Global Technology Risk Manager - Digital & Information Management Office, Technology

Job Description Summary

The Global Risk Manager is the owner of the technology risk management process at Sandoz. The role is supporting the creation, lifecycle and retirement of Technology related risks. The Global Risk Manager maintains the Technology Risk management framework and its compliance with the Enterprise Risk Management standards. The person is also responsible for effective reporting and monitoring the technology risks to Sandoz Leadership.

Job Description

Major accountabilities: 

Framework Development and Governance

• Design and maintain the Technology Risk Management Framework.

• Chair monthly risk board meetings with domain representatives.

• Ensure alignment with organizational objectives, compliance standards, and industry best practices.

• Maintain Sandoz Technology Risk Management ITC reporting in line with leadership expectations.

• Prepare the agenda and provide full support for the Quarterly Risk Board, chaired by the Global Head of DIMO.

Risk Management

• Conduct Technology Risk Assessments and facilitate risk documentation with relevant stakeholders.

• Collaborate with stakeholders to develop actionable mitigation plans.

• Ensure proper assignment of risk and action plan ownership.

• Support teams in tailoring risk management methods to their operational context.

• Provide training, toolkits, and guidance to enable effective implementation.

Continuous Improvement

• Monitor the effectiveness of the risk management framework using KPIs and feedback mechanisms.

• Lead initiatives to refine and evolve practices based on emerging trends and organizational needs.

Stakeholder Engagement

• Collaborate with cross-functional teams including but not limited to all Technology domains and business units.

• Serve as a trusted advisor to senior leadership on risk-related matters.

• Establish and manage an effective collaboration between Enterprise Risk Management and the Technology Risk Management team

Education: 

• Bachelor’s or Master’s degree in Information Technology, Engi-neering, Business, or related field.

• Certification or accreditation in Informational Security or Risk Management is a plus

Languages: 

• Fluent in written and spoken English

Skills:

• Strong problem resolution skills

• Good presentation skills

• Comfortable navigating ambiguity and driving clarity in complex environments.

• An entrepreneurial mindset driven by curiosity, continuous improvement, and interest in technical advancements and trends

• Strong project management skills with the ability to multitask.

• Ability to work in a fast-paced, matrixed environment with global teams

• Able to drive C-level discussions and collaborate with different level of stakeholder’s maturity

Experience: 

• At least 7 years of experience in Risk/ Issue Management

• Knowledge and experience of industry standards such as  ISO 204001, CIS and others

• Experience with GxP Standards is a plus

• Experience with ITIL, Prince 2, PMP, Agile and other best practice methodologies and standards

• Experience in organizational change management and transformation is a plus  

Skills Desired

Communication Skills, Compliance Audits, Compliance Management, Compliance Risk Assessment, Compliance Training, Influencing Skills, Quality Assurance