Chief Privacy Officer, Senior Associate General Counsel

Job Description

Gilead Sciences, Inc. is a research-based biopharmaceutical company founded in 1987. Together we deliver life-saving therapies to patients in need. With the commitment and drive you bring to the workplace every day, you will be part of a team that is changing the world and helping millions of people live healthier, more fulfilling lives. Our worldwide staff is a close community where you can see the tangible results of your contributions, where every individual matters, and everyone has a chance to enhance their skills through ongoing development. Our scientific focus has resulted in marketed products that are benefiting hundreds of thousands of people, a pipeline of late-stage drug candidates, and unmatched patient access programs to ensure medications are available to those who could otherwise not afford them. By joining Gilead, you will further our mission to address unmet medical needs and improve life by advancing the care of patients with life-threatening diseases.

Chief Privacy Officer, Senior Associate General Counsel

Specific Responsibilities and Skills

The Chief Privacy Officer (CPO) leads a team of lawyers and legal service professionals and oversees the Company’s Privacy, Cybersecurity, and Information Governance group. The CPO leads the organization’s global privacy program, including but not limited to, daily operations of the program, implementation, maintenance of policies and procedures, monitoring program compliance, training, and executive/Board interactions. The CPO manages a team responsible for advising on data protection and privacy laws and regulations affecting business activities globally including in relation to clinical trials, Commercialization of our products, employee matters and other aspects of the business. The CPO is expected to stay abreast of developments and trends in data protection and privacy laws and regulations, and to help lead company engagement with government and industry groups on data protection and privacy issues. The CPO also provides legal support for cybersecurity matters, and executes our information governance program. The CPO sits within the Legal function reporting to the SVP Legal, Chief Compliance Officer.

Responsibilities include, but are not limited to:

  • Provide strategic direction to the organization regarding existing and emerging local and global privacy and data protection laws
  • Counsel on business initiatives and develop innovative approaches and creative solutions to compliantly enable the business.
  • Lead the development, implementation, and maintenance of a comprehensive privacy program in accordance with applicable laws to enable consistent, effective data privacy practices, to minimize privacy risk and to ensure the confidentiality of personal data.
  • Develop and implement training to foster awareness of data privacy requirements.
  • Counsel on investigations involving reports of inappropriate or unauthorized access, loss or disclosure of personal data.
  • Monitor privacy trends in data protection and privacy laws and regulations (e.g., evolving guidance out of the EU, California Privacy Rights Act, CAN-SPAM and e-privacy developments). Anticipate, develop and implement strategies to shape the external privacy landscape to enable the company to advance its mission in support of the research and development of innovative medicines and personalized health care.
  • Collaborate with Gilead’s Chief Information Security Officer to evaluate potential cyber threats and the associated legal risk, and evaluate and improve upon process for receiving, documenting, investigating and reporting unauthorized access or disclosure of personal and company confidential information.
  • Regularly assess the effectiveness of our privacy program, perform periodic privacy risk assessments, and develop compliance strategies to address emerging risks.
  • Counsel Commercial business units, Information Technology (IT), Human Resources, Data Science, the Chief Compliance Officer and other individuals with privacy and data handling responsibilities in the organization to help set strategy and manage complex privacy matters involving systems, and data handling and processing activities.
  • Serve as a resource to Gilead’s contracting functions to ensure successful negotiation of data privacy related contract terms in its operational agreements across a wide spectrum of vendors typical to the biopharma industry
  • Coordinate with the appropriate regulating bodies with respect to breach notification, investigations, and inquiries as needed.
  • Work with IT Security to manage procedures for vetting and auditing vendors for compliance with the privacy and data security policies and legal requirements.
  • Provide guidance to business partners in Research, Clinical, and Data Science regarding appropriate legal basis and use of clinical trial data involving and other internal or external data handling, with particular focus on machine learning and advanced data analytics.
  • Oversee Gilead’s global information governance program, including developing policies, maintaining and updating the global retention schedule, disposal of information, and management of offsite storage and records.
  • Provide guidance to IT and business units regarding implementation of new systems and tools to managing the information lifecycle on those systems.
  • Advise IT regarding commissioning and decommissioning of enterprise systems, including migration and disposition of information.



  • JD degree and U.S. state bar membership in good standing
  • At least 14 years of experience as a practicing attorney, in-house and/or at a law firm (required). At least five years of direct, hands-on experience providing legal counseling on data protection and privacy issues to biotechnology and/or pharmaceutical companies (preferred).
  • CIPP certification preferred
  • The successful candidate will be a subject matter expert on requirements of data protection and privacy that affect the business activities of research-based biotechnology and pharmaceutical companies, including scientific research involving patient-derived data, clinical trials, patient support services, digital health information, intra- and inter-company business transactions, sales and marketing;
  • Demonstrated excellent leadership ability and experience as a people manager, business acumen, and communication skills
  • Experience working with senior-level stakeholders and cross-functional teams, and achieving results through influence and collaboration
  • Comprehensive understanding of global data protection statutes, regulations and guidance is required, Relationships with other privacy experts in the biotechnology and pharmaceutical industry is a plus, as well as experience working with government data protection authorities.
  • Results oriented, proactive, responsible and pragmatic with a passion to solve complex problems in creative, efficient and cost-effective way and to translate global compliance environments into actionable policies, processes and programs that enable business objectives.

As an equal opportunity employer, Gilead Sciences Inc. is committed to a diverse workforce. In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veterans’ Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact for assistance. For more information about equal employment opportunity protections, please view the EEO is the Law poster

More Information

Apply for this job

Leave your thoughts

Share this job