Senior Privacy Engineer (Associate Director/Director level) at Vertex in Boston, MA

Save or bookmark jobs as you go and access them anytime later with your account.



Job Description:

We are seeking a seasoned privacy IT specialist to join our Information Security team at the company's world headquarters in Boston, MA, within our Global Information Services group. We engage proactively with our business colleagues to truly understand them and to deliver results for our company and for patients. If you thrive in a fast-paced, hands-on, and team-oriented environment where you can have a big impact on the organization, we'd love to talk to you!

Job Summary
The individual in this position will represent the Privacy Office within the Global Information Services ("GIS") group, translating policy and privacy standards into requirements within our IT environments. This role will be responsible for advising the company on Privacy by Design with respect to all information systems and practices, acting as the technical subject matter expert on all elements related to data privacy protection and risk mitigation, within the world of GIS. As part of this role, this individual will work with colleagues across GIS on building data protection principles into the implementation of new projects and initiatives as well as the development of compliant systems and processes. Sitting within the Information Security group, this role will help drive Vertex's information security strategy and Target State Vision, with the necessary principles and capabilities to make Privacy by Design a common practice. It's a small and growing team where you'll get experience working on a broad range of projects.

This position is a global role reporting to the Information Security Officer with a dotted line to the Chief Privacy Officer, and will be based in Vertex's global headquarters in Boston, Massachusetts.

Key Responsibilities
  • Driving the IT Data Privacy Target State Vision.
  • Partnering with GIS and business owners to provide advisory and consulting services around data privacy and associate risk mitigation;
  • Assessing current software and systems for compliance with data protection principles and recommending changes and new technologies to help mitigate privacy vulnerabilities and prevent potential future privacy risks;
  • Defining and implementing risk-based solutions to ensure Privacy by Design is adequately embedded in IT projects and systems across the company, including through the development and training of Security Champions to help drive toward compliant design;
  • Maturing enterprise-wide information lifecycle management strategy and governance process to identify, classify and protect personal data over its lifecycle;
  • Serving as the "go to" person for business stakeholders to help them implement advice from the Privacy Office;
  • Working with others on the Information Security team, as well as the Privacy Office, to assess and revise vendor management processes to ensure that vendors are appropriately vetted prior to engagement;
  • Assisting the Information Security Officer with IT training and awareness campaigns, particularly with a focus on data protection initiatives, including managing anti-phishing campaign;
  • Facilitating and, working with the Privacy Office, responding to requests from data subjects to exercise their rights;
  • Providing forensics and management from the IT perspective of any suspected personal data incidents, working with the Privacy Office;
  • Participating in Privacy Office team meetings, representing GIS;
  • Advising on data anonymization, pseudonimization and encryption techniques to develop systems that preserve and improve privacy protections;
  • Overseeing asset inventories to meet GDPR and other regulatory requirements; and
  • Working with Privacy Office and Internal Audit function to conduct regular privacy assessments of operational processes, identifying, and mitigating risks across the company.



  • BS or MS degree in computer science, computer engineering, information systems, privacy engineering or related field of study
  • 5 years' experience in privacy / data protection or a graduate degree or concentration in privacy engineering
  • Certified Information Privacy Technologist (CIPT) certification is preferred

  • Understanding of best practices in data handling and privacy by design
  • Knowledge of data anonymization and cryptographic techniques
  • Familiarity with relevant data protection regulatory requirements
  • Experience in incident response
  • Demonstrated working knowledge of software engineering fundamentals
  • Data literacy and forensics
  • Attention to detail and accuracy
  • Ability to prioritize and complete daily workload and projects with minimal supervision
  • Demonstrated teamwork and collaboration skills
  • Highly motivated to contribute and grow within a complex area of emerging importance

Similar Jobs

See All »

Other Jobs at Vertex

See All »