.

  • A discretionary annual bonus program, or for field sales representatives, a sales-based incentive plan

  • Stock-based long-term incentives

  • Award-winning time-off plans and bi-annual company-wide shutdowns

  • Flexible work models, including remote work arrangements, where possible

Apply now

for a career that defies imagination

Objects in your future are closer than they appear. Join us.

careers.amgen.com

Application deadline

Amgen does not have an application deadline for this position; we will continue accepting applications until we receive a sufficient number or select a candidate for the position.

Amgen is an Equal Opportunity employer and will consider you without regard to your race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Company

We are all different, yet we have this in common: our mission to serve patients. This sense of shared purpose is key to our becoming one of the world’s leading biotechnology companies. It guides us as we continue to launch new medicines and reach millions of patients worldwide.

We live the mission.

We win together.

We thrive on continual challenge.

Our team of 22,000+ scientists and professionals worldwide bring distinct perspectives and experiences to all we do. We leverage our global talent to achieve together—to research, manufacture and deliver ever-better products and greater depth to our mission.

At Amgen, there is a strong correlation between our high level of diversity and performance. Because addressing issues with a wider range of perspectives and approaches leads to more creative problem-solving. Together, we’re transforming the promise of science and biotechnology into therapies that have the power to restore health.

Connect with us to explore how you can Win, Live, and Thrive at Amgen.

Facebook  Social Icon - X Logo

Company info
Website
Phone
805-447-1000
Location
Corporate Headquarters
One Amgen Center Drive
Thousand Oaks
California
91320-1799
United States

Get job alerts

Create a job alert and receive personalized job recommendations straight to your inbox.

Create alert