Privacy Lead – R&D / Chief Patient Office (CPO)
GlaxoSmithKline · 2 Locations
Job description
Business Introduction At GSK, we have bold ambitions for patients, aiming to positively impact the health of 2.5 billion people by the end of the decade. Our R&D focuses on discovering and delivering vaccines and medicines, combining our understanding of the immune system with cutting-edge technology to transform people’s lives. GSK fosters a culture ambitious for patients, accountable for impact, and committed to doing the right thing, making sure that we focus our efforts on accelerating significant assets that meet patients’ needs and have the highest probability of success. We’re uniting science, technology, and talent to get ahead of disease together. Find out more: Our approach to R&D Role PurposeThe Privacy Lead will serve as a trusted privacy advisor supporting Research & Development (R&D) and the Chief Patient Office (CPO) in embedding privacy-by-design across research, clinical development, patient-focused activities, and emerging digital capabilities. Working in partnership with Legal, the Data Protection Office, Information Security, Data Governance, business process owners, and external stakeholders, the Privacy Lead will help ensure personal data is managed responsibly, ethically, and in accordance with applicable regulatory requirements. This highly collaborative role requires strong influencing skills, sound judgment, and the ability to translate privacy requirements into practical, risk-based solutions that enable scientific innovation while maintaining patient and participant trust. Key ResponsibilitiesPrivacy Leadership & AdvisorySupport the R&D and CPO privacy strategy and contribute to the continued advancement of privacy-by-design principles across research and patient-focused activities. Provide privacy guidance and subject matter expertise to cross-functional teams involved in clinical research, real-world evidence, digital health, AI-enabled initiatives, and patient engagement activities. Partner with business leaders to identify privacy considerations early in project planning and operational execution. Promote a culture of responsible data use and privacy awareness across R&D and CPO. Risk Management & GovernanceLead and manage privacy impact assessments, privacy risk assessments, and related governance activities for processes involving personal data. Maintain oversight of privacy-related data inventories and records supporting regulatory compliance. Track privacy risks, develop mitigation strategies, and support reporting to relevant governance forums. Collaborate with stakeholders to drive continuous improvement in privacy controls, practices, and processes. Compliance & Regulatory SupportAdvise teams on the lawful, ethical, and responsible use of personal data across clinical trials, observational research, real-world studies, and digital health initiatives. Support interpretation and implementation of privacy requirements under UK GDPR, EU GDPR, US Data Protect and cross boarder data transfer and other relevant global privacy frameworks. Coordinate privacy-related responses to incidents, individual right request, audits, inspections, inquiries, and regulatory requests in partnership with Legal, Security, and Privacy Office colleagues. Support governance activities associated with the use and reuse of human biological samples and other sensitive research data. Stakeholder Engagement & Capability BuildingBuild strong partnerships across R&D, CPO, Legal, Information Security, Risk, Compliance, and external partners. Develop and deliver privacy training, communications, and awareness initiatives. Influence stakeholders at all levels through clear communication and practical problem solving. Support privacy capability development across the organization through coaching, education, and knowledge sharing. Why You? Basic Qualification We are seeking professionals with the following required skills and qualifications to help us achieve our goals: Bachelor's degree in Law, Information Governance, Privacy, Computer Science, Life Sciences, or related discipline; or equivalent experience. Significant experience in privacy, data protection, information governance, compliance, or related disciplines. Experience conducting privacy impact assessments and privacy risk assessments. Working knowledge of UK GDPR, EU GDPR, , US Data Protect and cross boarder data transfer and privacy principles applicable to highly regulated environments. Experience influencing stakeholders across a complex matrix organization. Strong written, verbal, and presentation skills with the ability to explain complex concepts to non-specialist audiences. Preferred Qualification If you have the following characteristics, it would be a plus Professional privacy certification such as CIPP/E, CIPM, CIPT, or equivalent. Experience within pharmaceutical, biotechnology, healthcare, clinical research, or other regulated industries. Familiarity with global privacy regulations beyond UK/EU GDPR, US Data Protection including cross-border data transfer requirements. Experience supporting AI, advanced analytics, digital health, or innovative data-driven initiatives. Knowledge of governance processes related to clinical trials, real-world evidence, and human biological samples. Experience managing privacy incidents, individual rights requests, or regulatory interactions. Experience building communities of practice or leading cross-functional privacy initiatives without direct management responsibility. Working pattern This role is hybrid. You will be expected to work on-site in the UK office for part of the week, with flexibility agreed with your manager. How to apply We want to hear from you. Please submit your CV and a short note explaining why this role matters to you and how your experience matches the role. We welcome applicants from people with varied backgrounds and lived experiences. Apply now to join us in protecting patient privacy while advancing research. Belgium Salary Range / Fourchette salariale – Belgique: EUR 109,500 to EUR 182,500The annual gross base salary range for new hires in this position is listed above for each applicable location. These ranges take into account a number of factors including the candidate’s skills, experience, education level and the market rate for the role. In addition, this position may offer an annual bonus and eligibility to participate in our share based long term incentive program which is dependent on the level of the role. More detailed information on the total benefits package will be supplied during the recruitment process. This role is available for applicants from multiple locations, and therefore salary ranges for certain locations are also shown. Salary ranges for other locations are shown because some markets have pay transparency laws that require salary information on job postings, and those locations are potential job sites for this role. If salary ranges are not displayed in the job posting for a specific location or country, the relevant compensation will be discussed during the recruitment process. Please note salaries vary by country based on the candidate’s skills, experience, education level and the market rate for the role. Offers are typically made within the advertised range based on the candidate’s skills, experience and qualifications, with the upper end generally reserved for highly experienced candidates or other exceptional circumstances aligned with these criteria. Why GSK? Uniting science, technology and talent to get ahead of disease together. GSK is a global biopharma company with a purpose to unite science, technology and talent to get ahead of disease together. We aim to positively impact the health of 2.5 billion people by the end of the decade, as a successful, growing company where people can thrive. We get ahead of disease by preventing and treating it with innovation in specialty medicines and vaccines. We focus on four therapeutic areas: respiratory, immunology and inflammation
Verified and listed by ActiveJobs. Applications are made directly on GlaxoSmithKline's own career page — we never sit in the middle.