Thermo Fisher Scientific Inc. (NYSE: TMO) is the world leader in serving science, with revenues of more than $20 billion and approximately 65,000 employees globally. Our mission is to enable our customers to make the world healthier, cleaner and safer. We help our customers accelerate life sciences research, solve complex analytical challenges, improve patient diagnostics, deliver medicines to market and increase laboratory productivity. Through our premier brands - Thermo Scientific, Applied Biosystems, Invitrogen, Fisher Scientific and Unity Lab Services - we offer an unmatched combination of innovative technologies, purchasing convenience and comprehensive services.
This role is part of the Corporate Information Security (CIS) Policy and Compliance team that is tasked with monitoring and implementing controls to aid in IT and security compliance across the organization. This position will help influence development and execution of policies, directives, standards, and procedures in support of corporate and regulatory compliance. The position will be responsible for assisting with the overall program strategy, identifying and developing standards and regulatory approaches to aid in organizational compliance, and maintaining the compliance of the organization by monitoring the changes to standards and regulations as they occur and integrating those changes into the policy lifecycle through the performance of periodic gap assessments.
· Assist in the policy lifecycle by monitoring of changes to the standards and regulatory landscape as it pertains the to the organization.
· Act as a subject matter expert (SME) for all compliance regulations that apply to Thermo Fisher Scientific as well as actively monitor for new/emerging regulatory requirements on a regular basis
· Drive communication and implementation of compliance regulations as well as IT and security standards across the organization.
· Work closely with legal to ensure that proper security controls are in place to protect sensitive data of our company, employees, and customers within the law and regulations around the world.
· Partner effectively with the security awareness program to communicate to the workforce any applicable standards, regulations, policies, procedures, and programs.
· Partner with internal teams to ensure sensitive data has been identified and that the standards and regulations in place for the organization adequately meet the needs and goals of CIS and Thermo Fisher Scientific.
· Collaborate with other departments outside of IT (e.g., Risk Management, Internal Audit, HR, Legal, etc.) to direct policy and regulatory issues to appropriate channels for investigation and resolution.
· Consult with corporate counsel as needed to resolve legal issues related to regulations and standards.
· Provide training and awareness on IT and security compliance regulations and standards across the organization.
· Perform other duties as assigned.
·2- 5+ years’ experience in information technology, compliance, legal, data protection/privacy, and/or information security.
· Knowledge of risk analysis and information security
· Knowledge of data privacy and security requirements under EU Data Protection Directive, PCI, GLB, HIPAA, FDA and other relevant legislation when appropriate for business. (Canada Personal Information Act, etc.)
· Bachelor’s Degree in Law, Information Security, Cybersecurity, Information Assurance, Risk Management, or equivalent work experience.
· Ability to develop metrics and provide analysis to measure effectiveness of programs
· Excellent writing skills, with experience as a writer, technical editor, or communications specialist a plus
· Strong interpersonal, organizational, and excellent documentation skills are a must
· Excellent customer service skills required
Non-Negotiable Hiring Criteria:
• Strong attention to detail, organizational skills, time management
• Excellent verbal and written communication skills
• The ability to interact professionally with a diverse group: executives, managers, and subject matter experts
• The ability to take direction and independently work through projects as required.