Back

Data Platform and AI Vulnerability and Compliance Lead

HaleonHaleon·Consumer Healthcare

Apply effort

<60 sec

via Aplyr Quick Apply

Posted

33 days

01

About the role

Welcome to Haleon. We’re a purpose-driven, world-class consumer company putting everyday health in the hands of millions. In just three years since our launch, we’ve grown, evolved and are now entering an exciting new chapter – one filled with bold ambitions and enormous opportunity.

Our trusted portfolio of brands – including Sensodyne®, Panadol®, Advil®, Voltaren®, Theraflu®, Otrivin®, and Centrum® – lead in resilient and growing categories. What sets us apart is our unique blend of deep human understanding and trusted science.

Now it’s time to fully realise the full potential of our business and our people. We do this through our Win as One strategy. It puts our purpose – to deliver better everyday health with humanity – at the heart of everything we do. It unites us, inspires us, and challenges us to be better every day, driven by our agile, performance-focused culture.

Role Purpose 

The Data Platform & AI Vulnerability and Compliance Lead is responsible for Data & AI Platform wide security vulnerability management, compliance governance, and risk remediation initiatives across modern Data Platforms, Analytics ecosystems, AI/ML solutions, and Generative AI environments. 

 

This role will be responsible for establishing secure and compliant Data & AI ecosystems by integrating cybersecurity, governance, privacy, risk management, and regulatory compliance into Data Platforms and AI Operations. 

 

The ideal candidate will possess deep expertise in cloud-native data platforms, AI/GenAI security, vulnerability management, regulatory compliance frameworks, and secure engineering practices. 

 

The role requires strong collaboration across Enterprise Vulnerability and Compliance teams, IT, Data, Security, Legal, and AI Engineering teams (data science/DevOps/Machine Learning Engineering) to ensure secure, compliant and resilient environment 

 

Key responsibilities: 

Vulnerability Management 

  • Lead enterprise vulnerability management programs for all Data Office Towers including Data Engineering, Data Platforms, Data Science, AI/ML Platforms, Data innovation and Visualization. 

  • Establish processes for vulnerability discovery, prioritization, remediation, validation, and reporting.  

  • Define, monitor & track remediation SLAs, risk metrics, and security & Compliance KPIs.  

  • Drive proactive risk reduction strategies across data and AI infrastructure and Applications. 

  • Collaborate with engineering teams to automate compliance validation and vulnerability remediation. 

  • Maintain SOPs, Runbooks and Knowledge Repositories. 

  • Ensure compliance with security, regulatory, and validation requirements across all GenAI Platforms and Services. 

Data & AI Platform Security Governance 

  • Secure enterprise data ecosystems including but not limited to: Data Lakes, Data Warehouses, ETL/ELT Pipelines, Analytics Platforms, Data APIs, Gen AI Applications and Services.  

  • Conduct Security Assessment and Configuration Reviews for: Microsoft Fabric, Azure Data Services, Databricks, Snowflake, enterprise Data & AI platforms and Applications.  

  • Ensure implementation of secure data access, encryption, masking, retention, and governance controls. 

  • Integrate security and compliance controls into DevSecOps and MLOps pipelines. 

  • Conduct risk assessments, threat modeling, and compliance impact analysis. 

  • Present risk posture, remediation progress, and compliance dashboards to the leadership. 

  • Ensure high availability, performance, and stability of GenAI BAU Platforms and Applications. 

  • Maintain risk registers and governance reporting mechanisms. 

  • Incident Response & Security Operations 

  • Support investigations and remediation activities related to Data & AI platform incidents. 

  • Collaborate with SOC, Threat Intelligence, and Infrastructure Security teams. 

  • Perform root cause analysis and define preventive security controls. 

  • Ensure continuous compliance monitoring across cloud environments. 

AI / GenAI Security & Compliance 

  • Lead security and governance governance for AI/ML Platforms, Generative AI Solutions and Applications, Large Language Models (LLMs), RAG Architecture, AI APIs and Model Deployment Platforms etc. 

  • Identify and mitigate AI-Specific risks including Prompt Injection, Data Leakage, Hallucination Risks, Unauthorized Data Exposure, Adversarial Attacks  

  • Closely working with AI Governance & Responsible AI central teams to align with enterprise policies and regulatory expectations. 

  • Lead Compliance Initiatives aligned with ISO 27001, SOC2, GDPR, PCI-DSS, HIPPA, DPDP and AI Governance Frameworks. 

  • Coordinate audits, assessments, and evidence management activities. 

  • Maintain enterprise security policies, standards, and control frameworks 

  • Partner with Legal, Privacy, Risk, and Audit teams to ensure regulatory adherence. 

  • Contribute directly to handson capacity to Gen AI Operations troubleshooting, and optimisation. 

Leadership & Stakeholder Engagement 

  • Act as a trusted advisor to Data, AI, Security, Compliance, and Technology leadership teams. 

  • Mentor security and governance professionals. 

  • Lead awareness and training programs related to AI security and compliance best practices. 

  • Escalate and remove blockers in a complex, matrix organisation, engaging senior stakeholders as required. 

  • Act as the primary point of contact for Data & AI Vulnerability and Compliance Management Programs. 

  • Drive user adoption, service awareness, training coordination, and feedback management. 

  • Present Vulnerability dashboards, risk & compliance reports, and improvement plans to leadership. 

  • Ensure Timely Communication to stakeholders during Vulnerabilities, Compliance shortfalls, High Impact Incidents and Changes.  

  • Support AI Governance and Responsible AI processes through engagement with Architecture Review Boards and AI/ML Architects  

  • Ensuring close alignment to internal & external regulatory and compliance requirements, Quality, Governance & Data Lifecycle Audits with no critical or high findings or violation against them. 

   

Key Skills: 

  • Vulnerability Management 

  • AI & GenAI Security 

  • Compliance & Governance 

  • Data Platform & Cloud Security 

  • DevSecOps & MLOps 

  • Risk Management 

  • Security Architecture 

  • Regulatory Compliance 

  • API & Container Security 

  • Security, Risk and Compliance Audit Management 

  • Stakeholder Management 

 

Qualifications & Experience: 

  • Bachelor’s or master’s degree in Cybersecurity, Computer Science, Information Systems, Data Engineering, or related field. 

  • 10+ Years of experience in: 

  • Cybersecurity 

  • Enterprise Vulnerability Management 

  • Compliance and Governance 

  • Cloud Security 

  • Data Platform Security 

  • Proven track record of enterprise Vulnerability and Compliance Management.  

  • Strong experience in representing the organization to Internal and External Security, Risk and Compliance Audits.  

  • Proven record of Vulnerability Remediation and Audit Finding mitigation within agreed SLAs 

  • Strong Experience with Enterprise Data, AI and Analytics Ecosystem 

  • Hands On Experience with AI/ML or Generative AI Security.  

  • Knowledge of DevSecOps, MLOps, CI/CD, API security, and container security. 

  • Deep understanding of cloud platforms (Azure, AWS, Google Cloud) 

  • Experience with at least 2 security and compliance tool like:  

  • Tenable 

  • Qualys 

  • Wiz 

  • Prisma Cloud 

  • Microsoft Defender 

  • Snyk  

  • Strong strategic and operational leadership skills. 

  • Excellent communication and executive presentation abilities. 

  • Ability to influence global cross-functional teams.  

  • Strong analytical and problem-solving capabilities. 

  • Passion for emerging technologies, cybersecurity innovation, and responsible AI governance. 

Preferred Certifications: 

  • CISSP, CISM, CCSP, CRISC, CEH, Azure Security Engineer, ISO 27001  

 

 

 

 Job Posting End Date

 

 

2026-05-30

 

 

 

Equal Opportunities

Haleon are committed to mobilising our purpose in a way that represents the diverse consumers and communities who rely on our brands every day. It guides us in creating an inclusive culture, where different backgrounds and views are valued and respected – all in support of understanding and best serving the needs of our consumers and unleashing the full potential of our people. It’s important to us that Haleon is a place where all our employees feel they truly belong.

During the application process, we may ask you to share some personal information, which is entirely voluntary. This information ensures we meet certain regulatory and reporting obligations and supports the development, refinement, and execution of our inclusion and belonging programmes that are open to all Haleon employees. 

The personal information you provide will be kept confidential, used only for legitimate business purposes, and will never be used in making any employment decisions, including hiring decisions.

 

 

 

Adjustment or Accommodations Request

If you require a reasonable adjustment or accommodation or other assistance to apply for a job at Haleon at any stage of the application process, please let your recruiter know by providing them with a description of specific adjustments you are requesting. We’ll provide all reasonable adjustments to support you throughout the recruitment process and treat all information you provide us in confidence. 

 

 

 

Note to candidates

The Haleon recruitment team will contact you using a Haleon email account (@haleon.com). If you are not sure whether the email you received is from Haleon, please get in touch.

Skills & Tags

aidata
02

Aplyr's read

Haleon is a leader in consumer healthcare, offering diverse roles across global markets for those passionate about everyday health solutions.

Synthesized from recent postings & public sources

What's promising

  • Strong focus on consumer health products with a global reach.
  • Wide range of roles indicates diverse career opportunities.
  • Commitment to innovation in health and wellness solutions.

What to watch

  • Highly competitive industry with pressure on market share.
  • Potential challenges in maintaining product differentiation.
  • Regulatory hurdles in different markets could impact operations.

Why Haleon

  • Specializes in everyday health products, unlike many pharma-focused peers.
  • Global presence with localized roles like Türkiye Shopper Marketing Lead.
  • Diverse hiring across functions from R&D to digital commerce.

Aplyr’s read is generated by AI from public sources. Was it useful?

03

About Haleon

Haleon

Haleon

haleon.com
View company

Haleon is a global consumer healthcare company focused on delivering everyday health products and solutions.

04

Similar roles

VML (Wunderman Thompson)

Cloud & Platform Database Administrator PT

VML (Wunderman Thompson)

Betsson Group

Platform Database Engineer - Infra

Betsson Group

Novartis

Technical Project Manager – Data, AI, Analytics and Platform Operations

Novartis

Anthropic

Lead Data Scientist, Platform Product

Anthropic

Affirm

Staff Analytics Engineer, Subledger Platform

Affirm

Affirm

Staff Analytics Engineer, Subledger Platform

Affirm