Executive Director, Global Privacy & Data Protection

Madrigal PharmaceuticalsMA – Massachusetts – Remote, MA
$313,000 - $360,000Hybrid

About The Position

Madrigal is a biopharmaceutical company focused on delivering novel therapeutics for metabolic dysfunction-associated steatohepatitis (MASH), a serious liver disease that can progress to cirrhosis, liver failure, need for liver transplantation and premature mortality. Every member of our Madrigal team is connected by our shared purpose: leading the fight against MASH. Madrigal’s medication, Rezdiffra (resmetirom), is a once-daily, oral, liver-directed THR-β agonist designed to target key underlying causes of MASH. Rezdiffra is the first and only medication approved by both the FDA and European Commission for the treatment of MASH with moderate to advanced fibrosis (F2 to F3). An ongoing Phase 3 outcomes trial is evaluating Rezdiffra for the treatment of compensated MASH cirrhosis (F4c). Our success is driven by our people. We are building a dynamic, inclusive, and high-performing culture that values scientific excellence, operational rigor, and collaboration. To support our continued growth, we are strengthening our workforce strategy to ensure we have the right talent, at the right time, in the right way. We are seeking an experienced and business-minded Privacy & Data Protection attorney to lead and support our global privacy, data protection, and AI initiatives. This role will play a critical part in ensuring compliance with global and U.S. privacy laws while advising on the responsible use of data, emerging technologies, and artificial intelligence. The ideal candidate combines legal expertise with practical experience in privacy, data governance, cybersecurity, IT systems, and AI-driven products or services. The ideal candidate will demonstrate sound judgment, discretion, and an ability to operate independently in a dynamic, fast-paced, international workforce.

Requirements

  • Juris Doctor (JD) from an accredited U.S. law school
  • Active bar membership in at least one U.S. jurisdiction
  • 12+ years of relevant experience in privacy, data protection, or technology law (law firm and/or in-house)
  • Strong knowledge of global and U.S. privacy laws and regulatory frameworks
  • Experience advising on IT systems, data architecture, and cybersecurity practices
  • Familiarity with AI technologies and associated legal and ethical considerations
  • Proven ability to work cross-functionally with technical and business teams
  • Excellent drafting, negotiation, and communication skills

Nice To Haves

  • Prior in-house experience at a publicly traded pharmaceutical or health care company
  • Background in technology, computer science, or information systems (or equivalent practical experience)
  • Familiarity with AI governance frameworks and emerging regulations

Responsibilities

  • Provide legal advice on international and U.S. privacy laws, including but not limited to consumer data protection, employee data, and marketing practices
  • Lead compliance efforts related to U.S. laws such as CCPA/CPRA, HIPAA, and other laws and privacy/data security frameworks
  • Partner closely with IT, Security, Product, and Data teams to ensure privacy-by-design and security-by-design principles are embedded into systems and workflows
  • Advise on legal and regulatory considerations related to artificial intelligence, including data usage, model training, automated decision-making, and bias mitigation
  • Draft, review, and negotiate privacy-related agreements, including data processing agreements (DPAs), vendor contracts, and cross-border data transfer mechanisms
  • Develop, implement, and maintain privacy policies, training, notices, and internal governance frameworks
  • Conduct privacy impact assessments (PIAs) and data protection impact assessments (DPIAs)
  • Monitor and interpret new and emerging privacy, cybersecurity, and AI regulations, and translate them into actionable business guidance
  • Support response efforts related to potential data breach incidents and cybersecurity events
  • Provide training and awareness programs for internal stakeholders on privacy and data protection best practices
  • Perform other duties and responsibilities as may be required

Benefits

  • flexible paid time off
  • medical, dental, vision and life/disability insurance
  • 401(k) offerings (i.e., traditional, Roth, and employer match)
  • supplemental life insurance
  • legal services
  • mental health benefits through our Employee Assistance Program

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Executive

Education Level

Ph.D. or professional degree

© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service