Eli Lilly and Company
Legal Digital Sustainability Risk Integrator
Eli Lilly and Company, Indianapolis, Indiana, us, 46262
At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We’re looking for people who are determined to make life better for people around the world.We are seeking a skilled and motivated Digital Sustainability Risk Integrator to join our data governance, privacy, cybersecurity, and artificial intelligence team (the “digital sustainability team”) within the Legal department. The successful candidate will play a crucial role in ensuring the Digital Sustainability Governance, Risk and Compliance (GRC) framework controls are consistently incorporated across the organization.Do you have experience in Privacy and AI frameworks related to risk management? We are looking for hardworking talent to join our Legal team. Consider this role in our growing Digital Sustainability team today!Responsibilities
Partner with 2nd and 3rd lines of defense organizations to align risk management practices and ensure cohesive implementation of the Digital Sustainability framework controls (e.g. Quality, audit functions, Ethics & Compliance).Work alongside other risk assessment processes to identify, evaluate, and mitigate potential risks related to privacy, AI, and data governance (e.g. Working with Third Parties (WwTP), Regulatory, Information, Security, and Quality (RISQ), Privacy Impact Assessments, AI use case reviews).Support Digital Sustainability Embedded Team in identifying artificial intelligence and privacy risks in business processes by establishing risk review process and artifacts that align to the framework.Collaborate with Global Information Governance workstreams to maintain and enhance the corporation's data governance policies and procedures.Continuously gather business partner feedback to make recommendations on improving the framework.Develop key performance & risk metrics to demonstrate the success of the digital sustainability program.Refine and maintain policies, procedures, and job aids supporting the framework.Research and keep abreast of the latest data governance, artificial intelligence, privacy trends, laws, and best practices.Leverage technology, including artificial intelligence, to automate and find efficiencies in various program controls.Basic Qualifications
Bachelor degree in risk management, law, computer science, information management, or related field.Proven experience (3+ years) in a GRC or privacy program management roles, preferably in a technology-focused role.Qualified applicants must be authorized to work in the United States on a full-time basis. Lilly will not provide support for or sponsor work authorization and/or visas for this role.Additional Skills/Preferences
Experience working with or in 2nd or 3rd lines of defense.Experience with related internal risk assessment processes (e.g. WwTP, RISQ, AI).Certification in artificial intelligence, privacy, or risk management such as AIGP, CIPP, CIPM, CIPT or CRISC, is strongly preferred.Working knowledge of laws, regulations, and standards (e.g. NIST AI RMF, NIST Privacy Framework, ISO, NIST CSF, EU AI Act, GDPR, CPRA, HIPAA) in the realm of Digital Sustainability (e.g. privacy, artificial intelligence, cybersecurity, and data governance).Continuous improvement and control design approach.Experience with privacy-enhancing technologies, data governance, and risk management.Proficiency in developing and tracking privacy metrics and key performance indicators.Proficiency in PIA/DPIA methodologies, presided over or contributed in privacy by design work.Familiarity with risk assessment tools and methodologies, data governance software, and AI technologies.Experience as an IT/Security/Privacy Auditor.Strong communication, presentation, and interpersonal skills.Ability to work independently and collaboratively in a fast-paced environment.High attention to detail and accuracy.
#J-18808-Ljbffr
Partner with 2nd and 3rd lines of defense organizations to align risk management practices and ensure cohesive implementation of the Digital Sustainability framework controls (e.g. Quality, audit functions, Ethics & Compliance).Work alongside other risk assessment processes to identify, evaluate, and mitigate potential risks related to privacy, AI, and data governance (e.g. Working with Third Parties (WwTP), Regulatory, Information, Security, and Quality (RISQ), Privacy Impact Assessments, AI use case reviews).Support Digital Sustainability Embedded Team in identifying artificial intelligence and privacy risks in business processes by establishing risk review process and artifacts that align to the framework.Collaborate with Global Information Governance workstreams to maintain and enhance the corporation's data governance policies and procedures.Continuously gather business partner feedback to make recommendations on improving the framework.Develop key performance & risk metrics to demonstrate the success of the digital sustainability program.Refine and maintain policies, procedures, and job aids supporting the framework.Research and keep abreast of the latest data governance, artificial intelligence, privacy trends, laws, and best practices.Leverage technology, including artificial intelligence, to automate and find efficiencies in various program controls.Basic Qualifications
Bachelor degree in risk management, law, computer science, information management, or related field.Proven experience (3+ years) in a GRC or privacy program management roles, preferably in a technology-focused role.Qualified applicants must be authorized to work in the United States on a full-time basis. Lilly will not provide support for or sponsor work authorization and/or visas for this role.Additional Skills/Preferences
Experience working with or in 2nd or 3rd lines of defense.Experience with related internal risk assessment processes (e.g. WwTP, RISQ, AI).Certification in artificial intelligence, privacy, or risk management such as AIGP, CIPP, CIPM, CIPT or CRISC, is strongly preferred.Working knowledge of laws, regulations, and standards (e.g. NIST AI RMF, NIST Privacy Framework, ISO, NIST CSF, EU AI Act, GDPR, CPRA, HIPAA) in the realm of Digital Sustainability (e.g. privacy, artificial intelligence, cybersecurity, and data governance).Continuous improvement and control design approach.Experience with privacy-enhancing technologies, data governance, and risk management.Proficiency in developing and tracking privacy metrics and key performance indicators.Proficiency in PIA/DPIA methodologies, presided over or contributed in privacy by design work.Familiarity with risk assessment tools and methodologies, data governance software, and AI technologies.Experience as an IT/Security/Privacy Auditor.Strong communication, presentation, and interpersonal skills.Ability to work independently and collaboratively in a fast-paced environment.High attention to detail and accuracy.
#J-18808-Ljbffr