Regulatory Compliance Specialist 4
Location: Bedford, Massachusetts
Posted: September 30, 2016
Reference ID: 160012XC
Oracle is on the move! Our constant drive to lead the technology race to provide our clients with the competitive edge has yielded wide success. Growth is a natural outcome of this success, and we are certainly hiring to meet our needs. This is where you come in!
The Principal Specialist, Risk Management and Regulatory Compliance will share global responsibility with the R&C team to ensure compliance to relevant government and industry regulations (21 CFR 11, ICH GCP, and Guidance for Industry-Computerized Systems Used in Clinical Trials) for the development of software products and delivery of services. Interface with Senior Management, and all levels of functional management throughout the company to create, implement, improve, and monitor quality practices and procedures in accordance with the Quality Management System. Inform Senior Management of any corporate non-compliance incidents or regulatory compliance issues, which may arise internally, with outside customers or with third party contractors
• To stay abreast of industry and federal regulations as cited above, and provide guidance and expertise to the global organization in the areas of regulatory compliance and quality.
• Participate in the independent regulatory, audit, and quality assurance function for global organization.
• Assist in building the customer audit program
• Field customer requests and assist in scheduling audits, while coordinating and driving customer deliveries with other Risk Management & Regulatory Management personnel.
• Host customer audits on-site and via web sessions. Participate in customer audits as a presenter and subject matter expert in the areas of Service Delivery, validation, and product functionality and testing.
• Provide responses to customer audit reports and customer questionnaires.
• Create and manage CAPA requests until closed.
• Provide feedback from the customer audit program to other areas of Risk Management & Regulatory Compliance and the business unit for further improvements.
• BS/BA Degree in scientific discipline or 5 years experience as a QA professional in a regulated pharmaceutical environment, or with a Contract Research Organization (CRO), Healthcare related degree (RN, LPN, Registered Pharmacist), with formal training or experience in regulatory affairs, and quality systems. RAPS certification a plus.
• Experience in conducting vendor audits of computer systems and/or software suppliers.
• Must have a working knowledge of relevant industry and government regulations, including: 21 CFR 11, ICH GCP, and Guidance for Industry-Computerized Systems Used in Clinical Trials.
• Must have experience in the development, and maintenance of quality management system.
• Must possess effective communication skills, and proven abilities in interfacing with customers.
• Ability to managing multiple projects/priorities.
• Must be methodical, well organized and detail oriented. Individual must be readily adaptable to a fast-paced, multidisciplinary team-based environment.
• Must be able to be on-site in the Bedford MA office as-needed. Currently, this is 2-5 days/week.
Assists and supports the organization in complying with, as well as the ongoing preparation, testing and monitoring of conformance to, the requirements of government regulations and/or regulatory agencies.
Performs evaluation of internal operations, controls, communications, risk assessments and maintenance of documentation as related to regulatory compliance and recommends appropriate changes. Conducts and facilitates internal and external audits to identify, evaluate, disclose and appropriately remedy risks and deficiencies. Coordinates the preparation of and may prepare document packages for regulatory submissions from all areas of company as well as for internal and external audits and inspections. May serve as point of contact for interactions with regulatory agencies for defined matters. Support the creation of a comprehensive risk management and regulatory oversight program, including specifications for product and service design aligned with Oracle Software Security Assurance and Security Architecture. Review specifications. Develop training for GBU development, cloud services, services and operations teams on industry regulatory specifications applicable to their products and services. Execute risk assessments and evaluate risks to the business and develop risk mitigation strategies. Work with members of GBU development, cloud services, services and operations teams to incorporate applicable industry regulatory standards, Oracle security policies and customer-contractual obligations into GBU processes and standards. Coordinate industry and regulatory certifications, including managing certification vendors (e.g., PCI, HIPAA,HITECH, ISO, SOC2). Build security documentation and collateral for customers and internal users allowing security to be a differentiator in this GBUs. Build management level metrics and reporting for activities that are owned by the Risk Manager. Execute a vendor security program.
Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. . Ability to travel. 8 plus years experience. BA/BS or advanced degree preferred. 5-7 years work in governance and compliance for a large corporation. CISA, CISM, CISSP, CIPP desired. Strong knowledge of IT auditing and controls, preferable with SOX, SSAE 16 - SOC 1 and SOC 2, PCI compliance, NIST, DIACAP, FedRAMP, ISO 27001 and ISO 27002. Experience with 21 CFR Part 11 and HIPAA. Knowledge and understanding of the delivery process for validated systems; specifically Computer System Validation process or CSV. Have an understanding of security standards and risk management. Experience working in Information Technology, Cloud or managed hosting services. Excellent written and verbal communication skills. Ability to adjust and adapt to changing priorities in a dynamic environment. Technical acumen and the ability to understand and interpret technical specifications. Technical knowledge of Oracle Applications and Database and/or infrastructure components. Project Management skills.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.