Data Protection Privacy Jobs (NOW HIRING)

At Johnson & Johnson,we believe health is everything. Our strength in healthcare innovation empowers us to build aworld where complex diseases are prevented, treated, and cured,where treatments are smarter and less invasive, andsolutions are personal.Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity.Learn more at jnj.com

As guided by Our Credo, Johnson & Johnson is responsible to our employees who work with us throughout the world. We provide an inclusive work environment where each person is considered as an individual. At Johnson & Johnson, we respect the diversity and dignity of our employees and recognize their merit.

Job Function:

Legal & Compliance

Job Sub Function:

Enterprise Compliance

Job Category:

People Leader

All Job Posting Locations:

New Brunswick, New Jersey, United States of America

Job Description:

We are searching for the best talent for a Director, Privacy & Data Protection - Americas to be based in New Brunswick, NJ; Sao Paulo, Brazil; or Bogota, Colombia.

About Innovative Medicine

Our expertise in Innovative Medicine is informed and inspired by patients, whose insights fuel our science-based advancements. Visionaries like you work on teams that save lives by developing the medicines of tomorrow.

Join us in developing treatments, finding cures, and pioneering the path from lab to life while championing patients every step of the way.

Learn more at https://www.jnj.com/innovative-medicine

Purpose: The Director, Privacy & Data Protection for the Americas region serves as the senior regional privacy leader for Johnson & Johnson's IM Sector. This role provides strategic leadership, governance, and operational excellence across all privacy and data protection activities in the region. The Director ensures compliance with diverse Americas privacy laws, drives adoption of Johnson & Johnson's global Privacy Policies and Rulebook, and enables responsible data innovation across IM Commercial, Clinical, R&D, Digital Surgery/Robotics, and connecteddevice environments.

In carrying out its responsibility for ensuring privacy compliance, the Director leads a large, distributed network of named Privacy Stewards across IM Commercial, Clinical, and R&D functions throughout the Americas, with responsibility for execution of privacy requirements at the market level.

The role includes one direct report-a Senior Manager responsible for privacy leadership in the Latin America (LATAM) subregion.

This position reports to the Global Privacy & Data Protection Leader for the IM Sector and serves as a key contributor within the regional IM leadership ecosystem.

You will be responsible for:

Regional Leadership & Strategic Accountability

• Serve as the senior regional privacy executive for IM across the Americas, responsible for strategic leadership, directionsetting, and regulatory oversight.
• Translate the global IM privacy strategy into an Americas regional execution plan aligned with business priorities and legal requirements.
• Oversee daytoday privacy operations across the region, including governance, risk management, escalations, and regulatory engagement.
• Promote ethical, responsible, and innovative data use across IM Commercial, Clinical, R&D, Robotics, Digital, and connecteddevice programs.
• Represent privacy at regional leadership forums and partner with senior leaders across Commercial, Clinical, R&D, Technology, Quality, Supply Chain, and Medical Affairs.

Leadership of the Americas Privacy Operating Model

• Lead and develop regional and subregional privacy leaders across the Americas region.
• Manage one direct report-a Senior Manager for Latin America (LATAM)-providing coaching, strategic direction, and performance management.
• Establish governance routines, operating mechanisms, prioritization processes, and performance standards to ensure effective regional execution.

Direct Leadership of IM Privacy Stewards (Commercial, Clinical & R&D)

• Establish a community and oversee a large network (approximately 130) of named Privacy Stewards embedded in IM Commercial, Clinical, and R&D organizations across the Americas.
• Provide active support for PFDS deployment.
• Monitor Self-Assessment results and sharing of best practices across teams.
• Define Steward responsibilities, operational expectations, capabilitybuilding requirements, and quality standards.
• Act as the primary escalation point for Stewardraised risks, issues, or crossborder complexities.
• Ensure consistent implementation of the Privacy Policy, Rulebook, Specifications, and Global Privacy Organization (GPO) processes across all of the Americas markets.
• Drive maturity, operational consistency, and continuous improvement in the Steward community.

Strategic Business Partnership & Executive Guidance

• Establish a channel with the Business to communicate impactful regulatory changes and set compliance strategies.
• Provide expert privacy and dataethics guidance to leaders across IM Commercial, R&D, Clinical, Digital Surgery/Robotics, Data Science, Technology, and Medical Affairs.
• Privacy Assessment approvals (i.e. XIA) for all medium and high-risk data processing.
• Embed privacybydesign in product development, clinical research, digital platforms, connected devices, IoT systems, imaging technologies, and analytics programs.
• Deliver practical, businessfocused guidance on risk mitigation, regulatory interpretation, and complex privacy decision-making; and, as appropriate, document this guidance with a Rulebook Specification.
• Monitor and advise on emerging privacy, AI, digitalhealth, and clinicaldata regulations across the Americas.

Engagement with the Global Privacy Organization (GPO)

• Represent the Americas region in global privacy leadership forums, ensuring alignment with global privacy strategy, policies, modernization initiatives, and enterprise processes.
• Work closely with Privacy Centers of Excellence, backoffice teams, and governance groups to implement globally consistent solutions and recommend and drive enhancements that meet IM's regional needs.
• Contribute to privacyrelated transformation initiatives to enhance operational simplicity, agility, and scalability.
• Support the translation of recurring IM Americas privacy use cases into global Specifications and playbooks.

Governance, Risk Management, Compliance & Regulatory Interaction

• Lead regional governance routines, privacy reviews, reporting mechanisms, and riskmanagement processes.
• Participation in periodic Management Reviews of Privacy Self-Assessment results by the Business.
• Oversee DPIAs, Legitimate Interest Assessments, highrisk processing reviews, incident response, and remediation activities.
• Ensure compliance with GDPR, UK GDPR, national privacy laws, AI regulations, digitalhealth frameworks, and emerging requirements relevant to IM operations.
• Provide privacy leadership during acquisitions, integrations, and divestitures within the IM Sector in the Americas.
• Support regulatory inquiries, audits, and consultations across the Americas markets.

Qualifications/Requirements:

Technical Expertise

• Strong expertise in GDPR, UK GDPR, and major Americas data protection laws.
• Deep knowledge of IM environments, including clinical data, product lifecycle data, and commercial data environments.
• Experience with privacybydesign, data governance, AI/ML governance, and crossborder data mechanisms.

Leadership

• Proven ability to lead complex privacy programs across multinational, matrixed organizations.
• Strong executive influence and strategic advisory experience across technical, clinical, and commercial functions.

People Leadership

• Demonstrated success leading large, distributed teams and extended steward networks.
• Strong coaching, mentoring, and talentdevelopment capabilities.

Stakeholder Management

• Exceptional communication, relationshipbuilding, and facilitation skills.
• Ability to translate complex regulatory requirements into clear, actionable business guidance.

Business Acumen

• Strong understanding of IM business models, connecteddevice ecosystems, clinical operations, product development lifecycles, and digital transformation.
• Demonstrated ability to drive modernization and enable responsible, innovative uses of data.

Ideal Candidate Profile:

A strategic, collaborative privacy leader with deep IM business understanding, strong regulatory expertise, and a track record of navigating complex technical, clinical, and commercial environments. The ideal candidate demonstrates operational excellence, strategic clarity, strong people leadership, and the ability to responsibly enable datadriven innovation across the Americas region.

Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.

Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants' needs. If you are an individual with a disability and would like to request an accommodation, please email the Employee Health Support Center (ra-employeehealthsup@its.jnj.com) or contact AskGS to be directed to your accommodation resource.

Please note that this role is available across multiple countries and may be posted under different requisition numbers to comply with local requirements. While you are welcome to apply to any or all of the postings, we recommend focusing on the specific country(s) that align with your preferred location(s):

Brazil & Colombia - Requisition Number: R-078276

Remember, whether you apply to one or all of these requisition numbers, your applications will be considered as a single submission.

Required Skills:

Preferred Skills:

Audit and Compliance Trends, Audit Findings and Recommendations, Compliance Management, Compliance Policies, Compliance Risk, Confidentiality, Consulting, Controls Compliance, Developing Others, Inclusive Leadership, Leadership, Legal Function, Legal Services, Policy Development, Risk Management Framework, Tactical Planning, Team Management

The anticipated base pay range for this position is :

$150,000.00 - $258,750.00

Additional Description for Pay Transparency:

Subject to the terms of their respective plans, employees are eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)).
This position is eligible to participate in the Company's long-term incentive program.
Subject to the terms of their respective policies and date of hire, employees are eligible for the following time off benefits:
Vacation -120 hours per calendar year
Sick time - 40 hours per calendar year; for employees who reside in the State of Colorado -48 hours per calendar year; for employees who reside in the State of Washington -56 hours per calendar year
Holiday pay, including Floating Holidays -13 days per calendar year
Work, Personal and Family Time - up to 40 hours per calendar year
Parental Leave - 480 hours within one year of the birth/adoption/foster care of a child
Bereavement Leave - 240 hours for an immediate family member: 40 hours for an extended family member per calendar year
Caregiver Leave - 80 hours in a 52-week rolling period10 days
Volunteer Leave - 32 hours per calendar year
Military Spouse Time-Off - 80 hours per calendar year
For additional general information on Company benefits, please go to: https://www.careers.jnj.com/employee-benefits