Global Privacy & Data Protection Leader – Innovative Medicine (IM) Sector

Crucially, this role will also champion innovative and ethical uses of data across the sector – ensuring privacy leaders not only protect the company, but actively enable new models of patient engagement, drug discovery, and product development that strengthen health outcomes and accelerate scientific progress.

This role reports directly to the Chief Privacy Officer and maintains a strong, influential partnership with IM Executives, representing the privacy function across global, regional, and market‑level leadership forums.

Key Responsibilities

Global Leadership & Strategic Accountability

• Provide end‑to‑end global oversight of Privacy & Data Protection for the Innovative Medicine (IM) Sector, ensuring robust governance, compliance, and risk management across all business units and geographies.

• Serve as the senior-most privacy leader for the IM Sector, representing the function to sector executives and leadership teams globally, regionally, and within markets.

• Define and drive the IM privacy strategy in alignment with Johnson & Johnson’s broader privacy, risk, and compliance priorities, ensuring business-aligned solutions that enable innovation while safeguarding data.

• Promote innovative and ethical uses of data to drive better health outcomes – ensuring privacy leadership actively enables new forms of patient engagement, advances in drug discovery, and data‑driven product development, not merely compliance protection.

Team Leadership & Operating Model Oversight

• Lead and develop a global team of senior Privacy leaders organized by major regions and global support capabilities ensuring they have the drive for excellence, capabilities, structure, and support required to manage regional privacy obligations.

• Oversee and optimize a leveraged network of Privacy Stewards embedded in business units across markets, ensuring consistent execution of privacy responsibilities and adherence to global standards and processes.

• Build a high‑performance culture emphasizing accountability, collaboration, subject‑matter excellence, and continuous improvement.

Executive Engagement & Strategic Guidance

• Partner with senior leaders at all levels to provide expert strategic guidance regarding the implications of global privacy laws, regulatory changes, and evolving risk landscapes.

• Offer practical, business‑oriented recommendations and guidance during design, deployment, and scaling of IM initiatives, digital transformations, AI programs, data‑driven products, and scientific collaborations.

• Serve as a catalyst for innovative data enablement – helping leadership leverage data responsibly to transform patient experiences, accelerate scientific insight, and fuel next‑generation medical advances.

Interaction with the Global Privacy Organization (GPO)

• Represent IM’s privacy needs and priorities within the Global Privacy Organization (GPO), collaborating closely with the enterprise privacy back office and center‑of‑excellence teams.

• Ensure IM sector demand, novel use cases, and operational requirements are triaged effectively, adhere to GPO’s documented policies, standards and processes, and receive accurate and timely guidance from GPO teams.

• Oversee the translation of recurring use cases into codified Specifications within the global Privacy Rulebook, ensuring consistency, clarity, and scalable operationalization.

Enterprise and Cross‑Functional Leadership

• Serve as a key member of the GPO Leadership Team, contributing to the enterprise privacy strategy, operating model modernization, and long‑term transformation initiatives.

• Champion the organization’s modernization mandate by driving initiatives that enhance simplicity, agility, speed, and effectiveness in privacy operations.

• Collaborate cross‑functionally with Legal, Compliance, IT, Cybersecurity, Data Science, IM Business, Quality, and Supply Chain to embed privacy into end‑to‑end business processes.

• Represent the Privacy function in appropriate external engagements with industry groups, think tanks, and regulators, as appropriate and aligned with the GPO External Engagement Strategy.

Governance, Risk Management & Compliance

• Oversee privacy risk assessments, regulatory readiness, incident response support, and the development of remediation strategies.

• Ensure consistent accountability for compliance across IM with J&J Policies & Standards and global privacy laws (e.g., GDPR, LGPD, PIPL, HIPAA, federal/state laws, and emerging regulations).

• Serve as a trusted advisor during interactions with regulatory bodies, auditors, and external partners when needed.

• Serve as a subject matter expert and provide appropriate support throughout A&D processes.

Job Qualifications, Education & Experience

Education

• Juris Doctor (JD) degree required.

• Concentration or advanced study in law, privacy, data protection, information governance, cybersecurity, public policy, or a related discipline strongly preferred.

Professional Experience

• Minimum of 12+ years of progressive experience in privacy, data protection, legal, compliance, or data governance roles within a complex, global organization.

• Significant experience operating at the enterprise or sector executive level, with accountability for global privacy strategy, governance, and regulatory compliance across multiple regions and jurisdictions.

• Demonstrated experience leading privacy and data protection programs within highly regulated, technology‑enabled environments, including pharmaceutical, life sciences, digital health, or adjacent industries.

• Proven track record of shaping and executing multi‑year privacy strategies that balance regulatory compliance, patient and customer trust, and business innovation.

• Experience partnering with executive leadership, including Sector Leaders, Executive Committees, and Board‑adjacent forums, to influence strategy and guide risk‑balanced decision‑making.

• Hands‑on experience supporting or overseeing major transformation initiatives, including modernization of operating models, simplification of processes, and scaling of global privacy services.

• Experience engaging with regulators, auditors, and external stakeholders, including preparation for regulatory inquiries, inspections, or audits.

• Exposure to mergers, acquisitions, and divestitures, including privacy due diligence, integration, and separation activities.

Privacy & Technical Expertise

• Deep expertise in global privacy and data protection laws and frameworks, including but not limited to GDPR, LGPD, PIPL, HIPAA, U.S. state privacy laws, and emerging global regulations.

• Strong understanding of complex data ecosystems, including software‑enabled services, data science environments, AI‑enabled solutions, digital platforms, and advanced analytics.

• Demonstrated ability to operationalize privacy requirements through governance, policies, standards, processes, and scalable operating models.

• Strong command of privacy‑by‑design principles and their application in product quality environments, product development, digital innovation, and patient engagement models.

Leadership & Organizational Capabilities

• Proven people leader with experience building, leading, and developing high‑performing global teams, including both direct reports and extended networks (e.g., embedded Privacy Stewards).

• Demonstrated ability to lead in highly matrixed environments, influencing without authority and aligning diverse stakeholders toward shared outcomes.

• Strong change leadership skills, with a history of successfully driving organizational transformation and cultural adoption.

• Exceptional executive communication and influencing skills, with the ability to translate complex privacy and regulatory concepts into clear, actionable business guidance.

Professional Attributes

• Strategic, forward‑thinking leader with strong business acumen and a pragmatic approach to risk management.

• Collaborative and trusted advisor mindset, operating effectively across Legal, Technology, IM Business, Digital, Quality, and Supply Chain functions.

• Demonstrated commitment to ethical data use, patient trust, and Johnson & Johnson’s Credo values.

• Results‑oriented, resilient, and capable of operating confidently in fast‑moving, ambiguous, and evolving environments.

Ideal Candidate Profile

A forward‑thinking, business‑savvy privacy executive with deep expertise, strong global leadership experience, and a proven ability to operate successfully at the highest levels of Johnson & Johnson. This leader brings strategic clarity, operational excellence, and a collaborative mindset, combining strong privacy stewardship with innovative thinking to ethically unlock data-driven insights that improve patient outcomes. They understand that privacy is not only a protective discipline but also a catalyst for responsible innovation, enabling new ways of patient engagement, breakthrough drug discovery, and next‑generation product development across the Innovative Medicine Sector.

Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.

Johnson and Johnson is committed to providing an interview process that is inclusive of our applicants’ needs. If you are an individual with a disability and would like to request an accommodation, please email the Employee Health Support Center (ra-employeehealthsup@its.jnj.com) or contact AskGS to be directed to your accommodation resource.
 

Please note that this role is available across multiple countries and may be posted under different requisition numbers to comply with local requirements. While you are welcome to apply to any or all of the postings, we recommend focusing on the specific country(s) that align with your preferred location(s):

• Belgium - Requisition Number: R-077559

• US- Requisition Number: R-077818

Remember, whether you apply to one or all of these requisition numbers, your applications will be considered as a single

submission.