Senior Regulatory Compliance Specialist - Health Sciences-21000NTC
- Experience Level
- Experienced (non-manager)
Applicants are required to read, write, and speak the following languages: English
This role can be based in any European Country.
Overview of the Organization
The Oracle Health Sciences GBU (Global Business Unit) provides industry leading solution to life sciences organizations including pharmaceutical companies, CROs (Contract research Organizations), academic research and healthcare providers. The portfolio of Oracle Health Sciences includes cloud and/or on-premise solutions for eClincal (eCRF, RTSM, CTMS, Study Start-up, Clinical Analytics, and Clinical Warehousing), pharmacovigilance/device vigilance and signal detection, healthcare interoperability and enterprise healthcare analytics. Oracle is leveraging AI/ML technologies to drive efficiencies in industry data management processes.
The Regulatory Compliance and Risk Management (R&C) function provides in-house expertise to service delivery, product development and product support functions on clinical and safety domain compliance. Additionally R&C manages the quality management system (QMS), assists sales activities and coordinates internal & customer audit programs. R&C undertakes a range of compliance and risk management programs including HIPAA/HITECH assessments and actively monitors the external regulatory environments whilst working with industry bodies to establish and promote best practices.
The Oracle Health Sciences Risk & Compliance function is seeking to recruit a Senior Regulatory Compliance Specialist to assist the regulatory risk team with assessing the compliance requirements of new and evolving solutions and services, assessing and driving changes arising from both developments in the external regulatory environment and the provision of support to customers for regulatory inspections.
The successful candidate will be expected to interface with both senior management and the various delivery teams across Oracle Health Sciences to support customer inspection needs and to define and maintain our compliance posture in an environment of increasing cloud service growth, system integration and regulation.
- Provide compliance assistance and support to customers and internal functions responding to regulatory agency inspection requests.
- Supporting designated eClinical, safety and healthcare product development teams with regard to domain and computerised system validation (CSV) compliance requirements and expectations with particular consideration to compliance requirements for cloud implementations.
- Contribute to the maintenance of the Oracle Health Sciences Quality Management System (QMS) to comply with applicable requirements.
- Work with internal teams to implement process/product improvements based on outcome of audit observations.
- Assisting Risk & Compliance colleagues during internal / customer / supplier audits. Contribute to the preparation of customer audit or other required responses.
- Provide education to Oracle Health Sciences and related line of business personnel on domain compliance requirements.
- Maintaining familiarisation with evolving industry and regulatory requirements particularly in the eClinical and safety domains. Disseminate information about regulatory developments and educate Oracle Health Sciences accordingly.
- Provide input and guidance from a regulatory and quality perspective to Oracle Health Sciences lines of business to facilitate timely decision making related to product development, service delivery, product support and business development.
- BS/BA Degree in scientific discipline or 10+ years of experience as a QA professional in a regulated pharmaceutical or device environment (preferably GCP).
- Experience is implementing/applying risk management programs within the GXP arena.
- Must have a sound knowledge of key relevant industry and government regulations (e.g. 21 CFR 11, ICH GCP R2, EU Annex 11, GPvP) in the clinical and/or safety domains, together with demonstrable practical experience of applying these to computerized systems in these domains.
- Awareness of key data privacy legislation (for example HIPAA/HITECH and/or EU GDPR) impacting the eClinical and Safety domains.
- Familiarity with computerized systems validation (CSV) approaches (e.g. GAMP5, FDA guidance on software validation) and practical experience applying such approaches to clinical or safety related systems.
- Practical hands-on experience with the preparation and conduct of regulatory GXP inspections essential
- Candidate must be a self-starter; who takes the initiative and has the ability to work independently and manage multiple projects/priorities.
- Superior communication skills (interpersonal, verbal, presentation written, email).
- Must have proven abilities in driving change within an organization.
- Must be methodical, well organized and detail oriented. Individual must be readily adaptable to a fast-paced, multidisciplinary team-based environment.
- Ability to travel internationally as required.
- Experience in conducting supplier and internal audits of computerized systems and/or software/cloud suppliers beneficial.
- Practical experience with Oracle Health Sciences eClinical or Safety products desirable.
Position Location: UK/EU/EEA
Travel Component: Approx. 5-10%
Detailed Description and Job Requirements
Assists and supports the organization in complying with, as well as the ongoing preparation, testing and monitoring of conformance to, the requirements of government regulations and/or regulatory agencies.
Performs evaluation of internal operations, controls, communications, risk assessments and maintenance of documentation as related to regulatory compliance and recommends appropriate changes. Conducts and facilitates internal and external audits to identify, evaluate, disclose and appropriately remedy risks and deficiencies. Coordinates the preparation of and may prepare document packages for regulatory submissions from all areas of company as well as for internal and external audits and inspections. May serve as point of contact for interactions with regulatory agencies for defined matters. Drive the development and implement a comprehensive risk management and regulatory compliance strategy across the GBUs to optimize and continuously improve the information security of the GBU products and services. The role requires coordination between the GBUs* Development, Cloud Services, Services, and Operations teams and Oracle's centralized Corporate Security Group and Oracle Legal organizations. This team will ensure that the IT environment implements, demonstrates and continuously monitors the controls necessary to meet key security frameworks and regulatory specifications including ISO 2700x, PCI DSS,HIPAA and SSAE 16 as needed by the GBUs. Facilitate third party attestations, audits and certification efforts for the GBUs. Develop customer facing documentation that describe the security and compliance across the GBUs including Oracle Cloud for Industry. Assess the Cloud compliance and security landscape to keep OCI controls current with industry standards. Interface with corporate groups including Corporate, Privacy and Security legal and Internal audit to ensure compliance with policy. Lead project team members and formalize risks and key controls associated with significant Oracle Cloud for Industry and GBU processes. Manage the vendor security program for the GBUs. Coordinate audit testing, documentation, self-assessment testing and remediation activities. Make recommendations to correct deficiencies identified during the various audits. Perform the role of compliance consultant and subject matter expert for the Oracle GBUs to help them improve their control environment as necessary. Manage project functions including project scheduling, tracking, communications, and controlling to ensure project meets deadlines and remains on schedule.
Acknowledged authority within the Corporation. Exercises creativity and independent judgment in developing methods, techniques, and evaluation criteria. Ability to travel. 10 plus years experience. Bachelor Degree or equivalent. CISA, CISM, CISSP, CIPP desired. 10+ years related experience. Formal training in project management. Fluency & extensive experience IT auditing and controls, preferable with SOX, SSAE 16 - SOC 1 & SOC 2, PCI compliance, NIST, DIACAP, FedRAMP, ISO 27001 & ISO 27002. Strong working knowledge of IT processes and IT infrastructure. Proven ability to combine business acumen, technical acumen and process expertise to define control specifications for SSAE 16 SOC 1 & SOC 2, PCI, ISO 27002 . Demonstrated success in leading, controlling, & completing IT projects. Proven ability to influence & gain buy-in at multiple levels, across divisions, functions and cultures; comfort working with executive level management. Demonstrated ability to achieve results through cross-functional, virtual teams. Ability to prioritize, manage, and deliver on multiple projects simultaneously; highly motivated and able to work against aggressive schedules. Strong bias toward action, flexible, resourceful, and able to operate effectively within a dynamic, fast-pace environment. Superior communication skills (interpersonal, verbal, presentation written, email. Positive attitude, team player, self-starter; takes initiative, ability to work independently. Discretion in handling confidential information.
As part of Oracle's employment process candidates will be required to successfully complete a pre-employment screening process. This will involve identity and employment verification, professional references, education verification and professional qualifications and memberships (if applicable).
: Business Operations
: Yes, 25 % of the Time
: IT-Italy, CZ-Czech Republic, HU-HU,Hungary-Budapest, IE-IE,Ireland-Dublin, NL-Netherlands, HU-Hungary, BE-BE,Belgium-Vilvoorde, BE-Belgium, ES-Spain, PT-Portugal
: Regular Employee Hire