BeOne Medicines
BIOTECHNOLOGY
Small Molecules, Monoclonal Antibodies
LocationCA - San Carlos
Employees12,000
Open Jobs256
Pipeline
ZanubrutinibN/A
ZanubrutinibN/A
BG-71332PHASE_1
BGB-11417PHASE_1
Senior GTS GRC Analyst, Europe
BeOne Medicines
This listing was originally posted on BeOne Medicines's careers page. Formulate is an equal opportunity job aggregator and is not involved in the hiring process. Where salary information is estimated, it is derived from BLS industry benchmarks and may differ from actual compensation.
Upgrade to Pro to access the AI-generated 'Read before applying' briefing and other premium pharma intelligence.
Upgrade to Pro — $25/moBeOne continues to grow at a rapid pace with challenging and exciting opportunities for experienced professionals. When considering candidates, we look for scientific and business professionals who are highly motivated, collaborative, and most importantly, share our passionate interest in fighting cancer.
BeOne is seeking a Senior Analyst of GTS (Global Technology Solutions) GRC (Governance, Risk and Compliance) to help build, enable and transform its risk management, compliance and security capabilities and resources in the European region. The GTS GRC Senior Analyst supports the Europe GTS GRC Senior Manager from a technology and security perspective across the organization. This position will be responsible for building and enhancing the GRC portfolio of efforts to raise the overall security and compliance posture for BeOne. This position will also be involved in implementing, maintaining and improving policies, procedures and internal controls to ensure compliance with applicable regulatory and legal requirements as well as best practices.
The GTS GRC Senior Analyst will drive risk analysis for internal and external third-party risk assessments by designing controls and implementing industry best practice processes for teams and technologies utilized across the organization. The role will work across multiple frameworks and regulatory standards including, but not limited to SOX, GxP, ISO, NIST CSF, GDPR, NIS 2, AI and other EU oriented data security & privacy laws and regulations. This position will liaise with all business groups including but not limited to Finance, Legal, Compliance, Clinical, Quality and other stakeholders in Europe region to implement new solutions and processes as well as document and remediate outstanding issues.
Essential Functions of the job:
Conduct internal IT, Cybersecurity, and third-party information security risk management activities for various information services systems and processes including IT SOX and GxP compliance.
Support efforts including but not limited to: Policy Management, IT Compliance Management, Training & Awareness Management, SDLC, IT Risk Management and Vendor Security Risk Management.
Support external and internal audits.
Implement controls to build and enhance the GRC program.
Monitor, remediate, and report controls gaps in the IT and Cybersecurity program areas. Provide management level status update and risk profile dashboards including current and desired future state of control maturity.
Collaborate with IT and business stakeholders to understand risks to critical infrastructure by defining potential business impacts.
Assess, report and mature the compliance posture for internal policies and guidelines as well as regulatory requirements based on frameworks including ISO, NIST CSF, GDPR, NIS 2, AI and other EU oriented data security & privacy laws and regulations.
Maintain, improve, and enforce BeiGene security policies and IT security standards along with security exception processes.
Effectively engage IT, stakeholders, business partners, and vendors to maintain an understanding of current risks, new systems, and changes to the environment.
Qualifications:
4+ years experience of GRC implementation, processes, and practices
Experience working with and implementing GRC tools and processes.
Experience building and developing successful risk management programs.
Experience with vendor management and conducting third-party risk assessments.
Experience creating and maintaining security policy, standard, guideline and procedure documents
Knowledge and experience in security and compliance frameworks such as NIST, ISO, etc.
Preferred:
Experience using OneTrust.
Experience leading regulatory compliance, such as GxP, SOX
Experience in facilitating and performing third-party vendor risk assessments with the ability to provide guidance on secure design and operation.
Advanced understanding of information security concepts including: cloud security and compliance, encryption, access controls, intrusion detection and prevention, disaster recovery, network security, security operations, security architect.
Experience working in a global enterprise environment.
Relevant and current industry certification(s): CRISC, CISSP, CISM, CISA
Supervisory Responsibilities:
Oversees and manages the assigned projects and controls
Salary Range Poland: 200,000.00 PLN - 250,000.00 PLN
Global Competencies
When we exhibit our values of Patients First, Driving Excellence, Bold Ingenuity, and Collaborative Spirit, through our twelve global competencies below, we help get more affordable medicines to more patients around the world.
We are proud to be an equal opportunity employer. BeOne does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, disability, national origin, veteran status or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need.
Explore related positions you might be interested in
We'll notify you when matching roles are posted.
Interviewed at BeOne Medicines?
Help others prepare — share your experience anonymously.
BIOTECHNOLOGY
Small Molecules, Monoclonal Antibodies
Upgrade to Pro to access salary benchmarks and market rate data and other premium pharma intelligence.
Upgrade to Pro — $25/moUpgrade to Pro to access AI interview prep brief and other premium pharma intelligence.
Upgrade to Pro — $25/mo