Tandym Tech

Serve as SME for CSA validation projects ensuring compliance with regulatory standards, managing risk assessments, drafting and reviewing validation documentation, and collaborating with cross-functional teams. | 7-10+ years in CSV and CSA, bachelor's in relevant technical field, strong knowledge of FDA regulations and GxP compliance, experience in life sciences or pharma industries, and strong communication and project management skills. | The CSA Validation SME is a key stakeholder within the ELC CSA Center of Excellence (COE). This role ensures the integrity of CSA projects with a strong focus on risk assessment, compliance, and regulatory adherence. Acting as a subject matter expert (SME), the CSA Validation SME serves as a bridge between COE leadership, protocol authors, and testers. The SME will ensure projects meet regulatory, data integrity, and organizational (R&D/GSC/IT) policies while maintaining best practices in validation and documentation. • **Long term contract to hire in Queens*** Responsibilities: • Provide expertise on validation project risk and complexity. • Maintain and promote validation best practices. • Gather project information from system owners and collaborate frequently with Business Analysts. • Ensure compliance with Good Documentation Practices (GDP). • Support the writing and review of reports summarizing CSA validation execution. • Collect feedback from System Owners on deliverables. • Draft, review, and execute validation documentation, including: • GxP Assessment • Risk Assessment (RA) • Validation Plan (VP) • Test Plan (TP) • Validation Summary Report (VSR) • Support the generation, review, and execution of additional validation documents as required. Qualifications: • Bachelor's Degree in Computer Science, Information Technology, Chemical Engineering, Biomedical Engineering, or a related field. • 7-10+ years of progressive experience in Computer System Validation (CSV) and Computer Software Assurance (CSA). • Strong knowledge of GAMP 5 and 21 CFR Part 11 standards. • Previous experience in GxP or life sciences industries. • Technical competency in FDA regulations. • Expertise in generating, reviewing, and resolving CAPAs. • Strong written and verbal communication skills. • Ability to collaborate effectively with cross-functional teams. • Self-directed with strong time management and project delivery skills. • Practical experience with Data Integrity and ALCOA+ principles is a plus. Desired Skills: • Extensive experience in Medical, Pharma, or Regulatory Compliance industries. • Strong CSA expertise; able to serve as SME. • Agile methodology knowledge preferred. • Strong communication, leadership, and collaboration skills. • Ability to manage competing priorities and meet deadlines. • Analytical, problem-solving, and solution-development skills. • Commitment to customer safety, data integrity, and product quality.

Lead SOC2 Type2 audit program including gap remediation, control testing, risk assessments, coordination with auditors, and compliance reporting. | 5+ years in technology audit/security compliance, 3+ years program management, SOC2 Type2 expertise, knowledge of security frameworks, cloud technology proficiency, and preferably relevant certifications. | We have a current opportunity for a Cybersecurity SOC2 Type2 Audit Analyst on a contract basis. The position will be remote based on th east coast. For further information about this position please apply. (No third-party candidates please) You will join an outstanding team of some of the most innovative minds in the business tasked with designing and deploying cybersecurity guardrails. You will be part of the Cybersecurity team leading all aspects of SOC2 Type2 Certification, including gap remediation and program management, partnering with business leaders to identify and mitigate operational, regulatory, and reputational cybersecurity risks related to SOC2 Type2 Audits. This is an exciting opportunity that will lead our most important and visible cybersecurity compliance initiative, the Soc2 Type2 cybersecurity audit. You will be the key contributor in implementing SOC2 Type2 Audit program, identifying & developing security controls, managing risk assessments, and partnering with IT to provide and implement recommendations for improvements. Your work will improve our processes and identify ways to make our IT control environment even better. Your key partners will be cloud domain architects, application developers, infrastructure teams, and the Cybersecurity organization as a whole. Major Responsibilities • Design and execute tests to validate identified system controls according to SOC2 Type2 requirements. • Prepare and lead efforts to achieve SOC 2 Type2 certification and maintain compliance. • Coordinate with external auditors and ensure all security documentation is up-to-date. • Identify potential gaps in the environment that may impact SOC 2 Type 2 certification, and implement security controls to mitigate these risks. • Evaluate control designs within system architecture, focusing on IT controls related to security and confidentiality. • Assess business and technology processes to determine the effectiveness of related technology controls. • Review system control efficiency, conduct testing to identify root causes, and provide improvement recommendations to senior management. • Track remediation of controls that are not functioning as intended and enhance the control environment to address evolving threats. • Lead and coordinate the preparation of detailed compliance reports, ensuring accuracy and alignment with SOC2 standards. • Take an active lead role in presenting the certification scope, progress, and outcomes to internal stakeholders across technology and business units. • Lead and manage all aspects of SOC 2 Type 2 audits, including scope expansion, audit readiness, walkthroughs, evidence collection, and coordination with internal and external auditors. • 5+ years working experience in a technology audit, security risk management, and/or security compliance role. • 3+ years of program management experience, including leading complex enterprise IT Audit programs. • Demonstrated experience with Soc2 Type2 IT/cybersecurity internal control definition, design, development, implementation, and monitoring. • Strong functional knowledge of multiple security domains, including industry standards and best practices in information security. • Experienced with implementing and/or auditing compliance programs based on frameworks such as COBIT, COSO, SOC 2, ISO 27001, and NIST 800-53. • Understanding of cybersecurity risks management practices, covering the full lifecycle of activities, including risk identification, assessment, mitigation, monitoring, and reporting. • Experience in mapping and rationalizing controls to meet SOC2 Type2 requirements. • Strong interpersonal skills, with a history of effective collaboration with internal clients providing support services. • Proficiency with cloud infrastructure technologies and services, such as AWS, Azure, and a variety of enterprise SaaS solutions. • Preferred certifications include CRISC, CISA, or ISO 27001 Auditor. internal control systems. Educational Background Required • Bachelor's Degree in Computer Science Preferred