Director of IT Quality, Risk, Validation and Change Management

About The Position

Requirements

• Bachelor’s degree required.
• 10 years in GxP IT validation/assurance, IT quality, IT risk and change management.
• 5 years of leadership experience

Nice To Haves

• 12+ years in GxP IT validation/assurance, IT quality, IT risk and change management with substantial hands-on computer system validation/assurance experience, preferably in a central lab environment.
• Master’s Degree preferred
• Strong experience with, GAMP 5 and CS, Regulatory inspections, Enterprise systems (SAP, LIMS, MES, Veeva, etc.)
• Demonstrated capability to select and execute optimal IT validation methods and techniques for obtaining results consistent with business goals.
• Experienced in the development of Computer System Assurance process in alignment with FDA guidance with successful organization transition.
• Experience in FDA regulated environment with demonstrated understanding of cGxP (cGMP, cGAMP, cGLP) standards and Risk based validation.
• Experience in data privacy and security regulations (e.g. HIPAA and GDPR).
• Demonstrated expertise in all computer-related aspects of GxP, including 21 CRF Part 11.
• Experience in reviewing computer system validation/assurance artifacts, including system and user requirements, validation scripts and traceability matrix, system management plans and design specifications.
• Experience in writing and executing documentation for all aspects of the IT validation/assurance deliverables (IT related compliance/validation plans, test protocols, validation summary reports and compliance/validation reports).
• Expert knowledge and application of Computer System IT Validation/Assurance), IT Change Control and SOP development.
• Demonstrated success managing personnel and vendors.
• Excellent oral and written communication skills.
• Effective interpersonal and leadership skills.
• Demonstrated ability to work with others in a team environment.
• CCMP (Certified Change Management Professional).
• Computer System Validation certification.
• Certified Software Quality Engineer (CSQE) preferred.
• Experience implementing validation automation tools (Kneat, Veeva, ValGenesis, etc.).
• Knowledge of cybersecurity in regulated environments.
• Certifications (optional): PMP, ITIL, ASQ (CQA, CQE), ISPE / GAMP-related training

Responsibilities

• Working with IT and QA leadership and other departments , develops, reviews, modified, secures approvals and implements all IT validation, IT risk management, IT Change management SOPs ensuring that they and associated QA policies comply with all regulatory requirements (GXP, CFR, ISO, MHRA, MOH, HIPAA) and GAMP5 guidance.
• Manages all IT organizational controls / structures related to computer system implementation / IT validation/assurance and Change management in alignment of GXP and computer Systems best practice guidelines.
• Ensures that the alignment of Computer System IT validation/assurance and change management expectation to organization risk.
• Working with IT and QA, ensure the development and completion of necessary IQ, OP, PQ and UAT testing are completed and approved to support required system activation and CM requirements.
• Work in conjunction with ACM QA leadership and the ACM PMO to ensure the development of comprehensive validation plans.
• Operates as the IT oversight at Drugscan to ensure IT testing and change management for those non-regulated systems align to industry best practice.
• Provides Computer Systems IT quality assurance oversight across the end-to-end product lifecycle for software development and validation/assurance lifecycle activities associated with regulated computerized systems (including lab equipment utilizing software) to ensure conformance to GxPs, guidance documents, applicable industry accepted standards.
• Manage all IT department Computer Systems SOPs, policies, working instructions, training records, validation/assurance protocols and other controlled documents related to the delivery of compliant IT validation/assurance, risk management, testing and change management.
• Responsible for programs and initiatives used to monitor and measure the overall quality of IT services, systems and software.
• Ensures that tracking systems capture useful operational metrics for use in reducing defects, improving services and optimizing implementation process.
• Work collectively with ACM QA to provide oversight of Computer Systems QA activities for projects involving GxP (Good Clinical Practice, Good Manufacturing Practice, Good Laboratory Practice) relevant computer systems.
• Work closely with project team members across all relevant departments to incorporate appropriate elements of IT quality, IT compliance, and sound change management into the system lifecycle.
• Provide management, guidance, documentation, and oversight of IT validation activities.
• Review and approve computer system IT validation artifacts.
• Provide leadership and tactical direction and guidance for changes to regulated computer systems.
• Manage CAPAs, deviations, and audit responses related to IT work efforts.
• Support internal and external compliance audits, including those with commercial clients and regulatory bodies.
• Coordinate audit preparation and response with all impacted departments.
• Evaluate areas of risk in IT business processes at ACM and Drugscan. This assessment will be ongoing throughout the year as more information is discovered, or regulatory bodies change requirements.
• Work collectively with IT security staff (ACM / RRH) to address identified IT security issues and to manage the over IT (ACM / DS) risk registry.
• Experienced in staff development / engagement.
• Develop a plan and coordinate the remediation of any audit or internal control findings identified by internal or external auditors.
• Work with both internal and external auditors to ensure remediation plan will satisfy all regulatory bodies.
• Review new client and IT vendor contract requirements related to IT validation/assurance, risk management and change management to ensure alignment and communicate to the proper ACM staff of concerns.
• Engage in contract negotiations with clients/vendors to ensure their expectation align with the organization’s capabilities and regulatory requirements.
• Digital Transformation & Automation - Responsible for the automation and departmental activities inclusive but not limited to Validation Lifecycle Management Systems, Testing automation and ITSM (change Management) systems.
• Implement and manage validation automation platforms (e.g., Kneat, ValGenesis, Veeva).
• Promote paperless validation and lifecycle digitization.
• Drive innovation using AI/ML-assisted validation tools (where applicable), Test automation and continuous validation.
• Implementation of change management systems (IVANTI) to drive paperless change request/ change management process / approvals.
• Keep up with GXP and other auditing regulatory bodies’ changes to regulations and interpret new guidance and new accounting standards and how to apply them to the company.
• Perform ad hoc IT risk assessments and drive improvements.
• Escalate and communicate control deficiencies to systems and business owners as required.
• Drives Change Management/Communication process and tools.
• Hire, develop, train, and evaluate performance of Computer Systems Compliance staff.
• Performs other duties as assigned