Director, Privacy & Data Protection, Americas

• Job title Director, Privacy & Data Protection, Americas
• Function Legal & Compliance
• Sub function Enterprise Compliance
• Category Director, Enterprise Compliance (PL9)
• Location New Brunswick / United States of America
• Date posted May 22 2026
• Requisition number R-078026
• Work pattern Hybrid Work

This job posting is anticipated to close on May 29 2026. We may however extend this time period, in which case the posting will remain available on www.careers.jnj.com to accept additional applications.

Description

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at jnj.com

As guided by Our Credo, Johnson & Johnson is responsible to our employees who work with us throughout the world. We provide an inclusive work environment where each person is considered as an individual. At Johnson & Johnson, we respect the diversity and dignity of our employees and recognize their merit.

Job Function:

Job Sub Function:

Job Category:

All Job Posting Locations:

Job Description:

We are searching for the best talent for Director, Privacy & Data Protection, Americas to join our Global Legal Organization located in New Brunswick, NJ.

Please note that this role is available across multiple countries and may be posted under different requisition numbers to comply with local requirements. While you are welcome to apply to any or all of the postings, we recommend focusing on the specific country(s) that align with your preferred location(s):

Colombia and Brazil - Requisition Number: R-078280

Remember, whether you apply to one or all of these requisition numbers, your applications will be considered as a single submission.

About MedTech

Fueled by innovation at the intersection of biology and technology, we’re developing the next generation of smarter, less invasive, more personalized treatments.

Your unique talents will help patients on their journey to wellness. Learn more at https://www.jnj.com/medtech

The Director, Privacy & Data Protection for the Americas region serves as the senior regional privacy leader for Johnson & Johnson’s MedTech Sector. This role provides strategic leadership, governance, and operational excellence across all privacy and data protection activities in the region. The Director ensures compliance with diverse Americas privacy laws, drives adoption of Johnson & Johnson’s global Privacy Policies and Rulebook, and enables responsible data innovation across MedTech Commercial, Clinical, R&D, Digital Surgery/Robotics, and connected‑device environments.

In carrying out its responsibility for ensuring privacy compliance, the Director leads a large, distributed network of named Privacy Stewards across MedTech Commercial, Clinical, and R&D functions throughout the Americas, with responsibility for execution of privacy requirements at the market level.

This position reports to the Global Privacy & Data Protection Leader for the MedTech Sector and serves as a key contributor within the regional MedTech leadership ecosystem.

Key Responsibilities

1. Regional Leadership & Strategic Accountability

• Serve as the senior regional privacy executive for MedTech across the Americas, responsible for strategic leadership, direction‑setting, and regulatory oversight.
• Translate the global MedTech privacy strategy into an Americas regional execution plan aligned with business priorities and legal requirements.
• Oversee day‑to‑day privacy operations across the region, including governance, risk management, escalations, and regulatory engagement.
• Promote ethical, responsible, and innovative data use across MedTech Commercial, Clinical, R&D, Robotics, Digital, and connected‑device programs.
• Represent privacy at regional leadership forums and partner with senior leaders across Commercial, Clinical, R&D, Technology, Quality, Supply Chain, and Medical Affairs.
  

2. Leadership of the Americas Privacy Operating Model

• Lead and develop regional and sub‑regional privacy leaders across the Americas region.
• Manage one direct report—a Senior Manager for Latin America (LATAM)—providing coaching, strategic direction, and performance management.
• Establish governance routines, operating mechanisms, prioritization processes, and performance standards to ensure effective regional execution.
  

3. Direct Leadership of MedTech Privacy Stewards (Commercial, Clinical & R&D)

• Establish a community and oversee a large network (approximately 130) of named Privacy Stewards embedded in MedTech Commercial, Clinical, and R&D organizations across the Americas.
• Provide active support for PFDS deployment.
• Monitor Self-Assessment results and sharing of best practices across teams.
• Define Steward responsibilities, operational expectations, capability‑building requirements, and quality standards.
• Act as the primary escalation point for Steward‑raised risks, issues, or cross‑border complexities.
• Ensure consistent implementation of the Privacy Policy, Rulebook, Specifications, and Global Privacy Organization (GPO) processes across all of the Americas markets.
• Drive maturity, operational consistency, and continuous improvement in the Steward community.
  

4. Strategic Business Partnership & Executive Guidance

• Establish a channel with the Business to communicate impactful regulatory changes and set compliance strategies.
• Provide expert privacy and data‑ethics guidance to leaders across MedTech Commercial, R&D, Clinical, Digital Surgery/Robotics, Data Science, Technology, and Medical Affairs.
• Privacy Assessment approvals (i.e. XIA) for all medium and high-risk data processing.
• Embed privacy‑by‑design in product development, clinical research, digital platforms, connected devices, IoT systems, imaging technologies, and analytics programs.
• Deliver practical, business‑focused guidance on risk mitigation, regulatory interpretation, and complex privacy decision-making; and, as appropriate, document this guidance with a Rulebook Specification.
• Monitor and advise on emerging privacy, AI, digital‑health, and clinical‑data regulations across the Americas.

5. Engagement with the Global Privacy Organization (GPO)

• Represent the Americas region in global privacy leadership forums, ensuring alignment with global privacy strategy, policies, modernization initiatives, and enterprise processes.
• Work closely with Privacy Centers of Excellence, back‑office teams, and governance groups to implement globally consistent solutions and recommend and drive enhancements that meet MedTech’s regional needs.
• Contribute to privacy‑related transformation initiatives to enhance operational simplicity, agility, and scalability.
• Support the translation of recurring MedTech Americas privacy use cases into global Specifications and playbooks.
  

6. Governance, Risk Management, Compliance & Regulatory Interaction

• Lead regional governance routines, privacy reviews, reporting mechanisms, and risk‑management processes.
• Participation in periodic Management Reviews of Privacy Self-Assessment results by the Business.
• Oversee DPIAs, Legitimate Interest Assessments, high‑risk processing reviews, incident response, and remediation activities.
• Ensure compliance with GDPR, UK GDPR, national privacy laws, AI regulations, digital‑health frameworks, and emerging requirements relevant to MedTech operations.
• Provide privacy leadership during acquisitions, integrations, and divestitures within the MedTech Sector in the Americas.
• Support regulatory inquiries, audits, and consultations across the Americas markets.
  

Qualifications & Experience

• A minimum of a Bachelor's degree is required.
  

Technical Expertise

• Strong expertise in GDPR, UK GDPR, and major Americas data protection laws.
• Deep knowledge of MedTech environments, including clinical data, product lifecycle data, device telemetry, robotics/digital surgery platforms, and connected devices.
• Experience with privacy‑by‑design, data governance, AI/ML governance, and cross‑border data mechanisms.
  

Leadership

• Proven ability to lead complex privacy programs across multinational, matrixed organizations.
• Strong executive influence and strategic advisory experience across technical, clinical, and commercial functions.
  

People Leadership

• Demonstrated success leading large, distributed teams and extended steward networks.
• Strong coaching, mentoring, and talent‑development capabilities.
  

Stakeholder Management

• Exceptional communication, relationship‑building, and facilitation skills.
• Ability to translate complex regulatory requirements into clear, actionable business guidance.

Business Acumen

• Strong understanding of MedTech business models, connected‑device ecosystems, clinical operations, product development lifecycles, and digital transformation.
• Demonstrated ability to drive modernization and enable responsible, innovative uses of data.

Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.

Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants’ needs. If you are an individual with a disability and would like to request an accommodation, external applicants please contact us via https://www.jnj.com/contact-us/careers .Internal employees contact AskGS to be directed to your accommodation resource.

Required Skills:

Preferred Skills:

The anticipated base pay range for this position is :

Additional Description for Pay Transparency: