Senior Manager / Associate Director, Computer Systems Assurance (Quality)

Nurix•Brisbane, CA

9h•Onsite

About The Position

The Senior Manager / Associate Director, Computer Systems Assurance (CSA) is an important technical and operational leader within the Nurix Quality Systems organization, responsible for owning and advancing Nurix's computer systems assurance program. As a virtual drug developer, Nurix operates through a lean internal infrastructure and relies on a curated ecosystem of Software-as-a-Service (SaaS) and cloud-hosted platforms to support GxP-regulated activities across clinical development, quality operations, manufacturing oversight, and regulatory submissions. This role will serve as the primary subject matter expert and program owner for all CSA and computerized system validation (CSV) activities at Nurix. Reporting to the Vice President / Senior Director, Quality Systems, this individual will establish and maintain Nurix's risk-based CSA framework aligned with current regulatory expectations, including the FDA's 2022 guidance on computer software assurance, GAMP 5 (2nd edition), and applicable 21 CFR Part 11 and Annex 11 requirements. The role requires an individual who combines deep technical knowledge of GxP computerized systems with practical experience in SaaS and cloud-based platform qualification, and who can translate regulatory requirements into pragmatic, fit-for-purpose validation approaches that support a modern, agile biotech environment. This is a high-impact, program-ownership role requiring both strategic vision and hands-on execution. The successful candidate will work closely with Quality, IT, Regulatory Affairs, CMC, Clinical Operations, and external vendors to ensure that all GxP-critical systems are appropriately assessed, validated, and maintained in a compliant state. The individual will champion a risk-based, science-driven approach to CSA across the organization.

Requirements

Bachelor's degree in computer science, information systems, life sciences, pharmaceutical sciences, or a related field.
7–10+ years of progressive experience in computer systems validation and/or computer systems assurance in a GxP-regulated pharmaceutical, biopharmaceutical, or biotechnology environment.
Demonstrated expertise in current regulatory requirements for computerized systems, including FDA 21 CFR Part 11, EU Annex 11, FDA CSA guidance (2022), and GAMP 5 (2nd edition).
Hands-on experience validating SaaS and cloud-hosted GxP platforms; understanding of vendor-managed environments and shared responsibility models.
Proficiency authoring and reviewing CSA/CSV deliverables: VMPs, URSs, Risk Assessments, IQ/OQ/PQ protocols, traceability matrices, and validation summary reports.
Strong working knowledge of data integrity principles (ALCOA+) and their application to electronic records management and GxP system design.
Experience managing system change control and periodic review programs for validated GxP systems.
Ability to operate as both program owner and individual contributor in a lean, virtual organizational model; comfortable managing validation activities without a large internal support team.
Excellent written and verbal communication skills; able to translate complex technical and regulatory requirements into practical guidance for diverse stakeholders.
Strong organizational skills and attention to detail; demonstrated ability to manage multiple concurrent programs and priorities in a fast-paced environment.

Nice To Haves

Experience with eQMS validation (e.g., Veeva Vault) and familiarity with Veeva's Qualified System approach and available supplier documentation.
Familiarity with clinical development platforms such as electronic data capture (EDC), regulatory information management (RIM), or clinical trial management systems (CTMS) in a validated context.
Experience supporting FDA, EMA, or equivalent Health Authority inspections as a CSA subject matter expert.
Exposure to laboratory informatics systems (LIMS, ELN) and their GxP qualification requirements.
Experience in a virtual or lean biotech environment managing validation activities through external vendors and consultants.
Working knowledge of cybersecurity frameworks and their intersection with GxP system compliance (e.g., NIST, SOC 2).
Advanced degree in a relevant scientific, engineering, or regulatory discipline.

Responsibilities

Own and maintain Nurix's Computer Systems Assurance policy framework, SOPs, and risk-based validation strategy, aligned with FDA CSA guidance (2022), GAMP 5 (2nd edition), 21 CFR Part 11, EU Annex 11, and applicable ICH guidelines.
Define and implement a fit-for-purpose, risk-tiered approach to system qualification for SaaS and cloud-hosted GxP applications, recognizing the vendor-managed nature of modern software platforms.
Maintain the GxP system inventory; conduct and document periodic system risk assessments to classify systems and determine appropriate validation scope and rigor.
Establish and maintain processes for vendor assessment, including review of vendor SOC 2 reports, quality agreements, and audit strategies appropriate for SaaS providers.
Drive continuous improvement of the CSA program through benchmarking, regulatory intelligence, and adoption of industry best practices.
Lead and execute validation activities for GxP SaaS platforms including, but not limited to, eQMS (e.g., Veeva Vault), electronic document management, clinical data management, regulatory information management, and laboratory information systems.
Author and review validation documentation including Validation Master Plans (VMPs), User Requirements Specifications (URS), Risk Assessments, Vendor Assessments, Validation Protocols (IQ/OQ/PQ), Traceability Matrices, and Validation Summary Reports.
Manage validation activities associated with system implementations, major configuration changes, upgrades, and periodic re-validation reviews, applying critical thinking to scope validation effort proportionate to system risk and change impact.
Coordinate validation testing activities with cross-functional stakeholders; ensure test scripts are appropriately designed to demonstrate fitness for intended use.
Review and approve validation deliverables prepared by internal teams, vendors, or external validation consultants.
Serve as the internal subject matter expert for 21 CFR Part 11 and EU Annex 11 requirements; assess systems for compliance and provide guidance to cross-functional partners.
Partner with IT and system owners to ensure electronic records and electronic signature controls are properly implemented and documented in all GxP systems.
Support data integrity assessments and remediation initiatives; apply ALCOA+ principles to guide compliant system design and use.
Manage the computerized systems change control process; evaluate proposed changes for validation impact and establish appropriate assessment, testing, and documentation requirements prior to implementation.
Own and execute the periodic review program for validated GxP systems; assess continued fitness for intended use and compliance with current regulatory expectations.
Maintain validation status documentation and ensure validation files are audit-ready at all times.
Support preparation for regulatory agency inspections; serve as the CSA subject matter expert during FDA, EMA, and other Health Authority inspections and ensure validation documentation is complete, current, and accessible.
Contribute to relevant sections of regulatory submissions and respond to agency questions related to computerized systems and data integrity.
Monitor evolving regulatory guidance and industry standards related to CSA, CSV, data integrity, and cloud-based systems; proactively adapt Nurix's program to reflect current expectations.
Serve as the primary point of contact and internal consultant for all GxP system owners across Quality, IT, Regulatory Affairs, CMC, and Clinical Operations.
Develop and deliver CSA training for system owners, end users, and other stakeholders to build organizational capability and awareness.
Partner with IT and vendor project teams to embed validation requirements early in system selection and implementation processes.