Key Responsibilities:

• Owns and maintains the "US Bulk Data Guideline" and associated documentation, conducting regular assessments with Legal, Data Privacy, and other stakeholders to ensure continued adequacy.

• Ensures consistent application of principles outlined in the Executive Order across Novartis' enterprise, including both external data sharing arrangements and internal data flows. 

• Conducts risk assessments of global activities related to sensitive U.S. bulk data to ensure compliance, mitigate risks, and implement effective controls. 

• Govern the definition, assessment and testing of internal controls, and manages their operationalization to mitigate exposure to regulatory violations. 

• Chairs the US Bulk Data governance board, driving alignment on developments, requirements, and escalations, while monitoring and certifying the effectiveness of controls and compliance measures.

• Facilitates cross-functional engagement with stakeholders (Legal, EDM, ISC, Procurement, etc.) to embed and sustain compliance around sensitive data access and handling, and to ensure monitoring relevant data export control regulations

• Addresses escalations and provides guidance on adherence to compliance requirements. Ensures compliance with data retention, record-keeping, and reporting obligations, including timely reporting of breaches

• Develops and delivers employee training programs on handling sensitive U.S. bulk data, emphasizing principles, responsibilities, and regulatory requirements.

• Investigates reported or suspected breaches of the US Bulk Data Guideline, ensures remedial actions are taken, and drives compliance with corrective measures.

• Collaborates with Enterprise Data Owners (EDOs), Procurement, Legal, ISC, business owners, and others to operationalize compliance guidelines and embed principles at the enterprise level.

Essential Requirements:

• Bachelor’s degree in Business Administration, Law, Risk Management, Data Privacy, or a related field.

• Minimum of 8 years of experience in ethics, compliance, risk management, or data governance roles, preferably in a multinational or regulated environment.

• Strong understanding of global data privacy regulations and frameworks (e.g., Executive Orders, cross-border data compliance).

• Proven ability to lead cross-functional teams and manage compliance initiatives across enterprise-level organizations.

• Exceptional ability to assess risks, investigate issues, communicate findings clearly, and influence decision-making across stakeholders.

• Proven experience in managing sensitive personal data, government-related data frameworks, or data governance processes

• Demonstrated ability to identify, assess, and mitigate risks in data handling and external partner engagements.

• Experience in drafting, implementing, and managing compliance policies, guidelines, and frameworks at the enterprise level.

• Experience designing and implementing training programs for employees and external partners regarding compliance and governance standards.

You’ll receive (Applicable for Prague)

Monthly pension contribution matching your individual contribution up to 3% of your gross monthly base salary; Risk Life Insurance (full cost covered by Novartis); 5-week holiday per year; (1 week above the Labour Law requirement) ; 4 paid sick days within one calendar year in case of absence due to sickness without a medical sickness report; Cafeteria employee benefit program – choice of benefits from Benefit Plus Cafeteria in the amount of 17,500 CZK per year; Meal vouchers in amount of 105 CZK for each working day (full tax covered by company); Car Allowance; MultiSport Card, Employee Share Purchase Plan. Find out more about Novartis Business Services: https://www.novartis.cz/

Accessibility and accommodation:

Novartis is committed to working with and providing reasonable accommodation to all individuals. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the recruitment process, or in any order to receive more detailed information about essential functions of a position, please send an e-mail to inclusion.switzerland@novartis.com and let us know the nature of your request and your contact information. Please include the job requisition number in your message.