We are the global leader in DNA sequencing and array-based technologies improving human health. At Illumina, you can expect to lead change, move fast, and make an impact. Join the journey.
The candidate’s preferred location will be within a commutable distance to our San Diego, CA location. Illumina offers hybrid and remote work arrangements.
Illumina is looking to recruit an experienced Data Protection Officer (DPO) / Privacy Counsel (PC) to provide legal guidance, strategic insights and practical experience to support Illumina’s compliance with global privacy and data protection laws and regulations, and to provide counsel for privacy and data-related client and contractual issues and complex data use issues under HIPAA, GDPR and other privacy regulations. The DPO/PC will monitor compliance and data practices internally to ensure the business and its functions comply with the applicable requirements under the applicable global privacy and data privacy laws and regulations. The DPO/PC will also serve as the primary contact for supervisory authorities and individuals whose data is processed by the organization. The DPO/PC will also assist with a variety of data protection matters arising in a multi-national business environment. The successful candidate is an experienced privacy professional with a proven track record in collaboratively and pragmatically directing privacy and data protection needs and issues for a multi-national company. The DPO/PC has experience in presenting to senior executives and/or outside directors, is a self-starter who successfully works in “virtual” teams and cross-functional working groups and works effectively with Regulators. The DPO/PC is expected to build effective relationships with business unit leaders and other clients, and to partner with Illumina’s global Legal, Compliance and Information Security functions.
Essential Duties and Responsibilities:
In this role, you will work closely with the Legal, Compliance and Information Security functions to develop and monitor policies and procedures applicable to the business and in compliance with global privacy and data privacy laws and regulations. Duties will include:
- Implementing measures and a privacy governance framework to manage data use in compliance with the GDPR and other applicable privacy regulations, including developing templates for data collection, assisting with data mapping, and vendor management reviews.
- Working with key internal stakeholders in the review of projects and related data to ensure compliance with local data privacy laws, and where necessary, complete and advise on privacy impact assessments.
- Serving as the primary point of contact and liaison for the Lead Supervisory Authority and other EEA Data Protection Authorities on all data protection related matters under the GDPR.
- Serving as the primary point of contact for privacy-related queries in the business.
- Managing and conducting ongoing reviews of Illumina’s privacy governance framework.
- Assist in driving cross-functional organizational education of privacy awareness and proactive risk identification and assessment related to privacy as well as other enterprise-wide risk.
- Setting standards and reviewing policies and procedures globally that meet the requirements under the GDPR and any localization requirements in countries of operation.
- Coordinating and conducting data privacy audits.
- Collaborating with the Information Security function(s) to maintain records of all data assets and exports and maintaining a data security incident management plan to ensure timely remediation of incidents including impact assessments, security breach response, complaints, claims or notifications, and responding to subject access requests (SARs).
- Counsel and collaborate with multiple internal clients across Illumina and, where necessary, outside counsel to advise on applicable data privacy law issues.
- Provide counsel related to advanced and cutting-edge data use as well as data mapping, classification, and related data management and governance.
- Collaborate with Illumina’s IT, products and software teams to ensure all systems and procedures comply with all relevant data privacy law, regulation and policy, including in relation to the retention and destruction of data.
- Draft, negotiate, and interpret privacy, security and data use and protection terms in contracts and disclosures, including Data Protection Addendum and Intra Company Agreements, consistent with Illumina’s strategy and goals.
- Assist in maintaining onward data transfer mechanisms such as Privacy Shield, Standard Contractual Clauses and other applicable mechanisms.
- Review issues related to Incident Response, customer security questionnaires and security certifications.
- Develop and review Data Protection Impact Assessments (DPIAs) and other internal privacy and data security assessments.
- Review issues related to local marketing and data analytics initiatives.
- Collaborate with other attorneys in the Legal Department as a leader and subject matter expert.
- Stay abreast of, and communicate clearly to non-lawyers, changes to or developments in privacy and data protection laws and regulations and their impact on business operations.
- Promoting effective work practices, working as a team member, and showing respect for co-workers.
- Law degree from an ABA accredited law school with exceptional academic credentials and a member of a state bar in good standing required
- Hold at least one Data Protection and/or Privacy certification such as, CIPP, CIPT, ISEB, etc., (preferred)
- 10+ years PQE experience required
- Experience with US and EU data privacy laws
- 7+ years’ experience within a compliance, legal, audit and/or risk function, with recent experience in privacy compliance. Global privacy experience in a multi-national company (medical device, pharmaceutical, or healthcare preferred) or a global law firm
- Experience in developing policy and compliance training
- Experience working in a regulated industry
Knowledge, Skills, and Abilities
- Strong knowledge of the GDPR, CCPA and a good understanding of other major privacy frameworks and evolving legislation, security laws, rules and regulations worldwide, as well as industry leading-practices and standards
- Knowledge of information technology and data management systems
- Well-developed and professional interpersonal skills; ability to interact effectively with people at all organizational levels of the company
- Experience of working in a large, global organization
- Ability to work unsupervised, exercise leadership, and influence change
- Excellent writing and presentation skills
- Strong change and project management skills, including the ability to manage time well, prioritize effectively, and handle multiple deadlines
- Ability to undertake large, long-term projects, develop alternative methods to complete them, and implement solutions
- Ability to use independent judgment and discretion when making decisions
- Detail-oriented approach needed to recommend and implement strategic improvements on a range of data privacy and data protection issues
- Ability to handle confidential and sensitive information with the appropriate discretion
- Knowledge of PC applications, including MS Office
- Some domestic and international travel will be required
The statements contained in this position description are not necessarily all-inclusive; additional duties may be assigned, and requirements may vary from time to time.
Concerns regarding COVID-19 continue as positive cases are experienced in the communities in which we operate. Please be aware that, as a condition of employment, Illumina may require proof of COVID vaccination in accordance with local statutory requirements (subject to limited exceptions) beginning November 1, 2021.
At Illumina, we strive to foster a diverse and inclusive workplace by cultivating an environment in which everyone contributes to our mission. Built on a strong foundation, Illumina has always been rooted in openness, collaboration, and seeking alternative views and perspectives to propel innovation in genomics. We are proud to confirm a zero-net gap in pay, regardless of gender, ethnicity, or race. We also have several Employee Resource Groups (ERG) that deliver career development experiences, increase cultural awareness, and demonstrate our collective commitment to diversity and inclusion in the communities we live and work. We are proud to be an equal opportunity employer committed to providing employment opportunity regardless of sex, race, creed, color, gender, religion, marital status, domestic partner status, age, national origin or ancestry, physical or mental disability, medical condition, sexual orientation, pregnancy, military or veteran status, citizenship status, and genetic information. If you require accommodation to complete the application or interview process, please contact firstname.lastname@example.org. To learn more, visit: https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf