Data Privacy and Compliance Manager/Senior Manager (m/f/d)

Be part of our team

• Serve as the primary point of contact for addressing inquiries to the External DPO.
• Develop, implement, and maintain data protection policies across the organization and supporting systems.
• Promote and oversee the implementation of recommendations issued by the External DPO.
• Support data privacy assessments, reviews, and audits to ensure ongoing compliance.

• Establishment, implementation, oversight, and continuous enhancement of the Compliance Management System (CMS).
• Strategic compliance support to Tubulis’ business operations, including global policy development, compliance risk assessments, and compliance monitoring activities, in close collaboration with the Management Board, C-level executives, department heads, and other relevant functions.
• Establishment of compliance governance.
• Design, implementation, and oversight of an effective system for raising concerns, including a whistleblowing mechanism, and ensuring reported concerns are appropriately addressed.
• Development, implementation, and supervision of a comprehensive compliance training program.
• Ongoing compliance monitoring and effectiveness assessments.
• Conduct of internal investigations.

• Managing and overseeing quarterly and ad-hoc risk updates prepared by designated risk owners.
• Facilitate risk identification and validation workshops across the organization.
• Own and maintain the Enterprise Risk Management (ERM) Policy, ensuring its ongoing relevance and effectiveness.
• Assess the effectiveness of risk management processes and ensure compliance with the Tubulis ERM Policy.
• Conduct ongoing review and monitoring of ERM activities to support continuous improvement.

Your mission

• Support all department activities listed above, as needed
• Help overseeing the Tubulis’ data privacy framework
• Ensure smooth and timely communication and pragmatic advice to the other departments, addressing their needs and prioritizing tasks in line with company objectives
• Maintain contacts with the external Data Protection Officer
• Support the Data Privacy Impact Assessments, Legitimate Interest Assessments and other processes
• Support multiple technical tasks, such as department budgeting process, documents retention, training records etc.
• Maintaining respective IT systems and access rights
• Serve as a point of contact for routine compliance and data privacy topics
• Supporting the Head of the Department with any other department activities, as needed

Your profile

• Bachelor’s degree in relevant studies
• 3-5 years of experience in data privacy (ROPA, DPIA, etc.) and healthcare compliance areas
• Understanding of Data Privacy (especially GDPR) and Healthcare Compliance regulations
• Fluent German and English
• Strong work ethics and integrity
• Excellent communication skills
• Advanced understanding of Microsoft Office and other IT systems (preferably, experience of implementation of IT systems in these areas)

• Legal background
  

Why us?

• Impact that matters: Contribute to breakthrough therapies.
• Global mindset: Work in an international, diverse team.
• Grow & thrive: Develop your career in a supportive, fast-moving environment.
• Innovation every day: Push boundaries with cutting-edge science.