Global Privacy & Data Protection Leader – Innovative Medicine (IM) Sector

• Job title Global Privacy & Data Protection Leader – Innovative Medicine (IM) Sector
• Function Legal & Compliance
• Sub function Enterprise Compliance
• Category Senior Director, Enterprise Compliance (PL10)
• Location Brussels / Belgium
• Date posted May 21 2026
• Requisition number R-077559
• Work pattern Hybrid Work

Description

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at jnj.com.

As guided by Our Credo, Johnson & Johnson is responsible to our employees who work with us throughout the world. We provide an inclusive work environment where each person is considered as an individual. At Johnson & Johnson, we respect the diversity and dignity of our employees and recognize their merit.

Job Function:

Job Sub Function:

Job Category:

All Job Posting Locations:

Job Description:

The Johnson and Johnson Global Privacy Organization is recruiting for a Global Privacy & Data Protection Leader – Innovative Medicine (IM) Sector based in New Brunswick, NJ; Washington, DC or Brussels, BE.

The Global Privacy & Data Protection Leader – Innovative Medicine (IM) Sector serves as the senior-most privacy executive for the sector. This role provides global strategic leadership, governance, and oversight of all privacy and data protection activities across IM, partnering closely with executive leadership, regional teams, and country teams. The leader will shape long‑term strategy, ensure compliance with evolving global privacy regulations, and mature the organization’s privacy operating model while driving scalable, business‑aligned privacy practices aligned to our modernization mandate.

Crucially, this role will also champion innovative and ethical uses of data across the sector – ensuring privacy leaders not only protect the company, but actively enable new models of patient engagement, drug discovery, and product development that strengthen health outcomes and accelerate scientific progress.

This role reports directly to the Chief Privacy Officer and maintains a strong, influential partnership with IM Executives, representing the privacy function across global, regional, and market‑level leadership forums.

Key Responsibilities

Global Leadership & Strategic Accountability

• Provide end‑to‑end global oversight of Privacy & Data Protection for the Innovative Medicine (IM) Sector, ensuring robust governance, compliance, and risk management across all business units and geographies.

• Serve as the senior-most privacy leader for the IM Sector, representing the function to sector executives and leadership teams globally, regionally, and within markets.

• Define and drive the IM privacy strategy in alignment with Johnson & Johnson’s broader privacy, risk, and compliance priorities, ensuring business-aligned solutions that enable innovation while safeguarding data.

• Promote innovative and ethical uses of data to drive better health outcomes – ensuring privacy leadership actively enables new forms of patient engagement, advances in drug discovery, and data‑driven product development, not merely compliance protection.

Team Leadership & Operating Model Oversight

• Lead and develop a global team of senior Privacy leaders organized by major regions and global support capabilities ensuring they have the drive for excellence, capabilities, structure, and support required to manage regional privacy obligations.

• Oversee and optimize a leveraged network of Privacy Stewards embedded in business units across markets, ensuring consistent execution of privacy responsibilities and adherence to global standards and processes.

• Build a high‑performance culture emphasizing accountability, collaboration, subject‑matter excellence, and continuous improvement.

Executive Engagement & Strategic Guidance

• Partner with senior leaders at all levels to provide expert strategic guidance regarding the implications of global privacy laws, regulatory changes, and evolving risk landscapes.

• Offer practical, business‑oriented recommendations and guidance during design, deployment, and scaling of IM initiatives, digital transformations, AI programs, data‑driven products, and scientific collaborations.

• Serve as a catalyst for innovative data enablement – helping leadership leverage data responsibly to transform patient experiences, accelerate scientific insight, and fuel next‑generation medical advances.

Interaction with the Global Privacy Organization (GPO)

• Represent IM’s privacy needs and priorities within the Global Privacy Organization (GPO), collaborating closely with the enterprise privacy back office and center‑of‑excellence teams.

• Ensure IM sector demand, novel use cases, and operational requirements are triaged effectively, adhere to GPO’s documented policies, standards and processes, and receive accurate and timely guidance from GPO teams.

• Oversee the translation of recurring use cases into codified Specifications within the global Privacy Rulebook, ensuring consistency, clarity, and scalable operationalization.

Enterprise and Cross‑Functional Leadership

• Serve as a key member of the GPO Leadership Team, contributing to the enterprise privacy strategy, operating model modernization, and long‑term transformation initiatives.

• Champion the organization’s modernization mandate by driving initiatives that enhance simplicity, agility, speed, and effectiveness in privacy operations.

• Collaborate cross‑functionally with Legal, Compliance, IT, Cybersecurity, Data Science, IM Business, Quality, and Supply Chain to embed privacy into end‑to‑end business processes.

• Represent the Privacy function in appropriate external engagements with industry groups, think tanks, and regulators, as appropriate and aligned with the GPO External Engagement Strategy.

Governance, Risk Management & Compliance

• Oversee privacy risk assessments, regulatory readiness, incident response support, and the development of remediation strategies.

• Ensure consistent accountability for compliance across IM with J&J Policies & Standards and global privacy laws (e.g., GDPR, LGPD, PIPL, HIPAA, federal/state laws, and emerging regulations).

• Serve as a trusted advisor during interactions with regulatory bodies, auditors, and external partners when needed.

• Serve as a subject matter expert and provide appropriate support throughout A&D processes.

Job Qualifications, Education & Experience

Education

• Juris Doctor (JD) degree required.

• Concentration or advanced study in law, privacy, data protection, information governance, cybersecurity, public policy, or a related discipline strongly preferred.

Professional Experience

• Minimum of 12+ years of progressive experience in privacy, data protection, legal, compliance, or data governance roles within a complex, global organization.

• Significant experience operating at the enterprise or sector executive level, with accountability for global privacy strategy, governance, and regulatory compliance across multiple regions and jurisdictions.

• Demonstrated experience leading privacy and data protection programs within highly regulated, technology‑enabled environments, including pharmaceutical, life sciences, digital health, or adjacent industries.

• Proven track record of shaping and executing multi‑year privacy strategies that balance regulatory compliance, patient and customer trust, and business innovation.

• Experience partnering with executive leadership, including Sector Leaders, Executive Committees, and Board‑adjacent forums, to influence strategy and guide risk‑balanced decision‑making.

• Hands‑on experience supporting or overseeing major transformation initiatives, including modernization of operating models, simplification of processes, and scaling of global privacy services.

• Experience engaging with regulators, auditors, and external stakeholders, including preparation for regulatory inquiries, inspections, or audits.

• Exposure to mergers, acquisitions, and divestitures, including privacy due diligence, integration, and separation activities.

Privacy & Technical Expertise

• Deep expertise in global privacy and data protection laws and frameworks, including but not limited to GDPR, LGPD, PIPL, HIPAA, U.S. state privacy laws, and emerging global regulations.

• Strong understanding of complex data ecosystems, including software‑enabled services, data science environments, AI‑enabled solutions, digital platforms, and advanced analytics.

• Demonstrated ability to operationalize privacy requirements through governance, policies, standards, processes, and scalable operating models.

• Strong command of privacy‑by‑design principles and their application in product quality environments, product development, digital innovation, and patient engagement models.

Leadership & Organizational Capabilities

• Proven people leader with experience building, leading, and developing high‑performing global teams, including both direct reports and extended networks (e.g., embedded Privacy Stewards).

• Demonstrated ability to lead in highly matrixed environments, influencing without authority and aligning diverse stakeholders toward shared outcomes.

• Strong change leadership skills, with a history of successfully driving organizational transformation and cultural adoption.

• Exceptional executive communication and influencing skills, with the ability to translate complex privacy and regulatory concepts into clear, actionable business guidance.

Professional Attributes

• Strategic, forward‑thinking leader with strong business acumen and a pragmatic approach to risk management.

• Collaborative and trusted advisor mindset, operating effectively across Legal, Technology, IM Business, Digital, Quality, and Supply Chain functions.

• Demonstrated commitment to ethical data use, patient trust, and Johnson & Johnson’s Credo values.

• Results‑oriented, resilient, and capable of operating confidently in fast‑moving, ambiguous, and evolving environments.

Ideal Candidate Profile

A forward‑thinking, business‑savvy privacy executive with deep expertise, strong global leadership experience, and a proven ability to operate successfully at the highest levels of Johnson & Johnson. This leader brings strategic clarity, operational excellence, and a collaborative mindset, combining strong privacy stewardship with innovative thinking to ethically unlock data-driven insights that improve patient outcomes. They understand that privacy is not only a protective discipline but also a catalyst for responsible innovation, enabling new ways of patient engagement, breakthrough drug discovery, and next‑generation product development across the Innovative Medicine Sector.

Please note that this role is available across multiple countries and may be posted under different requisition numbers to comply with local requirements. While you are welcome to apply to any or all of the postings, we recommend focusing on the specific country(s) that align with your preferred location(s):

• Belgium - Requisition Number: R-077559

• US- Requisition Number: R-077818

Remember, whether you apply to one or all of these requisition numbers, your applications will be considered as a single

submission.

Required Skills:

Preferred Skills: