Merck IT Human Health Risk Liaison in West Point, Pennsylvania

IT Risk Management & Security (ITRMS) GHH Risk Liaison– Analyst/Specialist

The GHH IT Risk Management & Compliance Risk Liaison/Specialist is responsible for analyzing risk and verifying & validating software and business effectiveness to ensure processes and people are compliant with internal policies and standards and external regulations and applicable laws. The position requires strong compliance & risk management skills as well as excellent communication and collaboration skills required to partner with all levels of Merck’s business and IT staff. The analyst will plan and execute risk-based strategies and initiatives on time for the goal of improving Merck’s risk and compliance posture and reducing Merck’s compliance & cybersecurity risk.

The Risk Liaison will execute work in alignment with Merck business & IT goals and initiatives:

  • Serve as an ITRMS liaison resource for Global Human Health to respond to questions and requests for assistance and guidance and assess compliance, quality and cyber security risk within the division and recommend ideas to mitigate and reduce risks, while improving compliance & quality management.

  • Collaborate and partner with GHH Risk Liaison director and GHH Risk Liaisons, application teams, risk and security control teams, GTO, other divisional Risk Liaisons, and business stakeholders at various levels in order to ensure critical compliance and cyber security controls are implemented on Merck’s most critical applications.

  • Responsible for on-going governance and maintenance of internal compliance, risk & quality management procedures & standards and critical control metrics. This is inclusive of ongoing maintenance of risk triage process updates and metrics for the risk profile and critical applications list.

  • Provide education, guidance, consultative support in order to respond to all risk & compliance inquiries timely.

  • Assist in developing policy updates, team standards, guidelines, presentations, communications, project/task plans, and training in order to complete work with a high degree of quality in a timely fashion. Create compliance & risk management standard operating procedures, guidelines & work instructions and implement process improvements to ensure we are operating efficiently & effectively with the utmost quality.

  • Report regular metrics and status reports on the overall health and quality of the risk & compliance initiatives. Create and maintain detailed metrics, which clearly articulate appropriate information to support areas and management. Create detailed presentations of metrics and status to communicate to all levels of management.

  • Work with business and IT for critical controls reduction and provide communication, education and oversight.

  • Govern necessary oversight & monitoring to ensure people, processes and systems are compliant with Merck's internal corporate policies and standards and external regulations and applicable laws by

  • Assisting with tracking GxP/HAR Inspection Readiness audits and assessments, including detailed documentation reviews and interviewing to ensure quality

  • Planning and tracking findings and remediation and generate formal audit/assessment reports to application teams, business stakeholders, and management

  • Providing ongoing education - training and guidance on GxP Inspection Readiness

  • Providing support as needed during external Health Authority Regulatory inspections (FDA inspections)

  • Performing select SDLC Compliance assessments

Merck & Co., Inc. Kenilworth, N.J., U.S.A. known as Merck in the United States and Canada, is a global health care leader with a diversified portfolio of prescription medicines, vaccines and animal health products. The difference between potential and achievement lies in the spark that fuels innovation and inventiveness; this is the space where Merck has codified its legacy for over a century. Merck’s success is backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare.

Education Minimum Requirement:

  • Bachelor’s Degree

Required Experience and Skills:

  • A Bachelor's degree is required.

  • A minimum of 3 years IT & life cycle experience

  • A detailed understanding of IT risk & compliance is required

  • A good understanding and application of Merck's Corporate policies and standards, such as SDLC, Information Risk Management, Privacy, etc.

  • Demonstrated experience triaging risk and monitoring controls, overseeing critical initiatives, assessing standards with evidentiary documentation – reports & metrics/measurements.

  • An Understanding of GxP Inspection Readiness audits and validating regulatory compliance and quality standards with evidentiary documentation – reports & metrics/measurements.

  • An understanding of external regulations and applicable laws, such as, GxP/HAR – Part 11, PDMA; Privacy, Safe Harbor, HIPAA, Corporate Integrity Agreement, Sarbanes Oxley, State Marketing laws, etc.

  • A demonstrated track record for analyzing processes for improvement including experience making process improvements and creating standard operating procedures.

  • Demonstrated ability to execute on multiple high priority tasks and report to all levels of management.

  • Excellent leadership, communication, and team collaboration skills

  • Excellent project management, risk management & compliance management skills

  • Demonstrated ability to generate detailed risk & compliance metric reports timely. Excellent Excel, Access, & Remedy/CMDB skills & experience

  • A strong Merck business and IT knowledge is required.

  • Experience working effectively with various levels of Merck staff worldwide.

Preferred Experience and Skills:

  • Over 5 years demonstrated experience working on or leading projects and executing on initiatives

  • Demonstrated experience in a risk or compliance role.

  • Demonstrated experience monitoring systems against policies, regulations, laws, and standards effectively.

  • An in-depth /detailed understanding of the Systems Development Life Cycle standards, in particular Risk Management/Risk Triage standards and Information Risk Management Security standards.

  • An in-depth/detailed understanding and experience using & reporting metrics from Merck’s CMDB Remedy system and reporting structure

  • An understanding/experience with Merck’s Archer system.

  • A demonstrated ability of interpreting internal compliance policies and external compliance regulations, in particular, 21CFR, Part 11 & PDMA, Sox & Privacy

Your role at Merck is integral to helping the world meet new breakthroughs that affect generations to come, and we’re counting on your skills and inventiveness to help make meaningful contributions to global medical advancement. At Merck, we’re inventing for life.

If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to staffingaadar@merck.com .

Search Firm Representatives Please Read Carefully:

Merck & Co., Inc. is not accepting unsolicited assistance from search firms for this employment opportunity. Please, no phone calls or emails. All resumes submitted by search firms to any employee at Merck via email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of Merck. No fee will be paid in the event the candidate is hired by Merck as a result of the referral or through other means.

Visa sponsorship is not available for this position.

For more information about personal rights under Equal Employment Opportunity, visit:

EEOC Poster at http://www1.eeoc.gov/employers/upload/eeocselfprint_poster.pdf

EEOC GINA Supplement​ at http://www1.eeoc.gov/employers/upload/eeocginasupplement.pdf

Merck is an equal opportunity employer, Minority/Female/Disability/Veteran – proudly embracing diversity in all of its manifestations.

Job Compliance & Risk Management

Merck is an equal opportunity employer, Minority/Female/Disability/Veteran – proudly embracing diversity in all of its manifestations.

Other Locations: NA-US-PA-West Point

Title: IT Human Health Risk Liaison

Primary Location: NA-US-NJ-Branchburg

Requisition ID: COM000696