Digital, AI and Privacy Legal and Compliance Manager Germany (m/f/d)

This position is part of the global Privacy, Digital and Cybersecurity team of experts in Legal and Compliance at GSK to support world-wide enterprise data ethics and privacy risk strategy. This role also supports the broader Digital, Privacy and Cybersecurity team on aspects where it leads legal and compliance advice on the Responsible AI framework at GSK, digital and cybersecurity risks.

The Digital, AI and Privacy Legal and Compliance Director provides leadership in driving local compliance activities across GSK’s business and takes responsibility for advising GSK of its obligations under local privacy, AI, digital and cybersecurity regulations and for acting as a point of contact for GSK employees, data subjects and DPAs.

As a member of the Global Digital, Privacy and Cybersecurity team this role requires strong general knowledge of data protection and privacy laws, local digital and AI regulations. The Director requires a strong focus on solving problems for the business by efficiently advising regulatory compliance issues and privacy requirements for innovative digital projects.

Responsibilities:

• Drive the deployment of the enterprise-wide data ethics and privacy compliance program in line with all GSK’s internal policies, regulations and timelines.
• Support the VP, Head of Digital, Privacy and Cybersecurity to deploy the DPC strategy by working with the local Legal and Compliance teams to ensure a consistent global approach of digital and privacy strategy, while taking into account the complex global legal landscape of digital, privacy and cyber laws.
• Support global initiatives led by the VP, Head of Digital, Privacy and Cybersecurity and the AGC, Global Data Ethics and Privacy Lead, EU Data Protection Officer.
• Partner with Compliance Officers to report on progress and gaps to the Risk Management Compliance Boards.
• Partner with Local Legal teams to lead interpretation of local privacy, AI, digital and cybersecurity regulations.
• Support global review of GSK written standards including the privacy policy, standards, tools and standard operating procedures, including leading on any country-specific content and requirements that need to be addresses for local deployment of the privacy operating model.
• Review the role-based target audience for training.
• Manage local process owners and third-party managers in the principles of privacy by design and perform privacy impact assessments.
• Support the closure of local Corrective and Preventative Actions.
• Consult, seek advice, and provide support to the AGC, Global Data Ethics and Privacy Lead, EU Data Protection Officer.
• Respond to inquiries and complaints from data subjects.
• Support AGC, Global Data Ethics and Privacy Lead, EU Data Protection Officer to notify the Data Privacy Authority of breaches within applicable timeframes.
• Review changes to local privacy laws together with the legal counsel and support local corrective and preventative action plan remediations.
• Educate others on country-specific privacy risks.
• Share and gather good practices from your country with the broader Digital, Privacy and Cybersecurity team.
• Oversee GSK’s compliance with the enforcement of individual rights under local data protection and privacy laws.
• Stay current on emerging technologies, new and proposed laws, and other developments, as well as best practices and trends in the digital and privacy space, and act on opportunities to shape the external environment.
• Play a key role in contributing to creation and management of digital and privacy templates, training and education programs and DPC “Cheat Sheets”.
• Contribute to shaping the future strategy of the Digital, Privacy and Cybersecurity team in line with the global business approach to its digital transformation and focus on putting digital innovation at the heart of its business

Why you?

Basic Qualifications:

We are looking for professionals with these required skills to achieve our goals:

This is a broad role requiring significant analytical and problem-solving acumen. A high level of expertise is required to be prepared to advise real-time on digital and privacy initiatives for GSK.

• Master’s degree or Law degree plus significant years post-qualification experience in the areas below.
• Privacy CIPP or similar qualification.
• Highly proficient with data privacy laws and regulations, plus relevant work experience in managing data privacy matters, GDPR, e-Privacy Directive and other global privacy and data regulatory frameworks;
• Digital advertising standards and requirements in Europe

Preferred Qualifications:

If you have the following characteristics, it would be a plus:

• Motivated self-starter with ability to excel at multi-tasking in a fast-paced environment.
• Superior time management, planning, and organizational skills.
• Strong analytic capabilities, written and oral communication skills.
• Exceptional interpersonal skills with proven experience in relationship building and partnering.
• Must work well in both team and individual settings.

#LI-GSK

Why GSK?

Uniting science, technology and talent to get ahead of disease together.

GSK is a global biopharma company with a purpose to unite science, technology and talent to get ahead of disease together. We aim to positively impact the health of 2.5 billion people by the end of the decade, as a successful, growing company where people can thrive. We get ahead of disease by preventing and treating it with innovation in specialty medicines and vaccines. We focus on four therapeutic areas: respiratory, immunology and inflammation; oncology; HIV; and infectious diseases – to impact health at scale.

People and patients around the world count on the medicines and vaccines we make, so we’re committed to creating an environment where our people can thrive and focus on what matters most. Our culture of being ambitious for patients, accountable for impact and doing the right thing is the foundation for how, together, we deliver for patients, shareholders and our people.

Should you require any adjustments to our process to assist you in demonstrating your strengths and capabilities contact us at DE.Contact-Recruitment@gsk.com where you can also request a call.

Please note should your inquiry not relate to adjustments, we will not be able to support you through these channels. However, we have created a Recruitment FAQ guide. Click the link where you will find answers to multiple questions we receive.

GSK is an Equal Opportunity Employer. This ensures that all qualified applicants will receive equal consideration for employment without regard to ethnicity, colour, religion, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, genetic information (including family medical history), military service or any basis prohibited under federal, state or local law.

Important notice to Employment businesses/ Agencies

GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.

Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, GSK may be required to capture and report expenses GSK incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure GSK’s compliance to all federal and state US Transparency requirements. For more information, please visit the Centers for Medicare and Medicaid Services (CMS) website at https://openpaymentsdata.cms.gov/