Sr. Manager, IT Data Protection and Compliance
When you’re part of the team at Thermo Fisher Scientific, you’ll do important work, like helping customers in finding cures for cancer, protecting the environment or making sure our food is safe. Your work will have real-world impact, and you’ll be supported in achieving your career goals.
- Develop, initiate, maintain, and revise policies, standards, procedures, work instructions, and guidelines all security programs and related activities.
- Drive implementation of security policies, procedures, and technologies across the organization.
- Work closely with legal to understand to ensure the proper security controls are in place to protect sensitive data of our company, employees, and customers within the law and regulations around the world.
- Work with teams to ensure the concept of security by design and privacy by design is embedded within solutions at the onset of their development.
- Conduct regular assessments to identify sensitive data at risk and provide strategic thought leadership on how to implement technologies and processes to aid in data protection.
- Investigate and implement technologies that will protect sensitive data while in transit and at rest within and outside of the corporate boundaries (i.e. IaaS, PaaS, and SaaS).
- Embed privacy impact assessment process into risk assessment processes to ensure data privacy requirements are integrated into all new and existing programs.
- Partner effectively with the security awareness program to effectively communicate new policies, procedures, and programs.
- Collaborate with other departments outside of IT (e.g., Risk Management, Internal Audit, HR, Legal, etc.) to direct policy and regulatory issues to appropriate channels for investigation and resolution.
- Consult with corporate counsel as needed to resolve legal issues related to regulations and standards.
- Provide training and awareness on company policies across the organization.
- Perform other duties as assigned.
- 8+ years’ experience in information technology, compliance, legal, data protection/privacy, and/or information security.
- Bachelor’s Degree in Law, Information Security, Cybersecurity, Information Assurance, Risk Management, or equivalent work experience.
- Strong interpersonal, organizational, and excellent documentation skills are a must
- Ability to explain and champion technical concepts to a broad audience focusing on business acumen.
- Excellent customer service skills required
- Strong analytical and product management skills required, including a thorough understanding of how to interpret customer business needs and translate them into application and operational requirements
- Comprehensive knowledge of and proven ability in the following:
- Strong knowledge of data protection, risk analysis and information security
- Knowledge of data privacy and security requirements under EU Data Protection Directive, PCI, GLB, HIPAA, FDA and internal legislation when appropriate for business. (Canada Personal Information Act, etc.)
- Relevant certificates such as CISSP, CISA, CISM and Privacy certifications such as ISO 27002 and 27018 are recommended
Non-Negotiable Hiring Criteria:
- Strong attention to detail, organizational skills, time management
- Excellent verbal and written communication skills
- The ability to interact professionally with a diverse group: executives, managers, and subject matter experts
At Thermo Fisher Scientific, each one of our 50,000 extraordinary minds has a unique story to tell. Join us and contribute to our singular mission—enabling our customers to make the world healthier, cleaner and safer. Apply today http://jobs.thermofisher.com
Thermo Fisher Scientific is an EEO/Affirmative Action Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other legally protected status.