McKesson Privacy Compliance Manager in Munster, Ireland


Prime responsibility of this role is to lead one or more of privacy compliance areas (primarily GDPR, HIPAA, other local privacy laws) and provide in-house consulting and assurance. The role will be responsible for overseeing documentation of Risk Analyses, Risk Management Plans and annual Re-Attestations together with various application owners, track gaps and define action plans together with BUs, report on non-compliance and escalate to higher management.

Principal Duties & Responsibilities

  • Lead, monitor and report on GDPR compliance program with our BUs

  • Overseeing documentation of compliance gaps

  • Consolidation of remediation plans per BU and track closure of remediation actions with action responsible

  • Review policies and procedures covering privacy requirements

  • Manage privacy compliance awareness training

  • Manage privacy audits (internal and external)

  • Single point of contact for privacy related IT topics within Europe

Key areas of responsibility include:

  • Lead assessments against internal policies and regulatory frameworks, facilitating results and discussion with Information security risk management and business units stakeholders

  • Work with BU management to gather information about relevant IT controls to enhance audit readiness and GRC repository completeness

  • Represent compliance team in managing relationships with stakeholders (including business and IT owners) to establish priorities for remediation, process improvements, and other efforts focused on managing risks and threats

  • Monitor and report on privacy compliance findings and remediation within the corporate Governance ,Risk and Compliance (GRC) tool (RSA Archer)

  • Manage data presentations, status reports and management dashboards

  • Lead organizational understanding of emerging IT risks, threats and cybersecurity requirements related to new areas of business and emerging technology

  • Alignment and execution of compliance activities across enterprise compliance teams (e.g. compliance, cybersecurity, privacy, internal audit)

Required Knowledge & Skills

  • Masters degree in Business Administration or Business Informatics or Data privacy law or Information Technology law alternatively comparable degree or comparable work experience

  • At least 6 years of professional experience in related areas, including IT Security, IT operations, IT Audit or similar disciplines required as a foundational basis (including data privacy)

  • Demonstrate working experience and knowledge implementing or evaluating of multiple IT audit methodologies, regulations and compliance frameworks including but not limited to: GDPR, HIPAA, PIPEDA(Canada), SOC 2 TSP, PCI, HiTRUST, COBIT, ISO270x, NIST cybersecurity, SOX framework or other data privacy regulatory requirements

  • Strong knowledges of GRC tool (preferably RSA Archer) and / or other demonstrable foundation IT technology skills (including database, network, infrastructure, software development, IT security)

  • CIPP/E required, with the following certifications or combination highly appreciated: CISSP, CISM, CISA, or CIA

  • Experience performing IT audit, risk assessment and IT compliance activities strongly preferred

  • Excellent presentation skills up to top management level

  • Ability to work under pressure as well as result-oriented

  • Ability to work and communicate in an international multicultural team, social competencies and assertiveness

  • High flexibility and willingness to travel

  • Languages: English, any other European language would be a plus



Level Required

Practitioner Level






Customers & Markets




Drive & Results


Innovation & Change




Communication & Cooperation


Cross-cultural orientation


Language Skills

Business Fluency

Effective Business Communication

Basic Communication possible






Job: Technology

Organization: McKesson Corporate

Title: Privacy Compliance Manager

Location: Ireland-Munster-Cork

Requisition ID: 18005298