Legal and Data Protection Partner

At Roche you can show up as yourself, embraced for the unique qualities you bring.

Our culture encourages personal expression, open dialogue, and genuine connections,  where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally.

This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come.

Join Roche, where every voice matters.

The Position

Legal and Data Protection Partner

Location: Warsaw (hybrid)

Join a team that's shaping the future of healthcare! At Roche, we believe that innovative technologies and breakthrough therapies have the power to change patients' lives.

Our Legal and Compliance team is a key partner in this mission, ensuring that our actions are not only legally compliant but also conducted with the highest ethical standards.

We are looking for a person who is not afraid of the challenges of the digital era and wants to build a safe and innovative future with us.

Your goal will be to provide strategic support to the organization in delivering modern therapeutic solutions to patients.

You will be a key partner for business teams, promoting a culture of ethics and compliance and navigating the company through a complex legal environment, with a particular focus on the challenges and opportunities of the digital and AI era and personal data protection.

The opportunity: 


* Act as a key partner in projects in the areas of Digital Health, telemedicine, cybersecurity, personal data protection, and data and AI-based solutions.

Work closely with teams across the organization, from marketing to research and development, to analyze legal risks and choose optimal, innovative solutions.


* Ensure compliance with personal data protection regulations (GDPR), with a particular focus on data processing in complex IT systems and AI models.

Create and implement Terms and Conditions and privacy policies for new technological solutions.

Lead and optimize DPIA and LIA processes, manage international data transfers (SCCs, TIA), and handle incidents.


* Provide legal advice and risk assessment for innovative digital projects, including solutions based on artificial intelligence (AI), machine learning, digital health, and Big Data.

Analyze and implement legal requirements related to new technologies, particularly in the context of new regulations (e.g., AI Act, Data Act).


* Actively participate in security incident management processes, provide advice on compliance with regulations (e.g., the NIS2 directive), and support the negotiation of information security requirements in agreements with key suppliers.


* Prepare and negotiate complex technology agreements, including SaaS, license, cloud, and data processing agreements with clients and key suppliers.


* Actively co-create and promote a culture based on ethics, transparency, and responsibility throughout the organization.


* Proact...