Job Description

Principal Cybersecurity Analyst, Privacy and Third Party Risk Management

Join to apply for the Principal Cybersecurity Analyst, Privacy and Third Party Risk Management role at Vertex Pharmaceuticals .

Job Description

We are seeking a seasoned technical privacy specialist to join our Information Security and Cyber Resilience team. We engage proactively with our business colleagues to understand their needs and deliver results for our company and patients. If you thrive in a fast-paced, hands-on, team-oriented environment where you can have a big impact, wed love to talk to you!

The individual in this position will support the Data Technology and Engineering (DTE) Privacy Lead within the Cyber Risk Management and Governance team, representing the Privacy Office, translating policy and privacy standards into technical requirements. This role acts as a subject matter expert on data privacy protection and risk mitigation within DTE, configuring integrations between privacy technologies and other information systems, as well as testing cookie consent on Vertexs online properties.

This role involves working with colleagues across DTE to embed data protection and security principles into new projects and systems, supporting Vertexs information security strategy, and promoting Privacy by Design and Security by Design practices. It is a global role reporting to the Cyber Risk Management and Governance Director, with a dotted line to the DTE Privacy Lead, based in Boston, MA, with remote and flexible options.

Key Responsibilities

• Partner with DTE and business owners to advise on information security and data privacy to mitigate risks.
• Assess software, systems, and vendor services for compliance, recommending improvements.
• Implement risk-based solutions to embed Privacy by Design and Security by Design.
• Support vendor management processes for third-party assessments.
• Configure, test, and maintain cookie consent technology across websites and apps.
• Integrate privacy technologies with other systems and assist security teams as needed.
• Assist with training and awareness campaigns on security and data protection.
• Maintain effective processes and controls in the computing environment.
• Respond to data subject requests and assist with data incident forensics.
• Participate in team meetings and advise on data anonymization, pseudonymization, and encryption techniques.
• Conduct privacy assessments of operational processes, identifying and mitigating risks.

Qualifications

• BSc or MSc in computer science, information systems, privacy engineering, or related field, or equivalent experience.
• At least 5 years in information security, focusing on privacy/data protection.
• 3 years configuring API integrations, leveraging RESTful APIs, OAuth 2.0.
• IAPP privacy certifications (CIPT, AIGP, CIPP, CIPM).
• CISSP or similar security certification.
• Technical experience with OneTrust.
• Understanding of information protection principles, data handling best practices, and relevant regulations.
• Experience with third-party risk assessments, data anonymization, cryptography, incident response, and software fundamentals.
• Strong attention to detail, teamwork, and motivation to grow in this emerging field.

Pay Range

$133,600 - $200,400

Additional Information

This role is eligible for bonuses, equity, and comprehensive benefits. The actual salary depends on skills and experience. The position offers flexibility with remote, hybrid, or on-site work options, subject to company policy.

Company Overview

Vertex is a global biotech company committed to innovation and equality. We provide accommodations for applicants with disabilities. For assistance, contact ApplicationAssistance@vrtx.com.

#J-18808-Ljbffr

Job Tags

Similar Jobs