Global Privacy Officer

Role Summary

Reporting to the Chief Ethics and Compliance Officer, the Global Privacy Officer is a senior member of the Ethics, Compliance, and Privacy department responsible for developing, implementing, and continuously enhancing the global privacy program in alignment with regulatory requirements and industry best practices. The role leads a team of privacy professionals, collaborates across Finance, IT, ERM, HR, Legal, and other functions, and engages external advisors as needed to support the company’s objectives. The Global Privacy Officer possesses broad knowledge of privacy laws across the US, UK, EU, and other jurisdictions, designs comprehensive privacy programs for a pharmaceutical company with active R&D, and identifies privacy risks with effective mitigation strategies. The position works autonomously while collaborating across functions and departments and is committed to ethical decision-making.

Responsibilities

• Leads a team of privacy professionals to support the organization’s strategic objectives in compliance, ethics, and privacy by developing, implementing, and maintaining a global privacy program aligned with regulatory requirements and industry best practices.
• Serves as a key point of contact for privacy authorities in the US, UK, and EU as necessary; identifies privacy risk and designs mitigation strategies.
• Oversees data protection impact assessments (DPIAs), privacy risk assessments, and third‑party vendor evaluations; designs mitigation strategies as needed.
• Collects and analyzes data with the Senior Compliance Officer to detect emerging risk areas, deficient controls, or non-compliance; prepares reports/dashboards for stakeholders.
• Drafts global privacy policies, designs and delivers global privacy training programs for employees, contractors, and partners; leads investigations and responses to data breaches and privacy incidents, including regulatory reporting and remediation as needed.
• Promotes a privacy-first culture through ongoing education and engagement.
• Manages processes for handling data subject access requests (DSARs), consent management, and individual rights under GDPR and other laws.
• Leads cross-functional efforts to ensure compliance across R&D, clinical trials, marketing, HR, and digital platforms.
• Serves as a key member of the Ethics, Compliance, and Privacy lead team, coordinating with other leads to drive consistency in compliance and ethics across the company.
• Stays informed on new laws, regulations, and industry trends and ensures updates are reflected in the global privacy program.
• Assists Ethics, Compliance, and Privacy Department colleagues with projects outside primary responsibilities to achieve objectives and maintain a collaborative environment.

Qualifications

• 10–12 years of relevant pharmaceutical privacy experience in-house, with expertise in managing a global privacy program for a multinational organization.
• Law degree preferred, but not required.
• Deep understanding of global privacy regulations and their practical application.
• Experience managing privacy incidents and/or data breaches.
• Solid judgment and business acumen, with understanding of multinational pharmaceutical operations.
• Strong knowledge of privacy laws and regulations governing the pharmaceutical or healthcare industry in the US and internationally, including patient and employee data requirements.
• Experience working across multiple functions and geographies with a strong customer service orientation.
• Excellent communication skills, self-motivated, efficient, and able to manage a heavy workload; collaborative team player.
• Ability to work accurately with urgency and operate effectively in a fast-paced, dynamic environment.
• Strong interpersonal skills, diplomacy, flexibility, collaboration, and ability to interface across all levels and external parties; adaptable to diverse cultures.
• Effective management skills, capable of fostering enthusiasm, creativity, collaboration, and a positive team culture.

Additional Requirements

• Travel required