北京招聘

As a security and compliance specialist, you will help ensure ongoing compliance with relevant regulations and maintain current certification status against select standards and certifying bodies.You will be responsible for monitoring compliance with security standards, internal periodic security maintenance, internal security audits, third party security assessments, and coordinating external audits. You will foster a compliance culture throughout Veeva, communicate effectively and build positive relationships with other Veeva teams. Your area of focus will be China. 

What You’ll Do

●      Perform compliance assessments against stand industry frameworks such as ISO 9001, ISO 27001, SOC 2 Type 2

●      Coordinate and monitor periodic audits and inspections by third party assessors for ISO, SOC2, ISMS

●      Monitor compliance with Veeva policies and procedures

●      Identify policy and process improvement opportunities, develop recommendations, and communicate with stakeholders collaboratively

●      Perform risk assessments, which involves analyzing risks as well as identifying and articulating the impact to the business.  Prepare risk reports for different audiences throughout the organization including senior executives and business unit management.

●      Monitor the implementation of mitigating projects and their impact in reducing compliance risk scores.

●      Advise management on risk and control issues, provide practical recommendations to ensure that risks are properly managed

●      Provide support to local staff (Account Execs, Customer Service Management, Services) in response to inquiries into compliance with industry standards (ISO) and regulations. Interface with Audit Inspection Management to coordinate responses to audits.

●      Define local document management procedures and ensure in alignment with corporate policy, ensure product releases follow good change management practices and documented accordingly

Requirements

●      Bachelor’s degree or higher in a relevant field

●      Strong oral and written English and Mandarin language skills

●      Strong presentation and communication skills along with experience in preparing reports for senior executives

●      Knowledge and experience with China’s MLPS up to at least class 2

●      3+ years of relevant internal audit and/or corporate compliance experience

●      2+ years of experience, with ISMS frameworks such as ISO27001, SOC2 Type 2

●      Proficiency in a risk management framework and experience in conducting risk assessments (PHA, FMEA, HACCP).

●      Ability to form working relationships with internal and external stakeholders

●      Must be extremely flexible and able to manage multiple tasks and priorities on very tight deadlines

●      Ability to work independently or as a member of a team

Nice to Have

●      CISA, CRISC, CISSP, CIPP, CIPM, CIPT, or other professional certification

●      Experience with or working knowledge of Amazon Web Services

●      Experience with or working knowledge of AliCloud.

●      Experience helping IT organizations understand compliance requirements, evidence gathering requirements, implementing compliance-related processes and tools

●      Foundation in Pharmaceutical GxP and ICH frameworks

●      High level understanding of best practices in security, policy creation and risk management

●      Experience of working in a globally oriented team on enterprise infrastructure and security

    

Veeva是一家总部位于美国加州，为生命科学领域客户提供系统、数据解决方案的供应商，十年前的Veeva带着对中国本土市场的憧憬来到了上海。

Veeva is one Califonia based leading IT system, data solution provider in the life science industry. With the vision and expectation of China marketing, Veeva made a big push into Shanghai in 2011.

Veeva在中国业务迅速的崛起除了Veeva产品本身的优势，也和Veeva背后每一位伙伴息息相关。在Veeva，我们坚信如果有正确的公司文化，有优秀的伙伴，那公司就会有好的产品，会健康的成长。

The booming business of China Veeva are inseparable not only from Veeva’s product success but also the employee success at Veeva.

上海办公地点：静安寺越洋广场
北京办公地点：平安国际金融中心
大连办公地点：大连软件园