Senior Manager, Privacy and Data Ethics M/F
United Kingdom - Uxbridge Legal & Compliance Regular
Job Description
At Gilead, we’re creating a healthier world for all people. For more than 35 years, we’ve tackled diseases such as HIV, viral hepatitis, COVID-19 and cancer – working relentlessly to develop therapies that help improve lives and to ensure access to these therapies across the globe. We continue to fight against the world’s biggest health challenges, and our mission requires collaboration, determination and a relentless drive to make a difference.
Every member of Gilead’s team plays a critical role in the discovery and development of life-changing scientific innovations. Our employees are our greatest asset as we work to achieve our bold ambitions, and we’re looking for the next wave of passionate and ambitious people ready to make a direct impact.
We believe every employee deserves a great leader. People Leaders are the cornerstone to the employee experience at Gilead and Kite. As a people leader now or in the future, you are the key driver in evolving our culture and creating an environment where every employee feels included, developed and empowered to fulfil their aspirations. Join Gilead and help create possible, together.
Position: Senior Manager/Manager, Privacy
Specific Responsibilities and Skills
The Senior Privacy Manager/Manager is a key contributor to the global Privacy and Data Ethics team (“PDE team”) and is responsible for managing privacy compliance across a number of regions, including Europe, the United Kingdom, Canada and Australia (ACE) region. The PDE team is responsible for Gilead’s global privacy programme, including but not limited to, daily operations of the programme, implementation, maintenance of policies and procedures, monitoring programme compliance, and training.
The PDE team is a global function and provides matrixed support to corporate business lines as well as country counsel within Gilead’s affiliates.
Responsibilities include, but are not limited to:
Privacy Function
* Assist with managing the Company’s privacy programme to ensure compliance with the General Data Protection Regulation (GDPR) and other data protection and privacy laws and regulations in force in the markets in which Gilead operates.
* Serve as a resource to country counsel for privacy-related issues and escalations and help maintain a harmonized, global approach to issues.
* Assist with the creation and management of privacy notices, consents and other forms and materials.
* Serve as a resource to Gilead’s contracts group by negotiating data privacy related contract terms, including those addressing the transfer of data, in its operational agreements across a wide spectrum of vendors typical to the biopharma industry.
* Work with IT Security to manage procedures for vetting and auditing vendors for compliance with the privacy and data security policies and legal requirements.
* Assist with managing the process for addressing complaints and requests from data subjects with respect to the enforcement of their rights under applicable laws.
* Conduct data protection impact assessments (DPIAs).
* Assist with the upkeep of the Company’s data inventory and documentation.
* Managing and maintaining DPIAs, ROPA and DSRs processes and requirements in Gilead’s central privacy management system.
* Support process for receiving, documenting, investigating and reporting unauthorized access or disclosure of protected information.
* Assist with managing breach response, including notification to data subjects, law enforcement and regulators as needed.
Policies and Training
* Maintain and improve corporate privacy policies, procedures, and infrastructure.
* Assist in the development and delivery of privacy training materials and other communications to increase employee understanding of company privacy policies, data handling practices and procedures and legal obligations.
* Work with business teams to increase awareness of “best practices” on privacy and data security issues.
* Serve as information privacy resource to the organization regarding release of information and to all departments for all privacy related issues.
Required Experience & Qualifications
* Professional with strong privacy experience; experience in a life sciences industry preferred.
* CIPP certification (or equivalent) preferred.
* Knowledge of European privacy laws regulations and best practices.
* Proven track record of project and process development, implementation and project management.
* Results oriented, proactive, responsible and pragmatic with a passion to solve complex problems in creative, efficient and cost-effective way and to translate global compliance environments into actionable policies, processes and programs that enable business objectives.
* Proven track record of getting things done in complex organizational context, often without formal authority in a highly matrixed environment.
* Strong knowledge and interest in emerging technologies.
* Excellent communication skills and outstanding interpersonal skills.
* Ability to work independently and demonstrated experience prioritizing conflicting demands from multiple business clients in an extremely fast-paced environment.
* Strong interpersonal skills.
* Self-starter with a high level of initiative and strong work ethic.
#J-18808-Ljbffr