Global Privacy Operations Lead
Neuilly- Sur- Seine, France
About the job
Ready to push the limits of what's possible? Join Sanofi CHC in one of our corporate functions and you can play a vital part in the performance of our entire business while helping to make an impact on millions around the world.
We are a team of strategic business stakeholders who establish the CHC Fit-for-Purpose EBI Program to address CHC business needs and ethics, compliance and privacy risks and who drive cultural transformation enabling fast ethical decision-making and accountability.
Our mission is to enable Sanofi Consumer Healthcare to respond to consumers and society's expectations for an ethical and compliant business conduct and be recognized as a strongly ethical business.
Want more jobs like this?
Get Business Operations jobs in Guéret, France delivered to your inbox every week.
To successfully accomplish our mission, we demonstrate the following mindset and behaviours: we are strategic business owners, proactive, innovators, externally focused, impact based, role models and value creation center.
The Sanofi CHC's Data Privacy Team consists of a Global Data Privacy Officer, a network of Regional Privacy Officers ('RPO') with regional oversight, and a Global Privacy Office with global oversight. While the main responsibility of a RPO is to support Sanofi CHC initiative and ensure the implementation of appropriate data protection measures and controls at local level, the Global Privacy Office responsibility is three-folded and includes:
- developing, maintaining and overseeing the overall functioning of the Sanofi CHC's Privacy Management System (policies, guideline, standards, tools, procedures, self-help and training resources);
- serving as a shared support services team for the network of RPOs;
- providing day-to-day support to other Sanofi CHC functions in respect to their global initiatives.
The Global Privacy Operations Lead sits within the Global Privacy Office of CHC Data Privacy Team and focuses on overseeing global privacy initiatives, ensuring compliance with international data protection laws, coordinating incident response and breach management, and optimizing privacy operations for efficiency and effectiveness.
Main responsibilities:
In your capacity of Global Privacy Operations Lead you will be responsible for:
- overseeing and coordinating activities concerning day to day privacy operations, including but not limited to:
- the maintenance of records of processing activities,
- the handling of assessment, investigations and notification of data breaches,
- the handling of data subject requests,
- the setup and maintenance of privacy management tools,
- the maintenance and update of a dashboard of data privacy indicators,
- optimizing privacy operations workflows for better efficiency and effectiveness,
- leading global privacy initiatives assigned to you by the Global Data Privacy Officer,
- conducting privacy risk assessments (PIAs, DPIAs, TIAs, LIAs, etc.)
- monitoring and analysing changes in data protection laws and regulations, and communicating updates to relevant stakeholders,
- collaborating with cross-functional teams to implement consistent privacy policies or standards,
- developing and delivering privacy training programs,
- conducting or participating in audits and assessments to evaluate compliance with privacy regulations and policies,
On top of this, you will play a pivotal role in managing the relationship with the company's leading privacy authority, the CNIL, ensuring timely and appropriate interactions in various situations including but not limited to consultations, audits, inspections, handling of inquiries or complaints, declarations of conformity, notifications or disclosures.
The role will be based in Paris and does not have direct supervisory responsibilities.
About you
- Experience in global data privacy roles roles in international companies. Previous experience in FMCG, HealthCare or AdTech companies is a plus;
- expertise in data protection laws and practices including an in-depth understanding of the GDPR and other relevant laws such as the LGPD, CPRA and PIPL
- understanding of information security principles and practices, information risk analysis, and risk management.
- good knowledge of MS Excel, MS PowerPoint, MS Word,
- practical knowledge of OneTrust or other equivalent tools,
- knowledge of MS Forms and PowerAutomate is a plus.
Education:
- university degree, preferably in law or information technology. Open to other technical backgrounds that can show deep understanding and robust track record on data protection laws and regulations,
- privacy certification preferred (e.g., CIPP/E and/or CIPM).
Soft skills:
- self-starter, well organized, with the ability to thrive in a fast-paced collaborative work environment and manage numerous projects simultaneously under deadline pressure,
- a high-level of intellectual, professional, and interpersonal agility and flexibility, combined with strong analytical and problem-solving skills,
- communication, empathic and influencing skills; must be able to succinctly summarize and present complex concepts to business partners,
- able to work autonomously and cross-functionally within a matrixed team,
- sound judgement and ability to analyse situations and information to propose pragmatic solutions,
- creative thinker who is ready and willing to lead with high ethical standards an organization through change,
- adaptability to embrace a dynamic and diverse working environment.
Languages:
- Fluent in English
- professional proficiency in other languages is a plus.
Why Choose us?
- Bring the miracles of science to life alongside a supportive, future-focused team.
- Discover endless opportunities to grow your talent and drive your career, whether it's through a promotion or lateral move, at home or internationally.
- Enjoy a thoughtful, well-crafted rewards package that recognizes your contribution and amplifies your impact.
- Take good care of yourself and your family, with a wide range of health and wellbeing benefits including high-quality healthcare