Job Description

Uniting science, technology, and talent to get ahead of disease together

GSK is a global biopharma company with a special purpose \xe2\x80\x93 to unite science, technology and talent to get ahead of disease together \xe2\x80\x93 so we can positively impact the health of billions of people and deliver stronger, more sustainable shareholder returns \xe2\x80\x93 as an organisation where people can thrive. Getting ahead means preventing disease as well as treating it, and we aim to impact the health of 2.5 billion people around the world in the next 10 years.

Our success absolutely depends on our people. While getting ahead of disease together is about our ambition for patients and shareholders, it\xe2\x80\x99s also about making GSK a place where people can thrive. We want GSK to be a place where people feel inspired, encouraged and challenged to be the best they can be. A place where they can be themselves \xe2\x80\x93 feeling welcome, valued and included. Where they can keep growing and look after their wellbeing. So, if you share our ambition, join us at this exciting moment in our journey to get Ahead Together.

We have a fantastic opportunity for a Manager of Global HR Digital, Privacy and Cyber (DPC) Security to join the international specialist HR DPC team. This role will be based in the GCC and will report to the Global Director of HR Digital, Privacy and Cyber Security.

Job Purpose

The purpose of the role is to assist in the execution of an effective DPC management culture across all the HR Function globally building the capabilities for values-based decision making and to ensure that HR global teams deliver their strategies and objectives with appropriate tools and knowledge to manage related risks as they arise. Additionally, this job will support and improve the internal ways of working to ensure best in class work processes and reporting.

Strategic Scope

You will be an active participant in the GSK HR data privacy governance and ensure appropriate privacy controls are in place.

You will actively monitor HR activities to ensure the protection of all employee data across the HR function, driving best in class programmes to ensure global compliance with GSK legislative and regulatory responsibilities.

You will use agile methodologies to make available appropriate tools and technologies to help HR achieve HR privacy compliance in the most effective and efficient ways while ensure compliance to GSK privacy principles as well as local legal and regulatory requirements.

You will support the HR DPC team in quality reporting and governance.

These responsibilities will include but are not limited to:

Assist in Strategy Development, Governance and Oversight

• Support the establishment of the global strategy for digital, privacy and cyber governance requirements as they relate to GSK for all HR employee data.
• Implement workable global operational guidelines to ensure the effective governance and security of HR data.
• Actively participate in and drive the privacy governance framework
• Develop, implement, and produce improved updates for the HR Risk Management and Compliance Board including the development of KRI\xe2\x80\x99s that will drive process change and accountability
• In collaboration with the Global Director of DPC prepare reporting as needed to HR and wider leadership (ARC, ROCC, RMCB, PGB, etc).
• Assist in the mapping of key business stakeholders for privacy, digital and cyber security risk and develop an annual communication and engagement plan.
• Collaborate with the central DPC Legal team to interpret and implement a devolved operating model across HR.

Improve Ways of Working

• Work closely with the Global DPC (Legal) to ensure the roll out of new privacy tools and technologies incorporate HR requirements.
• Adopt and/ or adapt risk-based tools and technologies that can support effective ways of working.
• Develop agile ways of working to ensure all data privacy and cyber security matters are appropriately triaged by the HR DPC team.
• Drive continuous improvement through advocating new business process, automation and an agile methodology
• Develop an effective way to track HR DPC activities including a 12 month look ahead to support the Global Director of DPC in proper resource planning and budgeting.
• Create standardised global processes where appropriate
• Leverage the use of data and analytics tools to improve reporting across the HR function and raise awareness to drive actions to mitigate privacy and cyber security risk.

Subject Matter Expert

• Have a good understanding of all HR data privacy and cyber security requirements and to ask the right questions when in doubt.
• Have confidence to engage with business owners at all levels across the function to proactively identify and provide guidance on the privacy requirements of key projects ensuring their timely delivery.
• Understand and prepare HR for the evolving aspects of technology such as BOTS, AI and Machine Learning on data privacy and the related ethical considerations.
• Understand the importance of risk tolerance and support the discussions as they apply to HR privacy and cyber security.
• Provide privacy support on HR projects and/or processes.

Licence to Operate

• Understand HR\xe2\x80\x99s key Licence to Operate, Compliance & Governance requirements.
• Support the roll out of training and resources across the HR function to create a robust culture of ongoing education, raised awareness and accountability of DPC risk.
• Ensuring that GSK\xe2\x80\x99s IT systems and procedures comply with all relevant data privacy and protection law, regulation, and policy including in relation to the retention and destruction of data.

Why you?

Qualifications:

• Bachelor\xe2\x80\x99s degree or equivalent experience (required).
• Data protection experience (required)
• Agile practitioner (preferred).

Work Experience:

• Basic knowledge of European and UK data privacy and data protection regulation.
• Overall 15+ years out of which 3-5 years\xe2\x80\x99 experience within a compliance, legal, audit and/or risk function.
• Ability to work effectively and sensitively in a highly matrixed organisation across geographies and cultures.
• Proven experience in process improvement at pace.
• Current knowledge of information technology and data management systems required to control data privacy and cyber security risk.
• Well-developed and professional interpersonal skills; ability to interact effectively with people at all levels of the organisation and externally.
• Excellent written and verbal communication skills including the ability to communicate risk management concepts to both technical and non-technical audiences, including CET members
• Strong change and project management skills, including the ability to manage time well, prioritise effectively and handle multiple deadlines.
• Ability to undertake large, long-term projects, develop alternative methods to complete them and implement solutions. Knowledge of Agile methodology preferred.
• Ability to use sound judgement when making majority of decisions.
• Strong problem-solving skills that are pragmatic and which demonstrates understanding of the business.

At GSK we value diversity (Gender, LGBTQ +, PwD etc.) and treat all candidates equally. We aim to create an inclusive workplace where all employees feel engaged, supportive of one another, and know their work makes an important contribution.

#LI-GSK

GSK is a global biopharma company with a special purpose \xe2\x80\x93 to unite science, technology and talent to get ahead of disease together \xe2\x80\x93 so we can positively impact the health of billions of people and deliver stronger, more sustainable shareholder returns \xe2\x80\x93 as an organisation where people can thrive. Getting ahead means preventing disease as well as treating it, and we aim to positively impact the health of 2.5 billion people by the end of 2030.

Our success absolutely depends on our people. While getting ahead of disease together is about our ambition for patients and shareholders, it\xe2\x80\x99s also about making GSK a place where people can thrive. We want GSK to be a workplace where everyone can feel a sense of belonging and thrive as set out in our Equal and Inclusive Treatment of Employees policy. We\xe2\x80\x99re committed to being more proactive at all levels so that our workforce reflects the communities we work and hire in, and our GSK leadership reflects our GSK workforce.

Important notice to Employment businesses/ Agencies

GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK\'s commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.

It has come to our attention that the names of GlaxoSmithKline or GSK or our group companies are being used in connection with bogus job advertisements or through unsolicited emails asking candidates to make some payments for recruitment opportunities and interview. Please be advised that such advertisements and emails are not connected with the GlaxoSmithKline group in any way.

GlaxoSmithKline does not charge any fee whatsoever for recruitment process. Please do not make payments to any individuals / entities in connection with recruitment with any GlaxoSmithKline (or GSK) group company at any worldwide location. Even if they claim that the money is refundable.

If you come across unsolicited email from email addresses not ending in gsk.com or job advertisements which state that you should contact an email address that does not end in \xe2\x80\x9cgsk.com\xe2\x80\x9d, you should disregard the same and inform us by emailing askus@gsk.com, so that we can confirm to you if the job is genuine.

GlaxoSmithKline