Enterprise Security Architect

Band

Level 5

Job Description Summary

Location: Barcelona, Spain; Tel Aviv, Israel
#LI-Hybrid
Internal job title: Assoc. Dir. DDIT ISC Enterprise Security Architecture – Digital Workspace

The Enterprise Security Architecture team is looking for an Enterprise Security Architect - Digital Workspace, who will work across information security & risk management, with all information technology functions to ensure Novartis 'Digital Workspace' is designed and implemented as per defined policies, standards and industry good practices. They will be responsible for designing, implementing, and maintaining security controls for End User Computing (EUC), Microsoft 365, Voice and Video Collaboration platforms.

This role requires close collaboration with Enterprise Architects and Functional Security Architects to ensure a holistic approach to security across the organization. The successful candidate will be a strong communicator with deep technical skills and, more importantly, a pragmatist who can think outside the box. The individual must be highly collaborative as they will need to influence functional leadership, project and application managers, architects, engineers and developers.

The service area Digital Workspace includes Unified Endpoint Management (UEM), Microsoft365 (Including Gen AI, Copilot), Client, IAM (Identity and Access Management), printing and UCC Services (Unified Collaboration and communication i.e. email, messaging and virtual meetings), and Digital Workspace operations service desk & shared services.

 

Job Description

Key responsibilities:

• Develop and enforce security policies and procedures related Digital Workspace across Novartis businesses to meet business and regulatory requirements

• Design security measures and overall Digital Workspace architecture for the IT landscape in line with the ISC policy framework

• Support and continually review technology standards and controls related to Digital Workspace and recommend information technology strategies, policies, and procedures

• Identify design problems within the Digital Workspace domain

• Support projects to evolve Digital Workspace solutions from evaluation to implementation and assist the delivery of the operational model

• Support the auditing of security policies and procedures

• Management communication with key stakeholders and provide reports to management

• Provide ongoing support to maintain the Digital Workspace domain's effectiveness and efficiency by defining, delivering, and supporting strategic plans for implementing information technologies

• Develop and maintain relationships with key stakeholders and vendors

• Support the direction of technological research by learning the organizational goals, strategies and business drivers

• Develop and maintain architecture diagrams and documentation related to Digital Workspace processes and procedures

• Break down the strategic objectives to requirements on the solution portfolio and target architecture

• Key contributor on products, services and/or infrastructure strategies that require complex or advanced conceptualization

• Research and evaluate new Digital Workspace security technologies and make strategic security technology choices, directly supervising the quality of designs and implementation inside and between components

• Work with improvements, by participation in the development, of the architectural principles, processes, and standards

Essential Requirements:

• University working and thinking level, degree in business/technical area or comparable education/experience

• 15+ years of working experience in Security domain; minimum 5 years in architecture capacity; 5+ years of Digital Workspace security essential

• 5+ years of experience of working in or providing IT services to a large enterprise like Novartis.

• Exceptional understanding of other security domains like Digital Workspace, Microsoft365, Data Protection, with good knowledge of Network Security, Identity and Access Management, SIEM, Vulnerability Management

• Exceptional understanding and knowledge of general IT infrastructure technology, systems and management processes

• Experience of sourcing complex IT services, working closely with vendors and making full use of their capabilities

• Good knowledge of IT Project Management: Proven experience to initiate and manage projects that will affect other divisions, departments and functions, as well as the corporate environment.

• Experience with compliance requirements (e.g. SOX, GxQ / CSV, E-compliance, Records Management, Privacy).

• Knowledge of (information) risk management related standards or frameworks such as COSO, ISO 2700x, CobiT, ISO 24762, BS 25999, NIST, ISF Standard of Good Practice and ITIL

• Strong leadership experience, with excellent written and verbal communication and presentation skills at all levels of the organization and experience in reporting to and communicating with senior level management (with and without IT background, with and without in-depth risk management background) on information risk topics; interpersonal and collaborative skills, as well as good mediation and facilitation skills

Desirable

• Good understanding and experience with Enterprise Architecture Frameworks like TOGAF will be an added advantage.

Commitment to Diversity & Inclusion:

We are committed to building an outstanding, inclusive work environment and diverse teams representative of the patients and communities we serve.

Why Novartis?
Our purpose is to reimagine medicine to improve and extend people's lives and our vision is to become the most valued and trusted medicines company in the world. How can we achieve this? With our people. It is our associates that drive us each day to reach our ambitions. Be a part of this mission and join us Learn more here:

Join our Novartis Network: If this role is not suitable to your experience or career goals but you wish to stay connected to learn more about Novartis and our career opportunities, join the Novartis Network here:

Accessibility and accommodation:
Novartis is committed to working with and providing reasonable accommodation to all individuals. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the recruitment process, or in order to receive more detailed information about the essential functions of a position, please send an e-mail to and let us know the nature of your request and your contact information. Please include the job requisition number in your message.

 

Skills Desired

Business Architecture, Business Value Creation, Change Management, Consulting, Decision Making Skills, Digital Capabilities, Effective use of Technology, Enterprise Architecture, Influencing Skills, IT Governance, Organization Awareness, Solution Architecture, Stakeholder Management

---