Associate Lead Consultant - Validation Testing Job

YASH Technologies is a leading technology integrator specializing in helping clients reimagine operating models, enhance competitiveness, optimize costs, foster exceptional stakeholder experiences, and drive business transformation.

At YASH, we’re a cluster of the brightest stars working with cutting-edge technologies. Our purpose is anchored in a single truth – bringing real positive changes in an increasingly virtual world and it drives us beyond generational gaps and disruptions of the future.

We are looking forward to hire Validation Testing Professionals in the following areas :

Job description:

Experience required: 10+ years

IT Risk and Vendor Compliance Lead

Role Summary

This role is responsible for establishing, maintaining, and continuously improving the company’s IT quality, risk, and vendor compliance framework. This role ensures that IT systems and third‑party vendors supporting regulated processes are fit for intended use, compliant with regulatory requirements, and aligned with quality and data integrity expectations.

The role works in close partnership with Information Security (InfoSec) to ensure technology risks are appropriately identified, assessed, and managed across quality, security, and compliance domains, while maintaining clear ownership boundaries between Quality and Security responsibilities.

Key Responsibilities

IT Risk Management

• Lead the identification, assessment, and mitigation of IT and technology‑related risks, including GxP, data integrity, cybersecurity, and operational risks.
• Define and maintain a risk‑based approach to IT governance aligned with applicable regulations and standards (e.g., FDA QMSR, 21 CFR Parts 11 and 820, ISO 13485, ISO 27001, Annex 11).
• Support system risk assessments for new tools, enhancements, upgrades, and decommissioning activities.
• Lead IT system and vendor risk assessments from a quality and regulatory perspective.
• Ensure risks impacting GxP compliance, data integrity (ALCOA+), and patient/product safety are properly assessed and mitigated.

Vendor and Third‑Party Compliance

• Lead vendor risk assessments, due diligence activities, and ongoing monitoring for critical and high‑risk vendors.
• Partner with InfoSec to align vendor quality risk assessments with:
  • Security risk assessments
  • Data classification and data flow analyses
• Review and assess vendor documentation, including:
  • Quality Management Systems (QMS)
  • SOC reports
  • Validation and assurance documentation
• Coordinate and participate in vendor audits, as required.

Partnership with Information Security

• Work closely with InfoSec to ensure data protection, privacy, and cybersecurity controls support regulatory requirements
• Review system architectures, data flows, and data classifications affecting regulated data

• Collaborate to ensure security controls are implemented and operated in a manner that supports regulatory compliance, audit readiness, and data integrity.
• Collaborate with Information Security to develop, maintain, and improve IT risk, vendor compliance, and third‑party governance procedures as appropriate.

Audit, Inspection, and Issue Management

• Support internal audits, regulatory inspections, and third‑party assessments related to IT systems and vendors.
• Support CAPA development and remediation activities related to IT risk or vendor findings.

Cross‑Functional Leadership and Influence

• Partner closely with IT, Quality, InfoSec, and Business teams to enable compliant technology adoption.
• Provide practical, risk‑based guidance that supports business needs while maintaining regulatory compliance.
• Communicate complex compliance and risk concepts clearly to non‑technical stakeholders.

Required Qualifications

• Bachelor’s degree in Information Technology, Computer Science, Engineering, Quality, or a related field
• 8+ years of experience in IT Quality & Compliance, IT Risk Management  or Vendor Oversight within a regulated environment (pharma, biotech, medical devices, or similar)
• Strong working knowledge of:
  • FDA QMSR / 21 CFR Part 820
  • 21 CFR Part 11
  • ISO 13485 and ISO 9001
  • Data Integrity principles (ALCOA+)
• Hands‑on experience supporting vendor‑hosted and SaaS systems in GxP contexts.
• Experience leading or supporting vendor audits.
• Familiarity with information security frameworks (e.g., ISO 27001, SOC 2).
• Experience working with cloud‑based systems and modern IT delivery models
• Demonstrated experience partnering with Information Security teams.

Preferred Qualifications

• Professional certifications (e.g., CISA, CISSP, CRISC, ASQ, ISPE) a plus.

At YASH, you are empowered to create a career that will take you to where you want to go while working in an inclusive team environment. We leverage career-oriented skilling models and optimize our collective intelligence aided with technology for continuous learning, unlearning, and relearning at a rapid pace and scale.

Our Hyperlearning workplace is grounded upon four principles

• Flexible work arrangements, Free spirit, and emotional positivity
• Agile self-determination, trust, transparency, and open collaboration
• All Support needed for the realization of business goals,
• Stable employment with a great atmosphere and ethical corporate culture