Job Information
Amgen Policy Exception and Audit Governance Specialist in Washington D.C., District Of Columbia
HOW MIGHT YOU DEFY IMAGINATION ?
You’ve worked hard to become the professional you are today and are now ready to take the next step in your career. How will you put your skills, experience and passion to work toward your goals? At Amgen, our shared mission—to serve patients—drives all that we do. It is key to our becoming one of the world’s leading biotechnology companies, reaching over 10 million patients worldwide. Come do your best work alongside other innovative, driven professionals in this meaningful role.
Policy Exception and Audit Governance Specialist
Live
What you will do
Let’s do this. Let’s change the world. In this vital role you will be a vital part of Amgen’s Cybersecurity & Digital Trust’s (CDT) Governance, Risk and Compliance team. In this position you are responsible for implementing and maintaining audit, policy exception and security issue management processes to stabilize and enhance the performance of these services. This role includes hands-on activity to manage policy exceptions, track audit commitments, and manage security issues.
To be successful, you will require strong collaboration with control owners, service owners, engineers, and other Amgen internal partners such as Law, Compliance, Corporate Audit, Quality and Finance to maintain and enhance Amgen’s IS governance landscape. You will also develop and enforce SLAs (Service Level Agreements) to ensure consistent and reliable security service delivery.
The Specialist is expected to deliver services and solutions that support the mission, priorities, and objectives of Amgen’s Cybersecurity & Digital Trust (CDT) team. You will be responsible for:
Policy Exceptions
Stabilize and manage a process for handling policy exceptions, including the review, approval, and documentation of exceptions.
Createanddocument policy exception recordsinServiceNowIRM.
Analyze policyexceptionsto understand and mitigate potential impacts.
Track,monitor,andmeasure all policyexceptionstoensuretheyare revisited and reassessed regularly.
Work with stakeholders to communicate policy exception process, develop compensating controls for policy exceptions, and ensure timely closure.
Developandimplementprocessesforcontinuousmonitoringandimprovement of policy exception management.
Ownandmaintainprocessdocumentation(e.g.SOP,knowledgebasearticles)todelivertheserviceandhelpinformstakeholders
Audit
Coordinate and prepare documentation and evidence required for audits, ensuring timely and accurate responses to audit requests.
Support addressing audit findings and recommendations
Createanddocument corrective action records (Remediation Tasks) inServiceNowIRMtofacilitateresolutionandimprovesecurityposture.
Track,monitor,andmeasure the progress of audit corrective actions toensuretheyare completed as planned.
Developandimplementprocessesforcontinuousmonitoringandimprovement of audit commitment management.
Identify and implement KPI’s
Ownandmaintainprocessdocumentation(e.g.SOP,knowledgebasearticles)todelivertheserviceandhelpinformstakeholders
Security Issue Management
Createanddocument Issue recordsinServiceNowIRMtofacilitate remediation andimprovesecurityposture.
Track,monitor,andmanagesecurityissues from observation to resolution.
Support control owners and service owners in determining underlying causes of security issues, identifying applicable control objective(s), and developing remediation approaches. Remediation Task records are recorded and trackedinServiceNowIRM.
Coordinate with accountable owners to ensure timelyresolution of Issues and Remediation Tasks.
Developandimplementprocessesforcontinuousmonitoringandimprovement of securityissuemanagement.
Ability to prioritize operational excellence of theserviceand supporting technology to deliver a safe, secure, reliable, compliant services and achieveoperationalobjectives
Actively engage with management to stabilize services and gain stakeholder support to achieveoperationalobjectives
Win
What we expect of you
We are all different, yet we all use our unique contributions to serve patients. The security professional we seek will have these qualifications.
Basic Qualifications:
Doctorate degree
OR
Master’s degree and 2 years of Information Security experience
Or
Bachelor’s degree and 4 years of Information Security experience
Or
Associate’s degree and 8 years of Information Security experience
Or
High school diploma / GED and 10 years of Information Security experience
Preferred Qualifications:
ServiceNow IRM experience
Prior policy exception, audit, and service management experience
AttentiontoDetail: Ensure accuracy and thoroughness in policyexceptionandaudit preparation.
Adaptability: Adjust to changing regulatory requirements and security threats.
ServiceOrientation: Focus on stabilizing and enhancing the quality of security services.
Collaboration: Work effectively with cross-functional teams, inform and educate stakeholders, and build strong relationships with stakeholders.
Ability to independently handle priorities and meet deadlines in a fast-paced,virtualteamenvironment
Superbcommunication, organization, and planning skills
Technical curiosity with strong logical, problemsolving, and decision-making skills
Driven and thorough with the ability to deal with complexity and ambiguity
Working experience in Agile / DevOps environment
Must be team-oriented, placing priority on the successful completion of team goals
Practical Knowledge ofInformationSecurity standards and frameworks such as ISO 27001/27002, NIST, and others
Preferred certifications:
- CISM, CISA, CompTIA Security, CISSP, GIAC
Thrive
What you can expect of us
As we work to develop treatments that take care of others, we also work to care for our teammates’ professional and personal growth and well-being.
The expected annual salary range for this role in the U.S. (excluding Puerto Rico) is posted. Actual salary will vary based on several factors including but not limited to, relevant skills, experience, and qualifications.
Amgen offers a Total Rewards Plan comprising health and welfare plans for staff and eligible dependents, financial plans with opportunities to save towards retirement or other goals, work/life balance, and career development opportunities including:
Comprehensive employee benefits package, including a Retirement and Savings Plan with generous company contributions, group medical,dentalandvisioncoverage,lifeanddisabilityinsurance, and flexiblespendingaccounts.
A discretionaryannualbonusprogram, or for field sales representatives, a sales-based incentive plan
Stock-based long-term incentives
Award-winning time-off plans and bi-annual company-wide shutdowns
Flexible work models, including remote work arrangements, where possible
Apply now
for a career that defies imagination
Objects in your future are closer than they appear. Join us.
careers.amgen.com
Application deadline
Amgen does not have an application deadline for this position; we will continue accepting applications until we receive a sufficient number or select a candidate for the position.
Amgen is an Equal Opportunity employer and will consider you without regard to your race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.