Job Summary & Responsibilities
IT Compliance Manager is responsible for all aspects of IT compliance, testing, and system/software changes. The primary responsibilities will include, Governance, Risk, and Compliance management of the IT operations that address Internal Control over Sarbanes-Oxley, as well as managing IT’s Computer System Validation Programs.
The ideal candidate will have an in-depth knowledge and experience in the area of GxP, SOX, ITGC, HIPAA, 21 CFR Part 11, and ITIL frameworks as related to IT delivery services. The individual must possess the documented and referenceable experience with IT delivery services, process improvements, and assessment of IT control environment. The individual will be responsible for internal and external coordination with IT and audit resources. This individual will also manage Nevro’s Change Management Process (CMP) and Change Advisory Board. (CAB), develop testing strategy across IT applications.
This role is required to coordinate with the appropriate groups (executive management, internal audit, external audit, etc.) to keep abreast of regulatory changes and industry standards. Team management including direct reports and consultants.
- Develops and implements monitoring processes to ensure that information systems are implemented and maintained according to corporate policies and regulatory requirements including 21CFR Part 11, Data Integrity, Data Privacy, and Sarbanes-Oxley (SOX).
- Develops and Implements consistent testing strategy to be used across IT applications.
- Maintains and Improves an IT Change Management Framework, by identifying and executing improvements to current change management policies and processes. Maintains validated state of systems during operational use.
- Maintains IT’s Computer Validation System (CVS) SOP. Leads validation efforts related to new and existing applications by working in partnership with key stakeholders in the company that include Quality, Validation, Legal, Finance, and HR.
- Works with company's internal & external auditors to ensure continued compliance with regulatory (SOX, GxP, HIPAA, 21 CRF Part 11, etc) requirements and internal control standards, serving as central point of data gathering.
- Manages/coordinates validation project activities through all phases of projects. Develops validation documents like plan and summary reports in alignment with internal procedures. Oversees internal and external team members in execution of validation activities.
- Drafts/Updates IT SOPs and ensure adherence to the organization's SOPs, IT Controls framework and System Development Life Cycle (SDLC), ensuring current projects meet business and regulatory requirements.
- Manages direct employees and consultants.
- Other duties as assigned.
Skills and Knowledge
- Bachelor's degree in Computer Science, Engineering or a Related Field with minimum of 8+ years of experience in IT Quality and Compliance.
- Experience with Software Development Life Cycle (SDLC) or relevant framework.
- In Depth knowledge and understanding of 21CFR Part 11, GxP Validated Systems, Good Manufacturing Practices, and IT Sarbanes-Oxley Regulations.
- Experience working in an FDA regulated environment (GxP).
- Excellent verbal, written communication, and presentation skills.
- Knowledge of commonly used concepts, practices, and procedures within the IT field.
- Experience supporting manufacturing systems validation, including MES, ERP.
- Ability to work independently as well good team player and to manage direct reports and consultants.