Privacy & Compliance Expert

hace 4 meses

Sant Cugat del Vallès, España Roche A tiempo completo

The Position

The team:

We are the global product security and privacy center of Roche Diagnostics worldwide. Our vision: 

To build a solid Global Product Security and Privacy Operations function, provide strategic security insight across Roche Diagnostics to ensure our devices are what our regulators require and our patients deserve.

Our priorities: 

Understanding our customers and Stakeholder needs to deliver effective security on testing solutions

Develop an agile and sustainable operating business model to deploy security concepts that enable confident healthcare decisions. 

Institutionalize security role models to provide guidance, education and awareness to maximize the security of Roche Diagnostics solutions and create trust along the patients journeys

Data security and privacy are key success factors in our digital transformation and essential to reach our ambitions. You are inspired to contribute to the overall Roche Diagnostics vision by applying end-to-end Division-wide product security and privacy operations to keep our products and services secure and privacy compliant throughout the entire lifecycle. You believe in the potential of science, technology, data and insights to improve the standard of care for humankind and you are eager to help navigate through unchartered territory to lift this potential. 

The Position:

The Privacy & Compliance Expert will: 

Manage ongoing security & privacy compliance audits, and certification programs.

Establish and promote business compliance implementation process, and ensure the risk convergence and privacy protection technology for business scenarios;

Support legal and technology teams in drafting privacy-related policies, standards, guidelines, and processes.

Promote privacy program implemented in all business areas, including medical devices and cloud solutions

Promote the development and utilization of privacy protection and automation tools.

Communicate and evangelize the importance of security & privacy and support Roche and Roche leadership to expand our influence in industry on security & privacy topics.

Maintaining Information Security program and compliance focusing in privacy related topics

Help to create a knowledge base of likely inspection behavior of the privacy regulators Germany, Spain, France, US, China), including ongoing analysis of reported inspections, published material, etc. Audit SOP of the CNIL, survey activities of the German DPAs)

Define and maintain the internal key processing activities related to Privacy Governance, including but not limited to: data protection impact assessments (DPIA’s), data processing agreements, data retention, data deletion approach, training records, etc.

Spot-check reviews of contracts and security and privacy controls listed in DPIAs.

Prepare privacy certifications (by role playing certification body).

Manage the Privacy and Information Security Management System (PIMS).

Minimum Qualifications:

Bachelor degree in a field with a strong emphasis on information security, computer, communication, or related majors, master degree as a plus.

6+ years cybersecurity and/or privacy program management experience and exposure to large-scale systems in fast-paced environment.

Audit and/or compliance related roles experience in multinational environments.

Experience in using data and metrics to define business strategy and gain executive support for new visions.

Strong understanding of software engineering project management.

Familiar with key laws and regulations in privacy, such as GDPR, CCPA, COPPA, etc.

Superior Verbal/Written communication & data presentation skills, proved ability to effectively communicate with both business and technical teams.

Demonstrated track record of cultivating strong working relationships and collaborating across multiple teams.

Ability to thrive in a fast-paced, startup-like, agile development environment.

Preferred Qualifications:

Experience working in a Software Development environment.

Proven ability to influence change at all levels within an organization

Expert planner with business process definition experience and a strong IT aptitude

Knowledge of Product Development Life Cycles (PDLC)

Industry certifications relating to security, privacy, and risk management, such as CIPP, CIPM, CIPT or Information security certifications such as CISM, CISSP, CISA, and CRISC

Working knowledge or willingness to quickly learn the content and requirements of various laws, regulations, industry guidance, and company compliance policies, particularly related to privacy, data disclosure, and cybersecurity

Demonstrate data analytical skills, creativity, and experience working with attention to detail

Experience maintaining open, candid, and trusting work relationships

Ability to “Zoom Out” (see the big picture and give strategic direction) as well as to “Zoom in” (to provide more granularity when exchanging with a wide range of experts.

Strong business acumen; sensitive to business needs; view change as an opportunity; eager to work in a fast-paced environment.

Best in class attitude; challenge status constructively and contribute to improvements; results oriented; ability to influence; solution oriented mindset.

Strong organizational skills and ability to prioritize and manage multiple projects simultaneously.

Apply if you are:

Self-organized and an owner ; since we have flexible remote working we believe in trust and individual accountability for getting things done A team player , who listens to your colleagues and, at the same time, you are not afraid to be assertive when needed A proactive person who is comfortable speaking up constructively. Able to handle uncertainty Looking for a purpose where your work will have a real impact on patient lives. Your work is meaningful to you Passionate and naturally curious Looking for solving real-world problems and proposing actual plans Not afraid to fail and learn.

Location:

We offer a hybrid model with a lot of flexibility between the Sant Cugat office and the home office.

What else:

This role offers a competitive salary, plus an excellent benefits package that includes (among others):

Fascinating opportunities for your professional growth Additional holidays per labor agreement Wide range of options and platforms for learning and development Agile and flexible working policy, working from home An exceptional and modern office space (canteen, parking,... and free coffee) Private medical insurance Pension plan Life insurance Roche stock options

At Roche, diversity and inclusion are essential values for our success. We have a special interest in integrating people with disabilities into our teams. If you have a disability, for us it is a plus, and we have special benefits for you: Go ahead and join us

  • Privacy and Compliance Expert

    hace 7 días

    Sant Cugat, Barcelona, España Roche A tiempo completo

    About the RoleThe Privacy and Compliance Expert will play a critical role in ensuring the global product security and privacy operations of Roche Diagnostics are aligned with regulatory requirements and industry best practices.Key ResponsibilitiesManage ongoing security and privacy compliance audits and certification programs to ensure Roche Diagnostics...

  • Privacy and Compliance Expert

    hace 7 días

    Sant Cugat, Barcelona, España Roche A tiempo completo

    About the RoleThe Privacy and Compliance Expert will play a critical role in ensuring the global product security and privacy operations of Roche Diagnostics are aligned with regulatory requirements and industry best practices.Key ResponsibilitiesManage ongoing security and privacy compliance audits and certification programs to ensure Roche Diagnostics...

  • Privacy Architect

    hace 2 días

    Sant Cugat, Barcelona, España Hewlett-Packard A tiempo completo

    Job Title: Privacy by Design ArchitectHewlett-Packard is seeking an experienced Privacy by Design Architect to advise business teams on implementing effective privacy practices and ensuring compliance with regulatory requirements.Key Responsibilities:Manage interactions with HP's Privacy office and Information Governance Board to ensure compliance with...

  • Privacy Architect

    hace 2 días

    Sant Cugat, Barcelona, España Hewlett-Packard A tiempo completo

    Job Title: Privacy by Design ArchitectHewlett-Packard is seeking an experienced Privacy by Design Architect to advise business teams on implementing effective privacy practices and ensuring compliance with regulatory requirements.Key Responsibilities:Manage interactions with HP's Privacy office and Information Governance Board to ensure compliance with...

  • Privacy By Design Architect

    hace 2 semanas

    08174 Sant Cugat del Vallès, Barcelona provincia, España Hewlett Packard A tiempo completo

    HP is continuously looking to improve the way our customers experience and use our products and services and the way HP is engaging with them. We are seeking an experienced and innovative Privacy by Design Architect to advise business teams across multiple geographies and businesses on implementing effective privacy practices by supporting solution design...

  • Privacy by Design Strategist

    hace 7 días

    Sant Cugat, Barcelona, España Hewlett Packard A tiempo completo

    About the RoleHewlett Packard is seeking a highly skilled and experienced Privacy by Design Architect to join our team. As a key member of our organization, you will play a critical role in advising business teams across multiple geographies and businesses on implementing effective privacy practices.Key ResponsibilitiesAlign Privacy by Design Principles:...

  • Privacy by Design Strategist

    hace 7 días

    Sant Cugat, Barcelona, España Hewlett Packard A tiempo completo

    About the RoleHewlett Packard is seeking a highly skilled and experienced Privacy by Design Architect to join our team. As a key member of our organization, you will play a critical role in advising business teams across multiple geographies and businesses on implementing effective privacy practices.Key ResponsibilitiesAlign Privacy by Design Principles:...

  • Security and Compliance Program Specialist

    hace 6 días

    Sant Cugat, Barcelona, España Roche A tiempo completo

    About the RoleRoche is a global leader in the healthcare industry, and we're committed to fostering a culture of diversity, equity, and inclusion. As a Security and Compliance Program Specialist, you'll play a critical role in ensuring the security and integrity of our products and services.Key ResponsibilitiesProduct Security and Privacy Governance: Support...

  • Security and Compliance Program Specialist

    hace 6 días

    Sant Cugat, Barcelona, España Roche A tiempo completo

    About the RoleRoche is a global leader in the healthcare industry, and we're committed to fostering a culture of diversity, equity, and inclusion. As a Security and Compliance Program Specialist, you'll play a critical role in ensuring the security and integrity of our products and services.Key ResponsibilitiesProduct Security and Privacy Governance: Support...

  • Cybersecurity Expert

    hace 33 minutos

    Sant Cugat, Barcelona, España Roche A tiempo completo

    About the RoleWe are seeking a highly skilled Cybersecurity Expert to join our team at Roche Diagnostics. As a key member of our security operations team, you will be responsible for defining and implementing security and privacy controls to protect our products and services.Key ResponsibilitiesDevelop and maintain security and privacy requirements for Roche...

  • Cyber Security Architect

    hace 1 semana

    Sant Cugat, Barcelona, España F. Hoffmann-La Roche Gruppe A tiempo completo

    About the RoleWe are seeking a highly skilled Cyber Security Architect to join our team at F. Hoffmann-La Roche Gruppe. As a Cyber Security Architect, you will play a critical role in ensuring the security and privacy of our healthcare devices and services.Key ResponsibilitiesDevelop and implement secure product development value chains for healthcare...

  • Cybersecurity Risk Management Specialist

    hace 6 días

    Sant Cugat, Barcelona, España Roche A tiempo completo

    About the RoleWe are seeking a highly skilled Cybersecurity Risk Program Manager to join our team at Roche. As a key member of our organization, you will be responsible for driving the design, building, and execution of a risk management governance program.Key Responsibilities:Conduct comprehensive risk assessments to identify and analyze potential risks...

  • Cybersecurity Risk Management Specialist

    hace 6 días

    Sant Cugat, Barcelona, España Roche A tiempo completo

    About the RoleWe are seeking a highly skilled Cybersecurity Risk Program Manager to join our team at Roche. As a key member of our organization, you will be responsible for driving the design, building, and execution of a risk management governance program.Key Responsibilities:Conduct comprehensive risk assessments to identify and analyze potential risks...

  • Cybersecurity Risk Management Specialist

    hace 7 días

    Sant Cugat, Barcelona, España F. Hoffmann-La Roche Gruppe A tiempo completo

    About the RoleWe are seeking a highly skilled Cybersecurity Risk Program Manager to join our team at F. Hoffmann-La Roche Gruppe. As a key member of our organization, you will be responsible for driving the design, building, and execution of a risk management governance program.Key ResponsibilitiesConduct thorough risk assessments by analyzing current risks...

  • Cybersecurity Risk Management Specialist

    hace 7 días

    Sant Cugat, Barcelona, España F. Hoffmann-La Roche Gruppe A tiempo completo

    About the RoleWe are seeking a highly skilled Cybersecurity Risk Program Manager to join our team at F. Hoffmann-La Roche Gruppe. As a key member of our organization, you will be responsible for driving the design, building, and execution of a risk management governance program.Key ResponsibilitiesConduct thorough risk assessments by analyzing current risks...

  • Cybersecurity Risk Management Specialist

    hace 1 semana

    Sant Cugat, Barcelona, España Roche A tiempo completo

    About the RoleAt Roche, we are passionate about transforming patients' lives and we are fearless in both decision and action - we believe that good business means a better world. That is why we come to work each day. We commit ourselves to scientific rigor, unassailable ethics, and access to medical innovations for all. We do this today to build a better...

  • Cybersecurity Risk Management Specialist

    hace 1 semana

    Sant Cugat, Barcelona, España Roche A tiempo completo

    About the RoleAt Roche, we are passionate about transforming patients' lives and we are fearless in both decision and action - we believe that good business means a better world. That is why we come to work each day. We commit ourselves to scientific rigor, unassailable ethics, and access to medical innovations for all. We do this today to build a better...

  • Cybersecurity Risk Management Specialist

    hace 2 días

    Sant Cugat, Barcelona, España Roche A tiempo completo

    About the RoleWe are seeking a highly skilled Cybersecurity Risk Program Manager to join our team at Roche. As a key member of our organization, you will be responsible for driving the design, building, and execution of a risk management governance program.Key ResponsibilitiesConduct risk assessments by analyzing current risks and identifying potential risks...

  • Cybersecurity Risk Management Specialist

    hace 3 días

    Sant Cugat, Barcelona, España Roche A tiempo completo

    About the RoleWe are seeking a highly skilled Cybersecurity Risk Program Manager to join our team at Roche. As a key member of our organization, you will be responsible for driving the design, building, and execution of a risk management governance program.Key ResponsibilitiesConduct risk assessments by analyzing current risks and identifying potential risks...

  • Cyber Security Architect

    hace 1 semana

    Sant Cugat, Barcelona, España Roche A tiempo completo

    About the RoleWe are seeking a highly skilled Cyber Security Architect to join our team at Roche. As a Cyber Security Architect, you will play a critical role in ensuring the security and privacy of our healthcare devices and services.Key ResponsibilitiesDefine security viewpoints for target solution architectures and implementation roadmaps of Roche's...