AMAG is a biopharmaceutical company focused on bringing therapeutics to market that provide clear benefits and help improve people’s lives. Our employees work to develop and deliver important therapeutics, conduct clinical research in areas of unmet need and create education and support programs for the patients and families we serve. AMAG's products support the health ofpatients in the areas of maternal and women's health, anemia management and cancer supportive care. Through CBR®, we also help families to preserve newborn stem cells, which are used today in transplant medicine for certain cancers and blood, immune and metabolic disorders, and have the potential to play a valuable role in the ongoing development of regenerative medicine.
AMAG's core values -- accountable, collaborative, transparent, sense of urgency, and results focused -- provide an important framework for who we are and how we operate. Our values are also foundational to the way we do business and are key to how we execute on our five year strategic plan 2015-2020: Growing, Building, Together. We take a patient-centric approach to continuing to grow our current products through meaningful investment in research to expand the utility of these products and a strong commitment to patients and support programs.
In addition, we seek to build our product portfolio with additional therapeutics that could benefit from our business and clinical expertise. The successful execution of our strategy hinges on a talented and motivated team of employees who worktogether to make our plans a reality. Every day, the people at AMAG aim higher, devoting our passion and perseverance to finding new and better ways to support the health of patients and families.
The Senior Manager of Technology Compliance, serves as the technological thought leader for ensuring AMAG physical and digital information assets and technologies meet or exceed required compliance frameworks. The position will focus on customercentricity and business processes to establish a robust compliance framework. This role will aim to optimize sourcing solutions tosimplify the compliance landscape in support of AMAG Technology’s core capabilities - business partnering, architecture & platforms, solution delivery and operations.
Duties & Responsibilities:
- Keep AMAG interest and strategic goals first and foremost while ensuring that international, national and local information security, quality and privacy regulations are being adhered to associated with PCI DSS, Sarbanes-Oxley, 21CFR11, MA 201, California Privacy Laws, and other standards as necessary by leading audit and compliance planning and activities onbehalf of the AMAG Technology organization through various methods including but not limited to -
- Creating cross-domain compliance program focusing on: policy development, aggregation and normalization, control monitoring, workflow management, and case management
- Taking the lead in all AMAG Technology internal and external (ex. vendor) audit activities
- Standardize and automate compliance activities to increase efficiency and effectiveness of compliance managementprograms and eliminate non-value added steps
- Lead efforts to ensure AMAG Technology associates and stakeholders including third-party suppliers and their employeesare aware of compliance obligations and how to support compliant behavior and uses of technology; and participates in wider AMAG compliance awareness and training efforts
- Identify and plan compliance initiatives for data, software, hardware, telecommunications, and computer systems
- Determine methods of implementing and enforcing compliance policies as well as actively monitoring and testing processes and procedures
- Ensure compliance elements are measured, monitored, communicated and corrected as appropriate
- Participate in corporate-wide risk and compliance related communities
- Bachelor’s degree in computer science, IT, business, law or related disciplines required
- 10+ years in a corporate environment
- 5+ years of demonstrated experience in compliance management
- Ability to lead collaborative authorship of policies, procedures, and other compliance documents, working closely and simultaneously with multiple compliance organizations
- Working knowledge of the methods, standards and guidelines of enterprise level compliance and risk management.
- ITIL, CIPP, CISA, CGEIT or similar certification desirable
- Familiarity of security standards, assessments and risk frameworks such as ISO/IEC 27001/2, NIST Cloud Security Alliance (CSA), 21CFR11, PCI DSS, COBIT\SOX, CIS Benchmarks etc
- Experience designing and implementing compliance policies for infrastructure in a multi-tenant cloud computing or datacenter environment
- Expert executive presentation and communication skills
- Strong attention to detail, influencing and problem resolution skills