Permanent – Computer Systems Validation and InfoSec Lead
Our client is a leading global provider of personalised clinical trial and patient services, on a mission to revolutionise the clinical research industry by making life better for patients taking part in clinical trials. Drastically reducing patient drop-out rates, boosting the quality of recruitment and preventing disruption to clinical trials, to support clients getting products to market faster.
The organisation is currently going through a period of technology enabled transformation and rapid growth. We have started production of the next generation of our in-house developed enterprise platform, that will underpin the delivery of all of clients services to their client, patients, sites, and HCPs
Our clients technology must be delivered and operated to many standards and regulations, including ICH GCP, 25CFRPart 11, ISO 27001, BS10012, PCI DSS, best practice information security standards, data protection & GDPR, client requirements, and ethical standards. Their technology quality management system (TQMS), and the governance around it, including their computer systems validation (CSV) and InfoSec approach, should ensure these compliance needs are met, and that we are compliant and audit ready at all times.
In order to achieve this, we are recruiting for a Computer Systems Validation InfoSec Lead within the technology team, to be responsible for ensuring our in house developed solutions, back office applications, and general I.T. infrastructure, are compliant with relevant GCP regulations, Information Security requirements, and general Quality standards.
Primary Role Objectives
The primary objective of this role is to design and deliver the governance, processes, policies, procedures, and documentation, required to ensure that our technology solutions:
- Are qualified and validated for ICH GCP compliance (eg; 25 CFR Part 11)
- Meet InfoSec standards, requirements, and best practices (eg; ISO27001)
- Pass GCP and InfoSec audits, and client RFP/RFI responses
The secondary objective of this role is to extend this governance, processes, policies, procedures, and documentation, to also ensure that for technology:
- There is a robust quality framework in place (policies, processes, SOPs, documentation, checks, procedure, events, etc), to meet all our quality standards, best practices, and requirements. And that this framework is aligned and operates within the wider company QMS.
- All solutions are designed, implemented, operated, and supported, in accordance with this framework.
- That any in-house developed solutions, are delivered within a defined Software Development Life Cycle framework (SDLC).
- That any 3rd party technology solutions meet our GCP compliance, InfoSec, and Quality standards.
- That our internal I.T. meets our GCP compliance, InfoSec, and Quality standards.
- The technology team are aware of, advised, trained, and working to, our framework.
- We are audit ready and can pass all audits and inspections (GCP, ISO, BSI, InfoSec, external, internal, etc) including client related audits and responses (RFIs, RFPs, MSAs, etc).
- Evidence of success and extensive experience in a similar validation and compliance role within a Clinical Trial context, at a CRO, Pharmaceutical, Life Science or similar.
- Extensive knowledge and understanding of GxP and computerized systems regulations and regulatory guidelines.
- Evidence of being able to design a technology compliance strategy and plan to deliver it.
- Experience designing, implementing, and delivering Computer Systems Validation plans for technology solutions. With an in depth understanding of validation principles and practices and a risk-based approach.
- Excellent knowledge and experience of InfoSec and related standards and regulations, within both I.T. and software development (SDLC) environments. In depth experience of ISO27001 and similar standards.
- Good understanding of Electronic Records and Electronic Signatures, e.g. USA 21 CFR Part 11, EU GMP Guidelines, Chapter 4, Annex 11 and GAMP 5.
- Good understanding and experience of Quality Management within an IT and Software development environment, including of SDLCs.
- Demonstrable experience of delivering GxP CSV, InfoSec, and Quality, compliance within a I.T. and software development teams, ensuring they adhere to regulatory and compliance requirements
Our client is look as much for the right personality/cultural fit, as well as the clinic trials experience, as they are very much a small but rapidly growing organisation with a “Can Do” attitude running across the business.
In return they will offer a very competitive base salary, comprehensive range of benefits and a true work from home policy, with the expectation of attending their office location on an as-and-when basis ( 2-3 times per month )
Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website.
Damia Group is acting as an Employment Agency in relation to this vacancy.