Associate Director, Privacy

Accepting BioReady™: Yes
Category: Legal / Intellectual Property
Education: Master
Employer: Zymeworks Inc.
Location: Vancouver, BC
Posted: October 16, 2020
Closes: November 15, 2020

Zymeworks is a clinical-stage biopharmaceutical company dedicated to the discovery, development and commercialization of next-generation bispecific and multifunctional biotherapeutics.  Zymeworks’ suite of complementary therapeutic platforms and its fully-integrated drug development engine provide the flexibility and compatibility to precisely engineer and develop highly-differentiated product candidates.

This position will be located in Vancouver, BC and Seattle, WA and will report to the Vice President, Legal.

Key Responsibilities: 

  • Participates in the strategic development, long-term direction and continuous improvement of Zymeworks’ company-wide data privacy program.
  • Partners with stakeholders throughout the organization to instill the importance of privacy requirements and safeguards.
  • Serves as a privacy subject matter expert to the organization and provides strategic and practical counsel to internal stakeholders on privacy and data governance principles and requirements.
  • Acts as an escalation point for negotiation, drafting and review of privacy and data processing contract terms.
  • Interfaces with contract research organization (CRO) privacy representatives, external counsel and external privacy vendors on program development and infrastructure.
  • Participates in vendor due diligence assessments to evaluate data privacy risk.
  • Executes program initiatives to ensure that the right privacy controls and processes are documented, adopted and implemented to promote compliance with privacy laws, regulations, policies and procedures.
  • Conducts and provides guidance to stakeholders on privacy impact assessments.
  • Reviews assessments to identify potential privacy-related risks and gaps in compliance.
  • Provides expertise in the management and investigation of privacy incidents or complaints, taking a proactive approach to risk remediation and supporting stakeholders in assessing risks and identifying solutions.
  • Investigates and takes appropriate action with respect to privacy complaints regarding access to personal/confidential information.
  • Monitors relevant privacy and data protection laws and enforcement activities to ensure ongoing compliance, track emerging risks and assist with policy creation and other program materials.
  • Participates in the development, maintenance and delivery of training, education, communication and awareness materials.
  • Drafts and maintains policies, processes and other documentation (e.g., checklists, guidelines, FAQs) to ensure consistent, relevant and up-to-date guidance is available to stakeholders according to operational needs, current laws, industry trends and emerging best practices.
  • Establishes best practices in the inventory and mapping of data flows and business processes.
  • Maintains expertise in areas of applicable global privacy and data protection laws (including GDPR, PIPEDA, ePrivacy Directive, PIPA, CCPA and HIPAA), regulatory guidance and enforcement actions.
  • Contributes to the improvement of standard forms of agreements, alternate language playbooks, and internal resource documents with respect to privacy and data processing matters.
  • Participates in special projects and perform other duties as needed.

Education and Experience:

  • JD degree and a minimum of 8 years’ related experience, preferably including both law firm and in-house experience supporting the privacy functions at a biotechnology/ pharmaceutical company, or an equivalent combination of education and experience.
  • Member in good standing of a Canadian or U.S. state bar (depending on location), preferably the British Columbia or Washington State bar, respectively.
  • Completion of an Information Access and/or Protection of Privacy Certificate Program or other related certifications is an asset ( i.e., CIPP/C, CIPT or CIPM).

Skills and Abilities:

  • Hands on, practical experience in implementing data privacy programs.
  • Demonstrated experience in providing regulatory and policy advice in the areas of data protection and privacy law, particularly within the biotechnology/ pharmaceutical industry.
  • Expert knowledge of data protection and information security laws, rules and regulations in the US and globally, including GDPR, PIPEDA, PIPA, CCPA and HIPAA, as well as industry-leading privacy and data protection practices and standards.
  • Knowledge of and experience with data security, data breach and data loss prevention processes, tools and statutes.
  • Experience with FDA regulatory issues related to data security and privacy, including government requirements for compliance programs, preferred.
  • Able to translate complex rules and regulations into straightforward requirements that are easily understood by stakeholders.
  • Experience and interest in gaining a detailed understanding of how data is gathered, where it resides, how it is used.
  • Ability to apply critical thinking to program objectives, evaluate and document the tasks needed to achieve objectives, create actionable workplans and oversee to completion.
  • Comfortable proactively interfacing with stakeholders at all levels.
  • Awareness for escalating issues when appropriate.
  • Efficient, focused and pragmatic, offering quality practical legal advice and strategic solutions.
  • Proven interpersonal skills with the ability to work collaboratively as a member of a cross-functional team. Ability to establish and maintain effective working relationships.
  • Strong leadership skills with the proven ability to manage, develop and empower employees.
  • Excellent organizational skills and the ability to manage competing priorities and concurrent deliverables and work effectively in a challenging, milestone-driven environment.
  • Ability to think and act strategically, anticipate roadblocks and map out next steps.
  • Sound business acumen with a practical, results-oriented management style that can translate innovative, creative strategies and conceptual thinking into action plans.
  • Demonstrated high level of integrity and ethics.
  • Extremely strong written and oral communication and presentation skills.
  • Positive, can-do attitude.

Why Work for Us? 

At Zymeworks, we stand for innovation, integrity, collaboration and care.  

Zymeworks’ employees are passionate, engaged and extremely motivated to succeed.  We are excited by the cutting-edge science and technology, the endless possibilities this union holds and the sheer opportunity to be a part of something big. To learn more about Zymeworks Inc. and our current openings, please visit our website at https://zymeworks.bamboohr.com/jobs/. 

We offer challenging career opportunities, competitive benefits and an environment that recognizes and rewards performance. 

How to Apply 

If you are interested in this challenging opportunity, please apply online at    https://zymeworks.bamboohr.com/jobs/view.php?id=380. Due to the high volume of applicants, only those selected for interviews will be contacted. 

NOTE TO EMPLOYMENT AGENCIES: Zymeworks values our relationships with our Recruitment Partners. We will only accept resumes from those partners whom have been contracted by a member of our Human Resources team to collaborate with us. Zymeworks is not responsible for any fees related to resumes that are unsolicited or are received without contract. 

Apply Now