Data Protection Counsel - Diegem
17/05/2022

Johnson & Johnson is the largest and most broadly based healthcare company in the world. They are producing life-changing breakthroughs every day and have been for the last 130 years.

The combination of new technologies and your expertise enables amazing things to happen. Teams from J&J’s consumer business are creating digital tools to help people track the health of their skin. Those working in medical devices are 3-D printing artificial joints personalized for each patient, while researchers in pharmaceuticals use AI to discover lifesaving drugs. Imagine what the rest of their team of 134,000 people at 260 companies in more than 60 countries across the world is accomplishing.

The J&J Law Department is recruiting a Legal Data Protection Counsel to provide digital privacy and cybersecurity legal support to their businesses in the European Union and United Kingdom.  

The role will provide legal support to business sectors across the EU and UK, dealing with sophisticated, novel and varied legal issues.

The scope of work includes:

• Providing legal support and advice on novel and complex digital privacy and cybersecurity requirements related to patient health data and medical technology.
• Assisting with the negotiation of cybersecurity and data privacy contract provisions with customers and suppliers that both protect the data and enable the Company’s compliant use of the data.
• Keeping up with rapidly evolving legislation and regulation in the fields of digital privacy, cybersecurity, data analytics, data science, artificial intelligence/machine learning, and regularly updating legal, privacy, security and business colleagues on these developments.
• Advising in product development phase (data sharing and analytics projects, software as a medical device, privacy-by-design, cyber security requirements).
• Dealing with customer and health care institution information security and data privacy requirements across the European region.
• Being involved in cyber security and data privacy certification processes
• Assisting with the negotiation of cyber security and data privacy provisions with customers and suppliers.
• Supporting strategic decision-making by business stakeholders in the areas of digital privacy and cybersecurity by providing any requested or needed legal assessments and recommendations.
• Counseling on data protection strategies for compliant international transfers of data.
• Assisting with response to privacy and security incidents, including advising on investigation and notification requirements.
• Supporting business development team (mergers, acquisitions, and strategic transactions) with privacy and cybersecurity diligence and advice.
• Shaping the external environment in Europe for digital analytics and health data management, cybersecurity and health technology (for instance, through professional industry associations and collaboration with our Government Affairs and Policy colleagues).
• Drafting and/or reviewing digital privacy and cybersecurity policies, SOPs and guidance documents.
• Collaborating on training on data privacy and information security compliance, together with other accountable functional groups, such as J&J Global Privacy and Information Security & Risk Management teams.

The EU Data Protection Counsel will be member of the Global Privacy & Cybersecurity Legal Team within the broader Digital Technology Legal Group, and will participate as a key member of regional stakeholder teams (such as the EU Global Privacy team). The role will report to the VP, Global Privacy & Cybersecurity Law, located in the United States.

• Law degree required. A supplementary degree or LLM is considered an asset.
• Excellent English fluency required, both written and orally; fluency in other languages spoken in the region preferred.
• Minimum 6 years of relevant professional experience in digital privacy, cyber security or data privacy is required; experience with technology and healthcare technologies in particular, is considered an asset.
• Experience with, or a demonstrably strong interest in, artificial intelligence, intelligent automation, and/or data science.
• Knowledge of technical jargon and the ability to translate it for colleagues that are not technical experts.
• Strong business acumen, and experience with complex contract negotiations.
• Prior experience working in a cross-functional, cross-country, and virtual environment preferred.
• Willingness to travel internationally up to 10% of the time.

Candidates should also possess the following skills and capabilities:

• Good self-awareness, constructive attitude, eager to seek and receive feed-back.
• Self-starter with drive for results and sense of ownership, but willing to take direction.
• Business-oriented and strategic thinking; ability to proactively engage with business stakeholders to find practical solutions and partner with them to implement actions and contribute to compliant long-term growth for the business.
• Ability to work independently and effectively across all levels of a matrixed organization.
• Comfortable working as part of different teams with different roles depending on circumstances (i.e., leading, participating, or observing), with diverse groups of people with different experiences and capabilities, and different business units, whose use of data and technology has different purposes and risks.
• Ability to handle conflicts in an open, respectful, and constructive manner.
• Ability to demonstrate and drive high ethical, legal, and compliance standards.
• Ability to deal with ambiguity, consider new business models and approaches, and simplify issues for clients.
• Excellent interpersonal and listening skills. Ability to speak up, present and actively participate in business and legal discussions.

You will be part of a dynamic team within an international organization. You will be offered a motivating and competitive remuneration package.