VP, Chief Privacy Officer, Orthopedics

at Johnson & Johnson

Location

3 Locations

Compensation

$199k–$367k USD

Posted

Today

Save to queue

Market range · company + function + seniority

$177k—$213k—$259k

p25 · target · p75 · n=14

Posted $367k · well above market

Tailor your résumé to this role in 30 seconds.

Free account · ATS keyword check · per-job bullet rewrite by Claude.

Tailor my résumé Apply on company site

Job description

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at jnj.com

As guided by Our Credo, Johnson & Johnson is responsible to our employees who work with us throughout the world. We provide an inclusive work environment where each person is considered as an individual. At Johnson & Johnson, we respect the diversity and dignity of our employees and recognize their merit.

Job Function:

Legal & Compliance

Job Sub Function:

Enterprise Compliance

Job Category:

People Leader

All Job Posting Locations:

Amersfoort, Utrecht, Netherlands, Diegem, Flemish Brabant, Belgium, London, United Kingdom, Raritan, New Jersey, United States of America, Raynham, Massachusetts, United States of America, Ringaskiddy, Cork, Ireland, Umkirch, Germany, West Chester, Pennsylvania, United States of America, Zug, Switzerland

Job Description:

Johnson & Johnson announced plans to separate our Orthopaedics business to establish a standalone orthopaedics company, operating as DePuy Synthes. The process of the planned separation is anticipated to be completed within 18 to 24 months, subject to legal requirements, including consultation with works councils and other employee representative bodies, as may be required, regulatory approvals and other customary conditions and approvals. Should you accept this position, it is anticipated that, following conclusion of the transaction, you would be an employee of DePuy Synthes and your employment would be governed by DePuy Synthes employment processes, programs, policies, and benefit plans. In that case, details of any planned changes would be provided to you by DePuy Synthes at an appropriate time and subject to any necessary consultation processes.

Job Overview

The VP, Chief Privacy Officer (CPO) provides enterprise‑wide leadership for privacy strategy, governance, and compliance across DePuy Synthes. This role plays a critical part in protecting patient, customer, employee, and business data while enabling innovation and growth in a highly regulated global healthcare environment. The CPO partners closely with Legal, IT, Cybersecurity, R&D, Commercial, and Operations leaders to embed privacy‑by‑design principles into products, systems, marketing and other business processes. This is a high‑impact leadership role with direct influence on trust, reputation, and regulatory readiness as DePuy Synthes operates as a standalone company.

Key Responsibilities

Set and execute the global privacy strategy, policies, and governance framework for DePuy Synthes.

Ensure compliance with global privacy, data protection and cybersecurity laws and regulations (including, e.g., GDPR, U.S. state privacy laws, digital product standards and laws and other applicable international requirements).

Serve as the primary executive leader for privacy risk management, including oversight of privacy impact assessments and mitigation plans.

Partner with Legal, R&D, Cybersecurity, and Technology teams to integrate privacy‑by‑design and privacy‑by‑default into systems, products, and digital initiatives.

Monitor new and proposed privacy laws and regulations and provide strategic guidance to senior leaders and the Board on privacy risks, trends, and regulatory developments.

Lead and develop a global privacy organization, including talent development and succession planning, to operationalize privacy requirements and to promote a strong culture of privacy and data protection.

Oversee privacy contracting practices to ensure compliance with applicable laws, guidelines and best practices.

Direct the development and implementation of a company-wide privacy training program, including the institution and instruction of named privacy stewards in the relevant functions.

Together with Cybersecurity, oversee privacy incident response, investigations, and support regulatory interactions as needed.

Working together with Government Affairs, develop and maintain trusted relationships with data protection commissioners and government enforcement agencies and execute a strategy for impacting the evolving privacy laws affecting the company.

Qualifications

Education

JD in the United States or in a European jurisdiction.

Experience and Skills

Required:

Typically requires 14+ years of progressive experience in privacy, data protection, cybersecurity, or related risk functions including in private practice or within a complex, global organization in a healthcare field (e.g., hospital system, medical device or medtech company, pharmaceutical industry).

Demonstrated expertise interpreting and applying global privacy regulations in a regulated industry, including GDPR and the U.S. federal and state privacy laws, including HIPAA, and relevant FDCA regulations.

Experience advising senior executives on privacy strategy and enterprise risk.

Demonstrated ability to build, operationalize, and improve processes and high-performing teams.

Proven ability to lead global, cross‑functional teams and influence without direct authority.

Strong strategic thinking, judgment, and decision‑making capabilities.

Preferred:

Prior experience supporting or managing a data incident management and response process, including data subject and regulatory enforcement agency notifications.

Background partnering with information systems, cybersecurity, and digital technology teams.

Experience supporting business transformation or operating‑model changes.

Degree in Information Systems, Master of Business Administration or Master of Public Policy a plus.

Other:

Travel: Up to 20%, domestic and international.

Language: Fluency in English required; additional languages a plus.

Certifications such as CIPP, CIPM, or equivalent preferred.

For more information on how we support the whole health of our employees throughout their wellness, career and life journey, please visit www.careers.jnj.com.

Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.

Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants’ needs. If you are an individual with a disability and would like to request an accommodation, external applicants please contact us via https://www.jnj.com/contact-us/careers, internal employees contact AskGS to be directed to your accommodation resource.

#LI-Hybrid

#DePuySynthesCareers

Required Skills:

Preferred Skills:

Audit and Compliance Trends, Compliance Frameworks, Compliance Management, Compliance Policies, Compliance Risk, Consulting, Controls Compliance, Corporate Compliance Helpline Administration, Developing Others, Fact-Based Decision Making, Inclusive Leadership, Leadership, Legal Function, Legal Services, Risk Management, Standard Operating Procedure (SOP), Tactical Planning

The anticipated base pay range for this position is :

$199,000.00 - $366,850.00

Additional Description for Pay Transparency:

Subject to the terms of their respective plans, employees are eligible to participate in the Company’s consolidated retirement plan (pension) and savings plan (401(k)).
This position is eligible to participate in the Company’s long-term incentive program.
Subject to the terms of their respective policies and date of hire, employees are eligible for the following time off benefits:
• Vacation –120 hours per calendar year
• Sick time - 40 hours per calendar year; for employees who reside in the State of Colorado –48 hours per calendar year; for employees who reside in the State of Washington –56 hours per calendar year
• Holiday pay, including Floating Holidays –13 days per calendar year
• Work, Personal and Family Time - up to 40 hours per calendar year
• Parental Leave – 480 hours within one year of the birth/adoption/foster care of a child
• Bereavement Leave – 240 hours for an immediate family member: 40 hours for an extended family member per calendar year
• Caregiver Leave – 80 hours in a 52-week rolling period10 days
• Volunteer Leave – 32 hours per calendar year
• Military Spouse Time-Off – 80 hours per calendar year

For additional general information on Company benefits, please go to: - https://www.careers.jnj.com/employee-benefits

More open roles at Johnson & Johnson

Hiring velocity, headcount trend, and every open posting on one page.

View Johnson & Johnson profile →

Similar roles

Open postings ranked by description similarity — useful if this role isn't quite right.