Associate Director, Privacy

United Kingdom - Uxbridge Legal & Compliance, Regular

At Gilead, we’re creating a healthier world for all people. For more than 35 years, we’ve tackled diseases such as HIV, viral hepatitis, COVID-19, and cancer – working relentlessly to develop therapies that help improve lives and to ensure access to these therapies across the globe. We continue to fight against the world’s biggest health challenges, and our mission requires collaboration, determination and a relentless drive to make a difference.

Every member of Gilead’s team plays a critical role in the discovery and development of life-changing scientific innovations. Our employees are our greatest asset as we work to achieve our bold ambitions, and we’re looking for the next wave of passionate and ambitious people ready to make a direct impact.

We believe every employee deserves a great leader. People leaders are the cornerstone to the employee experience at Gilead and Kite. As a people leader now or in the future, you are the key driver in evolving our culture and creating an environment where every employee feels included, developed and empowered to fulfil their aspirations.

Join Gilead and help create possible, together.

We are seeking an Associate Director, Privacy to support our privacy compliance across Europe, the United Kingdom, Switzerland, Canada, and Australia (ACE) region. This role is a key contributor to the global Privacy & Data Ethics (PDE) team, within the Office of Ethics and Compliance and is a trusted advisor to business and legal stakeholders on privacy compliance, risk management, helping the company meet obligations under privacy laws. The Associate Director reports to the Head of Global Privacy and will work closely with the Data Protection Officer (DPO) and the global privacy team to operationalize compliance, advise on privacy-by-design, and support governance across markets, daily operations of the program, implementation, maintenance of policies and procedures, monitoring program compliance, and training.

Provide expert advice on European data protection and privacy laws, including GDPR, national implementations, and guidance from supervisory authorities.

Partner with the global privacy and legal teams to maintain and enhance privacy compliance frameworks, policies, and procedures.

Advise on data processing agreements, cross-border transfers, and lawful bases for processing.

Manage appropriate privacy notices, consents, and authorization forms.

Support the implementation of privacy impact assessments (PIAs/DPIAs) and records of processing activities (RoPAs).

Manage the process for addressing complaints and requests from data subjects with respect to the enforcement of their rights under applicable laws.

Support breach response, including notification to data subjects, law enforcement and regulators as needed.

Counsel product, marketing, HR, procurement, and technology teams on privacy implications of new initiatives.

Drive privacy-by-design and privacy-by-default principles throughout the organization.

Collaborate with security, compliance, and risk teams on incident response and data breach management.

Support privacy training, awareness, and communication efforts across ACE operations.

Monitor regulatory developments, enforcement trends, and emerging laws (e.g., AI Act, Digital Services Act) and provide practical guidance.

Contribute to internal audits and readiness assessments related to privacy compliance.

Serve as a point of contact for ACE affiliate teams, counsel, privacy champions, and external counsel.

Liaise with the DPO and global privacy office to align regional activities with global strategy.

• Experience advising multinational organizations on privacy compliance, preferably in the technology, healthcare, financial, or digital sectors.
• Knowledge of European and UK privacy laws regulations and best practices.
• Proven track record of project and process development, implementation and project management.
• Strong drafting, analytical, and negotiation skills.
• Demonstrated ability to translate complex legal issues into practical business guidance.
• Excellent communication skills and stakeholder management skills.
• Ability to work independently and demonstrated experience prioritizing conflicting demands from multiple business clients in an extremely fast-paced environment.

It is the policy of Gilead Sciences, Inc. and its subsidiaries and affiliates (collectively “Gilead” or the “Company”) to recruit select and employ the most qualified persons available for positions throughout the Company. Except if otherwise provided by applicable law, all employment actions relating to issues such as compensation, benefits, transfers, layoffs, returns from layoffs, company-sponsored training, education assistance, social and recreational programs are administered on a non-discriminatory basis (i.e. without regard to protected characteristics or prohibited grounds, which may include an individual’s gender, race, color, national origin, ancestry, religion, creed, physical or mental disability, marital status, sexual orientation, medical condition, veteran status, and age, unless such protection is prohibited by federal, state, municipal, provincial, local or other applicable laws). Gilead also prohibits discrimination based on any other characteristics protected by applicable laws.