Senior Director, Privacy Officer

About The Position

Requirements

• Education: Juris Doctorate
• Minimum 12–15 years of progressive experience in privacy, data protection, compliance, or related roles.
• At least 5 years in a leadership role with global or enterprise-wide privacy program oversight.
• Demonstrated experience within the pharmaceutical, biotechnology, or healthcare industry, including familiarity with clinical data, patient privacy, and pharmacovigilance requirements.
• Deep understanding of global privacy and data protection frameworks and regulations (including, GDPR, CCPA and other US state laws).
• Experience managing program budget.
• Strong leadership and influencing skills across cultures and business functions.
• Excellent judgment and ability to translate legal and regulatory concepts into actionable business strategies.
• Exceptional communication, presentation, and stakeholder engagement skills.
• Experience supporting commercial teams and supporting them to meet privacy objectives by advising on privacy requirements.
• Experience working with clinical management initiatives and reviewing Informed Consent requirements and regulatory submissions.
• Experience supporting Patient Support Programs.

Nice To Haves

• Certifications: One or more recognized certifications (e.g., CIPP/E, CIPP/US, CIPM, CIPT) required experience/knowledge of CNS marketplace
• Working knowledge of OneTrust.
• Experience engaging directly with global regulatory authorities (as appropriate)
• Track record of leading privacy programs in highly regulated, research-intensive, and digital transformation environments.

Responsibilities

• Develop and lead the company’s privacy and data protection strategy, ensuring alignment with corporate risk management and compliance frameworks.
• Serve as the principal advisor to senior management and the Board on privacy risks, trends, and regulatory developments.
• Lead and manage a privacy team, fostering cross-functional collaboration with Legal, IT, R&D, HR, Clinical, Commercial, and Compliance teams.
• From time to time, the Privacy Officer will act as a consultative resource and provide strategic and operational privacy support affiliates, assisting with implementation of global policies, adaptation to local regulatory requirements, and resolution of privacy-related issues.
• Design, implement, and continuously enhance the privacy compliance program, including policies, procedures, training, and governance mechanisms to Promote compliance with state, federal and international privacy laws.
• Align with Global Privacy Office initiatives.
• Oversee data privacy impact assessments (DPIAs), records of processing activities, and other regulatory documentation.
• Ensure integration of privacy by design and default into product development, research programs, and digital initiatives.
• Work with global cross-border data transfer mechanisms and contractual safeguards (e.g., SCCs, BCRs).
• Monitor and interpret global and US federal and state privacy laws and regulations (e.g., GDPR, CCPA and other state regulations, HIPAA) and advise on implications for the company’s operations.
• Manage relationships with data protection authorities (as appropriate) and coordinate responses to privacy-related inquiries, audits, and investigations.
• Lead the response to data incidents or breaches, including investigation, containment, notification, and remediation in collaboration with cybersecurity and legal teams.
• Champion a privacy-aware culture across the organization through ongoing communication, education, and training initiatives.
• Develop tools and guidance to empower employees to incorporate privacy considerations into daily operations.
• Partner with Compliance Training team to provide privacy training to various stakeholder groups.
• Partner with IT, Cybersecurity, and Data Governance functions to ensure alignment between privacy, security, and information management programs.
• Support due diligence and integration for mergers, acquisitions, and partnerships involving personal data processing.
• Establish and monitor KPIs and metrics to assess program maturity and continuous improvement.
• Partner with the Compliance team to regularly assess the effectiveness of the privacy program, overseeing periodic privacy risk assessments and implementation of corrective action plans
• Assist in auditing processes to monitor privacy related activities
• Support AI and AI Council initiatives.

Benefits

• Comprehensive medical, dental, vision, prescription drug coverage, company provided basic life, accidental death & dismemberment, short-term and long-term disability insurance, tuition reimbursement, student loan assistance, a generous 401(k) match, flexible time off, paid holidays, and paid leave programs as well as other company provided benefits.