Associate General Counsel & Privacy Officer (Vice President & General Counsel)

Johns Hopkins UniversityBaltimore, MD
$135,900 - $238,400Hybrid

About The Position

The Office of the Senior Vice President & General Counsel of Johns Hopkins University seeks applications to fill a position of Associate General Counsel & Privacy Officer (“Associate General Counsel”), to serve as a trusted advisor to the University, with a primary focus on privacy, information and cyber security, and data governance. The Associate General Counsel will also advise on digital accessibility, records management, and a wide range of data related issues. As such, the individual should have deep understanding of the laws, regulations, and industry best practices in these areas in order to interface effectively with institutional officials and other stakeholders. The Office of the Senior Vice President & General Counsel provides legal counsel and representation to Johns Hopkins University and all its schools, divisions, affiliates, and related entities. The office serves the legal needs of university trustees, officers, deans, directors, faculty, and staff in their official capacities. The office is also responsible for hiring and managing all outside counsel to represent the university and its units. The Associate General Counsel will report directly to the Senior Associate General Counsel and Chief Compliance Officer, who in turn reports to the Senior Vice President and General Counsel of the University. The Associate General Counsel will provide legal advice on a full range of applicable laws and regulations related to data and records management, privacy (including consumer and educational privacy laws and regulations), cybersecurity, and digital accessibility. The Associate General Counsel will also help operationalize the university’s non-clinical privacy compliance obligations, working closely with the Chief Information Officer, Chief Information Security Officer, Chief Risk Officer, and other officials to mitigate risk to the university through executing the daily operations of the privacy program, development, implementation and maintenance of policies and procedures, training and education, monitoring program compliance, and investigation and tracking of incidents. The Associate General Counsel will collaborate with Johns Hopkins Health System (JHHS) counsel and privacy officials on privacy, data security, cybersecurity, and data governance matters affecting both JHU and JHHS.

Requirements

  • Juris Doctor.
  • Five years of legal experience required.
  • Law degree from an accredited law school.
  • Bar admission in at least one U.S. state.

Nice To Haves

  • Privacy certification such as CIPP or CIPT.
  • Experience providing legal counsel to an institution of higher education, and one associated with an academic medical center, in particular, is strongly preferred.
  • Experience working effectively with various constituencies in an extraordinarily complex, matrixed environment.
  • Satisfaction of all applicable requirements for attorneys practicing in the State of Maryland. If not licensed in Maryland, must be eligible for admission within twelve (12) months.
  • At least six years of experience as a practicing attorney, with at least five years of experience as an attorney specializing in privacy, cyber security/data protection, or data governance.
  • Excellent analytical, interpersonal, and oral and written communication skills.
  • Ability to work independently in a highly complex organization.
  • Superb professional judgment and high ethical standards.
  • Attention to detail and ability to manage a high volume of work and multiple priorities in a fast-paced environment.
  • Strong organizational, project management, and problem-solving skills.
  • Ability to work with senior university leadership, including executives and faculty leadership.
  • Experience in cyber-incident response, security and privacy program implementation, or AI governance.

Responsibilities

  • Advise the university on legal issues related to applicable privacy obligations, including FERPA, HIPAA, GDPR, MODPA, CCPA, GLBA, consumer protection laws, and other applicable state, federal, and international privacy regulations.
  • Oversee the daily operations of the University’s privacy program.
  • Serve as the primary point of contact for non-clinical data privacy compliance for the university.
  • Assist in the development, implementation, and maintenance of privacy policies, procedures, and standards.
  • Serve as a resource for university departments on privacy compliance questions and program implementation.
  • Help ensure privacy requirements are embedded into university operations and decision-making.
  • Monitor and assess program compliance with applicable laws, regulations, and internal policies.
  • Coordinate with university IT, the University Registrar, and other offices, and serve as the point of contact for the supervisory authority, as needed.
  • Manage the data subject access request process.
  • Develop contractual addendums, terms and conditions, and standard clauses to support compliance with evolving domestic and global privacy regulations.
  • Partner with the Chief Information Officer, Chief Information Security Officer, Chief Risk Officer, and other university officials to identify and mitigate legal and operational risk.
  • Interface with institutional officials and other stakeholders responsible for clinical records, human subject records, and related data to ensure compliant cybersecurity and data processing procedures and guidance.
  • Revise and/or develop policies and procedures to implement safeguards that protect non-clinical records and data.
  • Advise clients in responding to cybersecurity incidents and data breaches.
  • Draft cybersecurity policies and participate in tabletop exercises.
  • Partner with the Chief Risk Officer and Deputy Chief Risk Officer on the university’s Incident Response Team to support process development and coordination of incident and breach response, including coordination with the Chief Information Security Officer, other data security experts, outside counsel, and in-house counsel when required.
  • Engage with data governance programs on data handling best practices.
  • Manage and provide advice on the data governance and protection impact assessment process, data use agreements, and data management plans.
  • Advise clients on best practices related to data governance, including AI.
  • Advise on agreements and other documents related to technology, AI, data privacy, data sharing, and information security.
  • Interface with university stakeholders to support compliant data processing procedures and guidance.
  • Perform other related duties as assigned.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Education Level

Ph.D. or professional degree

© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service