Senior Manager IT Compliance

About the Role

We are seeking an experienced Senior Manager IT Compliance to oversee and ensure the integrity and compliance of our IT systems, particularly in the areas of IT General Controls (ITGCs) for SAP and finance systems. In this role, you will work closely with various teams, including Corporate Audit and IT Risk Management, to identify, assess, and mitigate IT-related compliance risks. Validation and IT Quality will be crucial stakeholders to ensure alignment of ITGC framework with GxP lifecycle management requirements of computerized systems. This role requires a thorough understanding of regulatory requirements and the ability to implement controls that safeguard both the organization and its systems from compliance risks.

Key Responsibilities

IT General Controls (ITGCs) for SAP and non-SAP finance-related Systems

• Support in the design, implementation, and monitoring of IT general controls for SAP and non-SAP finance-related systems to ensure adherence to internal and external compliance standards.
• Ensure that all controls for financial data processing, reporting, and access are functioning effectively and in line with relevant regulations and collaborate with the finance team to ensure alignment between financial reporting and ITGCs.

IT General Controls for GxP Systems

• Oversee IT general controls for GxP-regulated systems to maintain compliance with applicable regulatory standards (e.g., FDA, GMP, GxP guidelines).
• Partner with stakeholders in IT and Internal Control departments to define synergies in ITGCs definition for all systems, including GxP.
• Evaluate SOC reports of partners providing IT services to ensure compliance with internally defined standards.

Collaboration with Corporate Audit

• Work with the Corporate Audit function to assess and analyze IT findings from internal and external audits.
• Assist in the identification of IT-related audit issues and provide input on corrective action plans.
• Support audit efforts by providing documentation, evidence, and explanations related to IT compliance activities.

Collaboration with IT Risk Management

• Partner with the IT Risk Management team to identify and assess IT compliance and security risks.
• Provide recommendations and support for the development and implementation of risk mitigation strategies and controls.
• Assist in the preparation of risk assessments and ensure that appropriate ITGCs are in place to manage identified risks.

Regulatory Compliance and Continuous Improvement

• Continuously assess the effectiveness of existing compliance controls, recommend improvements to enhance security and efficiency.
• Keep your knowledge up to date and assist in the preparation for and coordination of regulatory inspections or audits.

AI Compliance

• Stay updated on evolving regulatory requirements for AI in GxP, finance, and other regulated environments.
• Work closely with internal AI Center of Excellence and cross-functional teams to align AI initiatives with compliance requirements and ensure compliance of AI systems and applications with internal and external governance frameworks.
• Promote AI Compliance Awareness: Develop and deliver training on AI compliance requirements, risks, and best practices. Foster a culture of responsible AI use and compliance across the organization, ensuring teams understand the implications of AI in their workflows.

Training and Awareness

• Develop and deliver training materials to ensure business units are educated about IT compliance requirements, policies, and controls.
• Promote a culture of compliance awareness across the organization.

Documentation and Reporting

• Maintain comprehensive documentation of all IT compliance activities, including risk assessments, control testing, and audit findings.
• Prepare periodic compliance reports for senior management, outlining key issues, risks, and status of mitigation actions.

Qualifications

Education

• Master's degree in Information Technology, Computer Science, Business Administration, or related field.
• A relevant compliance certification (e.g., CISA, CISM, CISSP) is of advantage.

Experience

• Minimum of 5 years of experience in IT compliance, IT audit, or risk management, with a focus on SAP, finance systems; experience with GxP systems of advantage.
• Experience working with audit functions and cross-functional teams to identify and resolve IT compliance issues.
• Experience with AI governance, validation, and risk management in regulated industries.
• Solid understanding of IT risk management practices, controls, and frameworks (e.g., COSO, COBIT).

Skills

• Strong analytical skills with the ability to assess complex IT and business processes for compliance risks.
• Excellent communication skills, with the ability to explain technical concepts to non-technical stakeholders.
• Detail-oriented with strong organizational and documentation skills.

Preferred Qualifications

• Knowledge of SAP GRC (Governance, Risk, and Compliance) or similar compliance management tools.
• Experience in life sciences or pharmaceutical industries with a focus on GxP-compliant systems.

Why Join Our Team?

At Fresenius Kabi, compliance and quality are the foundation of our mission to improve patient care worldwide. In this role, you will have a direct impact on the security and reliability of critical IT systems that support our global operations. You will work closely with international teams and contribute to the continuous development of a strong, future-oriented compliance landscape.

Key skills/competency

• IT Compliance
• IT Audit
• Risk Management
• SAP Systems
• GxP Regulations
• IT General Controls (ITGCs)
• Regulatory Compliance
• AI Governance
• COSO Framework
• COBIT Framework