Data Security & Privacy Lead
5 days ago
Madrid
ppAt Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters. /p h3Position /h3 pAt Roche, we thrive to deliver more benefits to our patients as part of our 10‑year Pharma vision. An integral part of achieving this vision is to deliver new and innovative data analytics solutions to our scientists across Pharma Technical Operations (PT). To do so, we have formed a new organization called PT Digital and Operational Excellence (PTE) with the aspiration to digitally transform and become a lean organization. PTE catalyzes the global development and execution of PT’s Digital and Operational Excellence strategy to enable PT to realize our performance promises. We build a strong cross‑functional and inclusive community, put the power of data into the hands of our people, further develop Lean and Digital skills across PT, and scale up our Digital and Advanced Analytics solutions, for the benefit of our colleagues and patients. /p h3Opportunity: Data Security Privacy Lead /h3 pAs our Data Security Privacy Lead, your main responsibilities will be divided into four core pillars: /p pbSecurity Privacy Policy Definition and Implementation /b /p ul liWork closely with relevant Roche IT, legal, and regulatory functions to define policies for data acquisition, storage, usage, and deletion to ensure security and privacy across the data lifecycle. /li liPartner with System Owners, Data Owners, and IT to ensure security and privacy policies are relevant and applied adequately to existing systems across PT. /li liConduct impact assessments and define implementation strategies for new and updated policies, working closely with business partners to effectively and consistently implement policy. /li /ul pbSecurity Privacy Compliance /b /p ul liCollaborate with business domains to effectively monitor privacy and security compliance across multiple systems and platforms. /li liSupport business domains to appropriately respond to data subject requests and regulatory requirements in a compliant and timely manner. /li liEnsure PT data adheres to regulatory requirements and global data protection laws and regulations (e.g., GDPR, DPA). /li liCoordinate architectural design decisions affecting security and privacy by design principles throughout the solution development lifecycle. /li /ul pbAdvisory Advocacy /b /p ul liAct as the primary point of contact and provide expertise for staff regarding data privacy and protection obligations, including information governance activities and information security. /li liContinuously train, upskill, and raise awareness for privacy and security maturity in PT. Lead policy‑specific awareness activities, working with the Data Culture Lead where relevant to ensure PT‑wide understanding and effective adoption. /li /ul pbRisk Monitoring Escalation /b /p ul liConduct regular risk assessments and security audits, scoping and suggesting mitigations to ensure data security and privacy practices are adhered to, and the risk of future incidents is reduced. /li liLeverage comprehensive knowledge of Roche escalation pathways and risk mitigation to elevate emerging issues based on impact assessment—taking targeted action to mitigate risks to patient safety and regulatory non‑compliance. /li /ul h3Qualifications /h3 pWho You Are: /p ul liDynamic, structured, and collaborative professional who thrives in environments undergoing digital evolution. /li liStrong analytical skills, an eye for detail, and the ability to influence and manage relationships effectively across a global matrix organization. /li /ul pTo be successful in this role, you should bring: /p ul liExperience: Minimum of 5+ years of experience in data security, governance, and privacy management, preferably within the life sciences or healthcare industry. /li liEducation: Bachelor’s or Master’s degree in Information Security, Cyber Security, Computer Science, or a related field. /li liTechnical Expertise: ul liFamiliarity with data protection frameworks, audits, and compliance processes. /li liProven experience with data security, governance, and privacy tools/technologies (e.g., DLP, Cloud Platforms like GCP, AWS, Azure, and IT/OT data repositories such as Snowflake or Data Historians). /li liSolid experience working with DSARs, DPIAs, audits, RoPA, and managing data breaches. /li /ul /li liCore Skills: Strong communication skills with the ability to clearly articulate complex technical issues to non‑technical stakeholders. Proven capability to analyze risks, provide strategic guidance, and resolve issues effectively. /li /ul pWho we are /p pA healthier future drives us to innovate. Together, more than 100,000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life‑changing healthcare solutions that make a global impact. /p pLet’s build a healthier future, together. /p pbRoche is an Equal Opportunity Employer. /b /p /p #J-18808-Ljbffr