Organon is recruiting for an Associate Director, Privacy. In this role, you will report to the Chief Privacy Officer (based in the US) and will be a key member of the Global Privacy Office. The experienced privacy professional will provide privacy compliance expertise and guidance to various stakeholders and business teams to facilitate compliance with privacy regulatory requirements and relevant internal policies, procedures, and privacy standards. You will provide privacy support to global markets including Europe (including United Kingdom and Switzerland).
As Associate Director, Privacy you will also assist with the development, implementation, and maintenance of policies and procedures; manage privacy incidents/breaches, conduct training, manage the record of processing activities, negotiate privacy contract clauses; monitor relevant global privacy and data protection laws and regulations, and other privacy-related duties as assigned.
This experienced privacy professional will also serve as the European Data Protection Officer (DPO) and will ensure compliance with GDPR and other applicable data privacy and data protection laws and regulations.
Primary Responsibilities:
- Support the privacy compliance efforts of the Chief Privacy Officer, the Global Privacy Team, and the Network of Privacy Stewards, including supporting the Company’s compliance with applicable global privacy laws.
- Engage in negotiations of privacy and data protection provisions.
- Assist with evaluation of supplier privacy assessments and data protection impact assessments.
- Participate in privacy-related meetings, including providing regular updates on key privacy issues and updates on new and changing regulations.
- Assess and execute upon recommendations and guidance with respect to the Global Privacy Program.
- Assist with identifying and assessing privacy compliance risks, and recommend and implement mitigation strategies.
- Assist with maintenance and updates to privacy policies and notices, internal policies and procedures, and training materials.
- Conduct privacy training to business teams and privacy network.
- Manage records of processing operations under the responsibility of the Company.
- Provide guidance consistent with law, privacy standards, and company policy; appropriately balance division/function/corporate business objectives and privacy risks.
- Serve as point of contact for business colleagues including privacy network and legal colleagues including advising on privacy regulations and activities and leading regional meetings.
Skills, Qualifications & Experience:
- Degree in Law, Risk Management, Corporate Compliance or equivalent experience.
- Certified Information Privacy Professional (CIPP) with specialty in European privacy law preferred, but not required.
- Expertise in global and European data protection laws and practice and an in-depth understanding of the GDPR.
- Understanding of privacy risk assessment and best practices, privacy standards and certifications.
- Ability to provide direct legal or compliance support and business solutions for privacy, security, data protection, or equivalent functions in a large, regulated, and matrixed organization.
- Experience in pharmaceutical, medical device, and/or biotech companies is preferred but not required.
- Experience incorporating privacy by design and privacy regulatory requirements into business processes and programs.
- Understanding of information technology and information security practices.
- Strong ability to influence across functional groups and country businesses to gain cooperation and alignment on issues and objectives.
- Demonstrated ethical mindset and integrity; ability to exercise sound judgment, and to influence.
- Ability to manage multiple projects simultaneously and prioritize activity in alignment with business goals and compliance requirements.