IT Security Manager

España, Cataluña, Barcelona

The R&D & Digital department’s goal is to build the world's leading digital ecosystems for diabetes management that enable the connection of the various stakeholders, including physicians, clinics, nurses, payers and patients.

The BU will be shaping the digitalization of Diabetes Care unit, offering to specific customer segments solutions and products to better manage diabetes.

Job Purpose:

- To ensure adherence to privacy / security standards for Roche Diabetes Care’s IT solution portfolio and IT landscape.

- Translates legal requirements into workable security solutions that are in line with advice rendered by Legal Department.

- Support the in-country businesses to develop, revise, refine and implement policies, processes, and technical controls to support the data security and privacy strategy that ensures compliance with applicable data privacy laws around the globe.

- Ensure that the Roche Diabetes Care IT department are fully compliant with GDPR

- Liaises with Legal counsel and advises the Group’s IT department in relation to IT and data security issues. Raises awareness of security in-country, and ensures that management and third party data processors are informed of their obligations pursuant to the local laws.

- Maintains documentation on training provided to employees, advice given to management, and the outcome and subsequent actions relating to audits and assessments.

- Coordinate and report on the remediation progress of all Data Security compliance findings.

Description

- Responsible for ensuring adherence to privacy / security standards for Roche Diabetes Care’s IT solution portfolio and IT landscape.

- Leads and assists with activities to assess security and privacy risks,  define mitigations, ensure execution in order to fulfill objectives in accordance with business strategy.

- Liaises with Legal counsel in relation to IT and data security issues

- Liaises with Roche Group IT Security & Privacy Governance to align processes and fulfillment of IT Security assessments.

- Maintain working knowledge and understanding of privacy laws and guidelines

- Translates legal requirements into workable security solutions.

- Develops, revises and implements policies, processes and technical controls to support the data security and privacy strategy.

- Manages a team of consultants  to fulfill the above-descripted missions