Lead Privacy Program Manager

Help us change lives

At Exact Sciences, we're helpingchange how the world prevents, detects and guides treatment for cancer. We give patients and clinicians the clarity needed to make confident decisions when they matter most. Join our team to find a purpose-driven career, an inclusive culture, and robust benefits to support your life while you're working to help others.

Position Overview

The Lead Privacy Program Manager will play a crucial role in supporting and managing the global privacy program. This individual will lead the Global Privacy Officer's certification program and support the development of a monitoring and auditing function in coordination with the Compliance function. Additionally, the incumbent will provide ad-hoc support to the privacy incident investigation function. As a key member of the Global Privacy Office, the individual will provide guidance on data privacy matters, ensuring compliance with privacy laws and Company policy and contributing to privacy program goals and initiatives. This role requires comprehensive knowledge of privacy regulations, certification frameworks and experience in managing privacy programs, ideally in the life sciences sector or from a regulatory body. This position will be Madison, WI, or Remote.

Essential Duties

Include but are not limited to the following:

• Lead the Global Privacy Office's certification program (including ISO 27701 and HITRUST), including project management, remediation tracking and monitoring adherence to requirements and supporting audit processes.
• Provide back-up support privacy investigations, including identification of root cause and leading corrective actions.
• Lead development of a monitoring and auditing program to monitor the effectiveness of data protection policies, processes, and controls.
• Identify potential risks or gaps in the privacy program and proactively suggest and implement innovative solutions for continuous process and systems improvement.
• Maintain Exact Sciences' record of processing activities (RPA).
• Report key privacy metrics to senior leadership, providing insights on compliance status and areas of improvement.
• Provide expertise in addressing data protection issues across multiple jurisdictions, ensuring compliance with regional and international regulations.
• Champion a 'privacy first' approach to the design and development of products, services, and internal initiatives, offering guidance and best practices to internal teams.
• Develop and sustain strong relationships with cross-functional teams, including HR, IT, Information Security, Marketing, Finance, Medical Affairs and Commercial to align privacy initiatives with business goals.
• Ability to effectively convey complex privacy concepts and help translate them into actionable policies and training for both technical and non-technical audiences, facilitating understanding and compliance across the organization.
• Stay current and informed about new technologies, security systems, and privacy risks, with a particular interest in emerging technologies, AI and their implications for data privacy.

Skills

• Leadership & Influence: Strong ability to lead initiatives and influence without direct authority, creating a privacy-focused culture within the organization.
• Cross-Functional Collaboration: Skilled at working in cross-functional, multicultural teams, fostering a collaborative team environment.
• Analytical Problem-Solving: Ability to analyze business processes, identify privacy risks, and design controls to mitigate these risks. Proven track-record of having a solutions mindset
• Adaptability: Eagerness to learn and ability to new areas of privacy and compliance as the regulatory landscape evolves.
• Effective Communication: Strong written, verbal, and presentation communication skills; ability to simplify complex privacy concepts for diverse audiences, including senior executives. Ability to respond to questions from internal colleagues with clear, timely, and accurate guidance while also educating on 'the why' behind the guidance.
• Project Management Excellence: Proven ability to independently manage multiple projects, prioritize tasks, and meet deadlines while ensuring quality outcomes while adhering to both budgets and timelines.
• Technology & Systems Proficiency: Knowledge of privacy management tools (e.g., OneTrust) and strong Microsoft Office skills.
• Attention to Detail: High attention to detail in handling privacy compliance matters, with a strong commitment to accuracy.
• Uphold company mission and values through accountability, innovation, integrity, quality, and teamwork.
• Regular and reliable attendance.
• Ability to work designated schedule.
• Ability to work nights and/or weekends within legal limits.
• Ability to work on a mobile device, tablet, or in front of a computer screen and/or perform typing for approximately 90% of a typical working day.
• Ability to spend long periods of time concentrating and/or analyzing data.
• Ability to travel 15% of the working time away from the work location, including overnight/weekend travel.

Minimum Qualifications

• Bachelor's degree or 5 years or more equivalent experience in privacy, internal audit, security, law, or a related field.
• 5+ years of professional experience in privacy, internal audit, security, compliance, or legal roles, preferably within the life sciences, medical device, or healthcare industry.
• CIPP or Certification in controls auditing frameworks (e.g., ISAACA) required.
• Experience supporting ISO, HITRUST, or similar certification processes.
• In-depth knowledge of US, GDPR, UK GDPR, FADP, and APPI (Japan) privacy regulations with demonstrated ability to navigate complex regulatory environment.
• Proven leadership skills to promote a culture of compliance.
• Experience working within a multinational organization.
• Familiarity with privacy laws impacting medical devices and laboratory compliance.
• Proficient in Microsoft Office.
• Demonstrated ability to perform the Essential Duties of the position with or without accommodation.

Preferred Qualifications

• Experience with IT systems and platforms used for privacy management.

Salary Range:

Exact Sciences is proud to offer an employee experience that includes paid time off (including days for vacation, holidays, volunteering, and personal time), paid leave for parents and caregivers, a retirement savings plan, wellness support, and health benefits including medical, prescription drug, dental, and vision coverage. Learn more about our benefits.

Our success relies on the experiences and perspectives of a diverse team, and Exact Sciences fosters a culture where all employees can develop personally and professionally with a sense of respect and belonging. If you require an accommodation, please contact us here.

Not ready to apply? Join our Talent Community to stay updated on the latest news and opportunities at Exact Sciences.

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to age, color, creed, disability, gender identity, national origin, protected veteran status, race, religion, sex, sexual orientation, and any other status protected by applicable local, state, or federal law. Any applicant or employee may request to view applicable portions of the company's affirmative action program.

To view the Right to Work, E-Verify Employer, and Pay Transparency notices and Federal, Federal Contractor, and State employment law posters, visit our compliance hub. The documents summarize important details of the law and provide key points that you have a right to know.