Skip to main content

Learn about our healthcare areas

Explore medicine and therapy products
Explore MedTech products

Find our latest news, stories and press releases

Delivering long-term value for our stakeholders

Explore career opportunities and more

Impacting health for humanity

Search Results

No Matching Results

    Recently Viewed

    Listening...

    Sorry, I don't understand. Please try again
    Legal & Compliance São Paulo / Bogotá Distrito Capital / Brazil / Colombia

    Director, Privacy & Data Protection - Americas

    Apply now
    Share
    Download (1)

    Description

    At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at jnj.com.

    As guided by Our Credo, Johnson & Johnson is responsible to our employees who work with us throughout the world. We provide an inclusive work environment where each person is considered as an individual. At Johnson & Johnson, we respect the diversity and dignity of our employees and recognize their merit.

    Job Function:

    Legal & Compliance

    Job Sub Function:

    Enterprise Compliance

    Job Category:

    People Leader

    All Job Posting Locations:

    Bogotá, Distrito Capital, Colombia, São Paulo, Brazil

    Job Description:

    We are searching for the best talent for a Director, Privacy & Data Protection - Americas to be based in New Brunswick, NJ; Sao Paulo, Brazil; or Bogota, Colombia.

    About Innovative Medicine

    Our expertise in Innovative Medicine is informed and inspired by patients, whose insights fuel our science-based advancements. Visionaries like you work on teams that save lives by developing the medicines of tomorrow.

    Join us in developing treatments, finding cures, and pioneering the path from lab to life while championing patients every step of the way.

    Learn more at https://www.jnj.com/innovative-medicine

    Purpose: The Director, Privacy & Data Protection for the Americas region serves as the senior regional privacy leader for Johnson & Johnson’s IM Sector. This role provides strategic leadership, governance, and operational excellence across all privacy and data protection activities in the region. The Director ensures compliance with diverse Americas privacy laws, drives adoption of Johnson & Johnson’s global Privacy Policies and Rulebook, and enables responsible data innovation across IM Commercial, Clinical, R&D, Digital Surgery/Robotics, and connected‑device environments.

    In carrying out its responsibility for ensuring privacy compliance, the Director leads a large, distributed network of named Privacy Stewards across IM Commercial, Clinical, and R&D functions throughout the Americas, with responsibility for execution of privacy requirements at the market level.

    The role includes one direct report—a Senior Manager responsible for privacy leadership in the Latin America (LATAM) sub‑region.

    This position reports to the Global Privacy & Data Protection Leader for the IM Sector and serves as a key contributor within the regional IM leadership ecosystem.

    You will be responsible for:

    Regional Leadership & Strategic Accountability

    • Serve as the senior regional privacy executive for IM across the Americas, responsible for strategic leadership, direction‑setting, and regulatory oversight.

    • Translate the global IM privacy strategy into an Americas regional execution plan aligned with business priorities and legal requirements.

    • Oversee day‑to‑day privacy operations across the region, including governance, risk management, escalations, and regulatory engagement.

    • Promote ethical, responsible, and innovative data use across IM Commercial, Clinical, R&D, Robotics, Digital, and connected‑device programs.

    • Represent privacy at regional leadership forums and partner with senior leaders across Commercial, Clinical, R&D, Technology, Quality, Supply Chain, and Medical Affairs.

    Leadership of the Americas Privacy Operating Model

    • Lead and develop regional and sub‑regional privacy leaders across the Americas region.

    • Manage one direct report—a Senior Manager for Latin America (LATAM)—providing coaching, strategic direction, and performance management.

    • Establish governance routines, operating mechanisms, prioritization processes, and performance standards to ensure effective regional execution.

    Direct Leadership of IM Privacy Stewards (Commercial, Clinical & R&D)

    • Establish a community and oversee a large network (approximately 130) of named Privacy Stewards embedded in IM Commercial, Clinical, and R&D organizations across the Americas.

    • Provide active support for PFDS deployment.

    • Monitor Self-Assessment results and sharing of best practices across teams.

    • Define Steward responsibilities, operational expectations, capability‑building requirements, and quality standards.

    • Act as the primary escalation point for Steward‑raised risks, issues, or cross‑border complexities.

    • Ensure consistent implementation of the Privacy Policy, Rulebook, Specifications, and Global Privacy Organization (GPO) processes across all of the Americas markets.

    • Drive maturity, operational consistency, and continuous improvement in the Steward community.

    Strategic Business Partnership & Executive Guidance

    • Establish a channel with the Business to communicate impactful regulatory changes and set compliance strategies.

    • Provide expert privacy and data‑ethics guidance to leaders across IM Commercial, R&D, Clinical, Digital Surgery/Robotics, Data Science, Technology, and Medical Affairs.

    • Privacy Assessment approvals (i.e. XIA) for all medium and high-risk data processing.

    • Embed privacy‑by‑design in product development, clinical research, digital platforms, connected devices, IoT systems, imaging technologies, and analytics programs.

    • Deliver practical, business‑focused guidance on risk mitigation, regulatory interpretation, and complex privacy decision-making; and, as appropriate, document this guidance with a Rulebook Specification.

    • Monitor and advise on emerging privacy, AI, digital‑health, and clinical‑data regulations across the Americas.

    Engagement with the Global Privacy Organization (GPO)

    • Represent the Americas region in global privacy leadership forums, ensuring alignment with global privacy strategy, policies, modernization initiatives, and enterprise processes.

    • Work closely with Privacy Centers of Excellence, back‑office teams, and governance groups to implement globally consistent solutions and recommend and drive enhancements that meet IM’s regional needs.

    • Contribute to privacy‑related transformation initiatives to enhance operational simplicity, agility, and scalability.

    • Support the translation of recurring IM Americas privacy use cases into global Specifications and playbooks.

    Governance, Risk Management, Compliance & Regulatory Interaction

    • Lead regional governance routines, privacy reviews, reporting mechanisms, and risk‑management processes.

    • Participation in periodic Management Reviews of Privacy Self-Assessment results by the Business.

    • Oversee DPIAs, Legitimate Interest Assessments, high‑risk processing reviews, incident response, and remediation activities.

    • Ensure compliance with GDPR, UK GDPR, national privacy laws, AI regulations, digital‑health frameworks, and emerging requirements relevant to IM operations.

    • Provide privacy leadership during acquisitions, integrations, and divestitures within the IM Sector in the Americas.

    • Support regulatory inquiries, audits, and consultations across the Americas markets.

    Qualifications/Requirements:

    Technical Expertise

    • Strong expertise in GDPR, UK GDPR, and major Americas data protection laws.

    • Deep knowledge of IM environments, including clinical data, product lifecycle data, and commercial data environments.

    • Experience with privacy‑by‑design, data governance, AI/ML governance, and cross‑border data mechanisms.

    Leadership

    • Proven ability to lead complex privacy programs across multinational, matrixed organizations.

    • Strong executive influence and strategic advisory experience across technical, clinical, and commercial functions.

    People Leadership

    • Demonstrated success leading large, distributed teams and extended steward networks.

    • Strong coaching, mentoring, and talent‑development capabilities.

    Stakeholder Management

    • Exceptional communication, relationship‑building, and facilitation skills.

    • Ability to translate complex regulatory requirements into clear, actionable business guidance.

    Business Acumen

    • Strong understanding of IM business models, connected‑device ecosystems, clinical operations, product development lifecycles, and digital transformation.

    • Demonstrated ability to drive modernization and enable responsible, innovative uses of data.

    Ideal Candidate Profile:

    A strategic, collaborative privacy leader with deep IM business understanding, strong regulatory expertise, and a track record of navigating complex technical, clinical, and commercial environments. The ideal candidate demonstrates operational excellence, strategic clarity, strong people leadership, and the ability to responsibly enable data‑driven innovation across the Americas region.

    Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.

    Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants’ needs. If you are an individual with a disability and would like to request an accommodation, please email the Employee Health Support Center (ra-employeehealthsup@its.jnj.com) or contact AskGS to be directed to your accommodation resource.

    Please note that this role is available across multiple countries and may be posted under different requisition numbers to comply with local requirements. While you are welcome to apply to any or all of the postings, we recommend focusing on the specific country(s) that align with your preferred location(s):

    United States - Requisition Number: R-078024

    Remember, whether you apply to one or all of these requisition numbers, your applications will be considered as a single submission.

    Required Skills:

    Preferred Skills:

    Audit and Compliance Trends, Audit Findings and Recommendations, Compliance Management, Compliance Policies, Compliance Risk, Confidentiality, Consulting, Controls Compliance, Developing Others, Inclusive Leadership, Leadership, Legal Function, Legal Services, Policy Development, Risk Management Framework, Tactical Planning, Team Management

    Director, Privacy & Data Protection - Americas

    Apply now
    Share

    Not ready for a new role right now?

    No worries. Join our talent community and we’ll reach out when we post new jobs that may match your interests and skills so you can apply when the time is right.

    Sign up in 2 minutes
    Man reading on phone