Manager, IT Risk and Compliance
Manager, IT Risk and Compliance
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
$ 146540 - 189640
1 Vacancy
Job Description
At Gilead were creating a healthier world for all people. For more than 35 years weve tackled diseases such as HIV viral hepatitis COVID-19 and cancer working relentlessly to develop therapies that help improve lives and to ensure access to these therapies across the globe. We continue to fight against the worlds biggest health challenges and our mission requires collaboration determination and a relentless drive to make a difference.
Every member of Gileads team plays a critical role in the discovery and development of life-changing scientific innovations. Our employees are our greatest asset as we work to achieve our bold ambitions and were looking for the next wave of passionate and ambitious people ready to make a direct impact.
We believe every employee deserves a great leader. People Leaders are the cornerstone to the employee experience at Gilead and Kite. As a people leader now or in the future you are the key driver in evolving our culture and creating an environment where every employee feels included developed and empowered to fulfil their aspirations. Join Gilead and help create possible together.
Job Description
Gileads mission is to discover develop and deliver therapies that will improve the lives of patients with life-threatening illnesses worldwide. The Manager IT Risk and Compliance is a key member of the Security Risk Compliance (SRC) - DP team and works closely with the legal Privacy & Data Ethics (P&DE) team and other IT teams to ensure privacy program and controls are in place. They will serve as a subject matter expert on Information Security and Privacy principles; company policies and standards; and regulatory requirements as they pertain to data privacy. The person in this position will be required to understand and communicate the reporting requirements as defined by company policy and interpret and apply the concepts and requirements when processing and managing privacy and security incidents.
Key Responsibilities:
Develop / update / maintain data related privacy policies standards and documentation.
Contribute directly to the data privacy program strategy and roadmap
Be responsible for working on and leading Data Privacy related projects project tasks and deliverables
Serve as an initial point of contact & escalation for other team members operational teams & works relating to Data Privacy (i.e. PIAs / Vendor Security Assessments and contract reviews and security rider updates) and escalate when appropriate.
Provide assessor / manager related lead activities for Data Privacy Incidents (DPIs) & work collaboratively with the Cybersecurity / SOC team for interactions between DPIs and SOC Security incidents.
Lead inputs for Data Privacy related assessments providing review / approval for resultant reports.
Participate in requirements for and reviews of vendor proposals.
Support the Privacy Champions group by delivering awareness and education beyond IT to other Gilead business units.
Drive continual improvements for the creation and delivery of Data Privacy educational training and orientation programs for all employees contractors and other appropriate third parties.
Maintain current knowledge of application U.S and EU and global data protection laws and accreditation standards.
Builds and develops strategic working relationships across business groups and provide lead coverage on more complex issues.
Review system-related information security plans throughout the practice / organizations network to ensure alignment between security and privacy practices.
Provide support and conduct reviews of contracts service level and evaluation agreements.
Collaborates within various business groups to analyze and evaluate reported potential privacy incidents to determine whether a loss of sensitive data protection health information policy violation and / or cyber or other threat to the enterprise has occurred.
Analyses and identifies trends from privacy and security reportable issues.
Define and creates privacy and security reportable issues metrics and reports.
Participate in other activities relating to security and privacy incident management.
Basic Qualifications:
Bachelors Degree and Six Years Experience OR Masters Degree and Four Years Experience AND progressively responsible IT experience including experience in information security / privacy & risk management and being responsible for leading a team / service provider function.
Experience developing and implementing compliance monitoring processes and procedures.
In depth experience with formal project planning and risk assessment methodologies.
Strong knowledge of information systems security concepts and current information security / privacy trends and practices.
Knowledge of EU and global security and privacy-related regulatory requirements (i.e. U.S Privacy and Security Regulations GDPR PIPA PIPEDA etc.).
Strong business and technical skills in the planning administration and management of information systems operational and technical security controls; and security risk analysis and management.
Ability to write and communicate in proper business English (including writing our formal assessment documents) with strong verbal skills and ability to adapt information delivery based on the target audience
Preferred Qualifications:
Industry appropriate certifications beneficial (CIPP / EU and/or U.S CIPM CHP or other certified privacy or security-related credentials).
In-depth knowledge and experience of vendor / supplier-based security and privacy assessments and on-site audits.
Knowledge about medical records and other medical information patient privacy and confidentiality and release of information.
Experience in appropriately managing confidential and sensitive information.
Must be able to prepare formal reports and presentations as needed.
Must be detailed oriented and possess the ability to prioritize tasks so work is completed in an accurate timely manner.
Strong Knowledge of Security Frameworks (ISO 27001 NIST 800-53 etc.)
Self-starter with the ability to work independently lead others prioritize multi-task and maintain flexibility in fast-paced changing environment. Be proactive independent and responsive requires little supervisory attention.
Ability to confront conflict and progress difficult issues in a professional assertive and proactive manner.
Ability to build strong working relationships at all levels internal and/or external to the organization.
Prior working experience in a pharmaceutical company is strongly preferred
Highly organized results-oriented and attentive to details
People Leader Accountabilities:
Create Inclusion - knowing the business value of diverse teams modeling inclusion and embedding the value of diversity in the way they manage their teams.
Develop Talent - understand the skills experience aspirations and potential of their employees and coach them on current performance and future potential. They ensure employees are receiving the feedback and insight needed to grow develop and realize their purpose.
Empower Teams - connect the team to the organization by aligning goals purpose and organizational objectives and holding them to account. They provide the support needed to remove barriers and connect their team to the broader ecosystem.
For additional benefits information visit:
For jobs in the United States:
Gilead Sciences Inc. is committed to providing equal employment opportunities to all employees and applicants for employment and is dedicated to fostering an inclusive work environment comprised of diverse perspectives backgrounds and experiences. Employment decisions regarding recruitment and selection will be made without discrimination based on race color religion national origin sex age sexual orientation physical or mental disabilitygenetic information or characteristic gender identity and expression veteran status or other non-job related characteristics or other prohibited grounds specified in applicable federal state and local order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973 the Vietnam Era Veterans Readjustment Act of 1974 and Title I of the Americans with Disabilities Act of 1990 applicants who require accommodation in the job application process may contact for assistance.
For more information about equal employment opportunity protections please view theKnow Your Rights poster.
NOTICE: EMPLOYEE POLYGRAPH PROTECTION ACT
YOUR RIGHTS UNDER THE FAMILY AND MEDICAL LEAVE ACT
PAY TRANSPARENCY NONDISCRIMINATION PROVISION
Our environment respects individual differences and recognizes each employee as an integral member of our company. Our workforce reflects these values and celebrates the individuals who make up our growing team.
Gilead provides a work environment free of harassment and prohibited conduct. We promote and support individual differences and diversity of thoughts and opinion.
For Current Gilead Employees and Contractors:
Please apply via the Internal Career Opportunities portal in Workday.
Required Experience:
Manager
Employment Type
Full-Time
