Graduate Intern - Cyber Security Compliance Analyst
- Sant Cugat del Vallès, Barcelona
- Prácticas
- Tiempo completo
Develop an agile and sustainable operating business model to deploy security concepts that enable confident healthcare decisions.
Institutionalize security role models to provide guidance, education and awareness to maximize the security of Roche Diagnostics solutions and create trust along the patients journeys.The OpportunityCoordinate and manage product security and privacy compliance activities.Author new or updated policies and procedures for internal partner and stakeholder input.Create and maintain security and privacy relevant documentation in response to legal and regulatory requirements (e.g. HIPAA, GDPR, etc.), manages the documentation and related intranet repositories.Prepare and deliver communication and training to educate Roche teams on the evolving compliance landscape and new or updated policies and related changesSupport Roche Sales, product teams and IT groups, legal and other appropriate parties to address customer questions and needs regarding Roche’s products to ensure customer confidence in data security (e.g. by reviewing contract templates and contributing with architecture specific security and privacy language, supporting completion of customers’ security questionnaires, etc.).Where observed, escalate actual or potential compliance violations or other issues to relevant colleagues or management, according to local, regional and/or global policies and procedures.Manage and performs activities related to preparation, execution and remediation of internal and external compliance auditsMaintain IT internal controls ensuring that they are designed and operating effectively to meet compliance requirements for in-scope applications.Establish and promote business compliance implementation process, and ensure the risk convergence and privacy protection technology for business scenarios;Understand cybersecurity concepts and be able to communicate it to users that do not come from a security background.Review of key processing activities, data protection impact assessments (DPIA’s), data processing agreements, data retention, data deletion approach, training records, etc.Program HighlightsIntensive 1 year intern graduate program (Contrato en practicas).Competitive salary and benefits package.Program start dates are in September.Location in Sant Cugat del Valles, On SiteAccess to training and development opportunities.Work with some of the most talented people in the biotechnology industry.Who You Are (Required)Must have graduated from a University degree program.Must have attained a Bachelor's degree.1+ years cybersecurity and/or privacy program management experience and exposure to large-scale systems in fast-paced environment.Audit and/or compliance related roles experience in multinational environments.Experience in using data and metrics to define business strategy and gain executive support for new visions.Preferable related experience in the healthcare, diagnostics, and / or pharmaceutical industry, preferred.Knowledge of HIPAA, GDPR, and other privacy relevant legislation and regulationsExcellent Verbal/Written communication & data presentation skills, proved ability to effectively communicate with both business and technical teams.Ability to work in and with globally distributed and multi-cultural teams.Best in class attitude; challenge status constructively and contribute to improvements; results oriented; ability to influence; solution oriented mindset.Required majors: Information security, computer, communication, or related field.Preferred Qualifications:Graduated from a Master's degree is a plus.Experience working in a Software Development environment.Valuable certifications: ISO 27001 Lead Auditor, CISA, CISM, CISSP, GIAC, OSCP, SSCP or equivalent certificationProven ability to influence change at all levels within an organizationExpert planner with business process definition experience and a strong IT aptitudeKnowledge of Product Development Life Cycles (PDLC)Working knowledge or willingness to quickly learn the content and requirements of various laws, regulations, industry guidance, and company compliance policies, particularly related to privacy, data disclosure, and cybersecurityDemonstrate data analytical skills, creativity, and experience working with attention to detailExperience maintaining open, candid, and trusting work relationshipsAbility to “Zoom Out” (see the big picture and give strategic direction) as well as to "Zoom in” (to provide more granularity when exchanging with a wide range of experts.Strong business acumen; sensitive to business needs; view change as an opportunity; eager to work in a fast-paced environment.Strong organizational skills and ability to prioritize and manage multiple projects simultaneously.This opportunity is part of the START TECH program, You can find more information about the
program at the following link:Who we areA healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.Let’s build a healthier future, together.Roche is an Equal Opportunity Employer.