Skip to content

Job Openings

Senior IT Quality Compliance Manager

Conshohocken, PA 19428

Posted: 01/09/2023 Employment Type: Direct Hire/Perm Job Category: Technology Job Number: 530933 Pay Rate: 155,000 Is job remote?: No Country: United States

Job Description

The Role:

The IT compliance Manager's role is to assess and oversee all technology-related compliance issues across the organization including GxP compliance, information security, privacy and operational support processes including but not limited to IT Change Management, business continuity, identity management, user access and data integrity. This includes providing objective risk assessments of the company's compliance with regulatory, organizational and commercial requirements governing the organization's information technology systems. In addition, GDPR activities such as Breaches, SARs, DPIAs and the Sarbanes Oxley (SOX) requirements for Information Technology General Controls (ITGCs) are also the responsibility of the IT Compliance Manager.

The IT compliance manager will also be engaged in updates to policies, procedures and controls to ensure that the organization's practices remain observant to all pertinent local, state/province/county/federal/national laws and industry standards. The IT compliance manager will work with Director, IT Compliance to ensure organizational alignment with non-IT functions such as Legal, Procurement and Quality Assurance.


Regulatory Compliance Activities
  • Accountable for Computer Systems Validation process and documentation to ensure compliance with regulatory frameworks throughout the IT asset lifecycle for regulated systems.
  • Oversee the monitoring and periodic review of systems to ensure continuous compliance.
  • Conduct necessary IT compliance control monitoring and testing activities to determine the effectiveness of the controls.
  • Remediate IT compliance control deficiencies.
  • Investigation and documentation of any incidents, breaches or unlawful activity related to IT compliance, such as the intentional release of privileged information or a related security breach.
  • Actively support upkeep and maintenance IT compliance policies, based on any relevant regulatory changes or new laws.
  • Partner closely with Quality Assurance function to identify all IT compliance requirements (i.e. security, user access, privacy, data integrity, etc.) associated with the laws and regulations within all relevant jurisdictions.

GDPR and Privacy Activities
  • Guide third-party stakeholders (including business partners, suppliers, service providers and IT product vendors) to ensure that they clearly understand and comply with company privacy requirements.
  • Support GDPR requirements for DPIA, SARs, Breaches and Article 30.

General Compliance Activities
  • Manage and update the Enterprise Risk Management log, addressing risks by initiating and overseeing appropriate mitigation projects.Experience with managing issues, incidents, CAPAs and deviations.
  • Report the levels of IT compliance risk and control effectiveness to key stakeholders such as IT-business unit management, senior management, board of directors, legal management, regulators, internal/external auditors, etc.
  • Lead the enterprise's response to privacy-related emergencies and other potentially damaging events.
  • Create an IT compliance training and awareness program that periodically educates the requisite end-user community on the relevant IT compliance requirements and certifies their adherence to the relevant IT compliance controls.
  • Monitoring of ITGCs compliance for SOX requirements.
  • Reporting of ITGCs compliance for SOX.
  • Supporting internal and external SOX audits.

Commercial Compliance Activities
  • Ensure IT compliance and data protection requirements are effectively represented in contracts for IT products and services.
  • Ability to review and assess adequacy of suppliers based on industry standard certification or report from IT suppliers in line with the company QMS (e.g., ISO 27001, Service Organization Control Reports, PCI DSS, GDPR, GxP, EMA Annex 11, MHRA GCP, HIPPA, SOX, etc.).

Organizational Compliance Activities
  • Identify any gaps between the desired level of compliance and the current level of maturity.
  • Implement the required IT compliance policies and controls to meet the desired level of compliance maturity reflected in each standard or framework.
  • Participate in and contribute to wider organizational initiatives focussed on improvement of compliance standards and practices as well as to promote awareness and education.


  • Minimum 5 years' experience working in the life sciences / pharmaceutical industry.
  • Direct experience with Health authority audits against IT controls in the life sciences / pharmaceutical industry.
  • Significant and demonstrable experience in: Annex 11; FDA 21 CFR Part 11; GxP / GAMP 5.
  • Demonstrable experience in development of processes and procedures (SOPs).
  • Must possess the ability to make quick decisions needed to thrive in a challenging and fast-paced environment.
  • Demonstrably effective at handling multiple simultaneous tasks, with associated & changing deadlines.
  • Must be able to communicate clearly and effectively to achieve desired outcomes.
  • Demonstrable ability to build trusted working relationships with colleagues and stakeholders across various organizational functions.
  • Ability to set and manage priorities judiciously.
  • Ability to present ideas in business-friendly and user-friendly language.
  • Exceptionally self-motivated, directed and detail-oriented.
  • At critical project times the role holder may be required to work irregular hours or out of hours depending on the agreed project schedule and deliverables.
  • The role will be required to travel nationally and internationally on an irregular basis.

  • Membership of appropriate industry bodies supporting IT compliance and validation in the life sciences / pharmaceutical industry.
  • Certification in national, state or provincial information technology laws and regulations, such as GDPR; HIPPA; SOX; RIPA; CAN-SPAM; HTA; ISO 27000.
  • Excellent knowledge of technology environments, including information security, encryption methods and privacy-based solutions.
  • Knowledge of project and program management, business case development, budgeting and financials.
  • Demonstrated understanding of data processing, hardware platforms, enterprise software applications and outsourced systems, including: supply chain planning & visibility; data warehousing / business intelligence; and regular IT operations.
  • Understanding of computer systems and integration capabilities.

  • Undergraduate degree in computer science, business administration; graduate degree in one these fields or strong employment-based experience.
  • Industry-related compliance, information security or business continuity management certification or previous employment-based experience preferred.
  • Lifesciences quality related certification/qualification from ISPE, ASQ or other.
  • Exposure to or awareness of quality management process such as ISO9001 and ISO27001.
  • Systems and or auditing related certifications or qualifications such as IAA or ISACA.

Lead with Science and Discover What is Within:
  • We value Entrepreneurship and Diversity
  • Respect, Trust, and Integrity
  • Competitive compensation
  • Medical benefits, beginning your first day of employment
  • Vision benefits
  • Fully paid Dental Insurance
  • 20 days’ vacation plus holidays
  • Fully paid Life Insurance and Disability
  • 401(k) with Company Match

Pay ranges between $100k-150k **salary will be commensurate with experience**
Apply Online

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.

Although this hasn't been an issue at The Planet Group, the staffing industry has seen an increase in people falsely representing themselves as recruiters to gather personal information from job seekers. For your safety, do not provide sensitive data to anyone you have not spoken with thoroughly and never provide banking information during the application process. Candidate safety is a top priority at The Planet Group.

Wordpress Social Share Plugin powered by Ultimatelysocial