Immunocore is a leading T Cell Receptor (TCR) biotechnology company focused on delivering first-in-class biological therapies that have the potential to transform the lives of people with serious diseases.
This is a new opportunity that is critical to support Immunocore's move towards commerialisation of its product pipeline. You will be reporting to the IT Compliance Manager and you will be responsible for ensuring the integrity of Immunocore data through process and organisational controls. These include Information Security & Privacy policies, procedures, requirements of 3rd parties and ensuring Information security is embedded into processes.
A key objective of the role will be to ensure that the data in our Scientific Research and Clinical Trials is protected to ensure it’s accurate, legible, contemporaneous, (ALOCA) as required by various regulations.
You will be:
- Responsible for maintaining and improving Immunocore's Information Security & Privacy management program. Devising and updating policies and procedures for customers, employees and data breach incident responses, and ensuring the implementation.
- You will work with procurement, vendor management and the legal department to ensure that third-party suppliers' contracts and operating-level agreements meet international information security and privacy requirements.
- To manage the privacy impact assessment process, in close collaboration with the change management processes and business stakeholders.
- Responsible for continuously monitor the status and effectiveness of privacy controls across service offerings, ensuring that the IT risk log and leading key risk indicators are effectively monitored to prevent an unacceptable impact on business objectives and reputation.
Experience & knowledge
- Proven experience in privacy, data protection, Information Security, risk management, auditing and/or compliance, preferably in the life sciences or pharmaceutical industry.
- Experience working in a heavily regulated and/or audited environment.
- Knowledge of US, EU and international privacy laws, regulations and industry best practices.
- Knowledge of laws and regulations, such as: HIPAA; FDA Title 21 CFR; U.S. (state) breach notification laws; GDPR; EMA Annex 11; SOX; and GXP.
Education & qualifications
Bachelor's degree or higher in business administration, law, finance, accounting, computer science or a related discipline is required or a recognised industry standard privacy qualification.