IT Risk Management Professional

Role Overview This position focuses on leading IT risk management and compliance initiatives within a regulated environment. You will be responsible for identifying, assessing, and mitigating IT and technology-related risks while ensuring alignment with applicable regulatory standards and frameworks. The role combines vendor oversight, system risk assessment, and cross-functional collaboration to maintain GxP compliance and data integrity. Key Responsibilities - Lead identification, assessment, and mitigation of IT and technology-related risks including GxP, data integrity, cybersecurity, and operational risks - Define and maintain a risk-based approach to IT governance aligned with FDA QMSR, 21 CFR Parts 11 and 820, ISO 13485, ISO 27001, and Annex 11 - Support system risk assessments for new tools, enhancements, upgrades, and decommissioning activities - Lead IT system and vendor risk assessments from quality and regulatory perspectives, ensuring GxP compliance and ALCOA+ data integrity - Conduct vendor risk assessments, due diligence activities, and ongoing monitoring for critical and high-risk vendors - Review vendor documentation including Quality Management Systems, SOC reports, and validation documentation - Coordinate and participate in vendor audits as required - Work closely with Information Security to ensure data protection, privacy, and cybersecurity controls support regulatory requirements - Support internal audits, regulatory inspections, and third-party assessments related to IT systems and vendors - Support CAPA development and remediation activities related to IT risk or vendor findings - Partner with IT, Quality, InfoSec, and Business teams to enable compliant technology adoption - Communicate complex compliance and risk concepts clearly to non-technical stakeholders Required Qualifications - Bachelor's degree in Information Technology, Computer Science, Engineering, Quality, or related field - 8 or more years of experience in IT Quality and Compliance, IT Risk Management, or Vendor Oversight within regulated environments such as pharma, biotech, or medical devices - Strong working knowledge of FDA QMSR, 21 CFR Part 820, 21 CFR Part 11, ISO 13485, ISO 9001, and ALCOA+ data integrity principles - Hands-on experience supporting vendor-hosted and SaaS systems in GxP contexts - Experience leading or supporting vendor audits - Familiarity with information security frameworks such as ISO 27001 and SOC 2 - Experience working with cloud-based systems and modern IT delivery models - Demonstrated experience partnering with Information Security teams Why Join Us Join UST and advance your career in IT risk management within a leading IT services organization. This role offers the opportunity to work on complex regulatory compliance challenges while influencing technology adoption across the organization.

- Bachelor's degree in Information Technology, Computer Science, Engineering, Quality, or related field - 8+ years of experience in IT Quality and Compliance, IT Risk Management, or Vendor Oversight in regulated environments - FDA QMSR and 21 CFR Part 11 knowledge - ISO 13485, ISO 9001, and ISO 27001 expertise - ALCOA+ data integrity principles understanding - Vendor audit experience - Cloud-based systems and SaaS experience in GxP contexts - Information Security frameworks familiarity - Due diligence and risk assessment capabilities - Vendor monitoring and compliance expertise