Senior Managing Counsel, Privacy & Cybersecurity (Americas) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Solventum · 20 hours ago

Senior Managing Counsel, Privacy & Cybersecurity (Americas)

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level, Lead/Staff
money$207K/yr - $253K/yr
date8+ years exp

Solventum is a new healthcare company focused on improving lives through innovative solutions. The Sr. Managing Counsel, Privacy & Cybersecurity will lead legal support for privacy and cybersecurity efforts, ensuring compliance and managing legal risks across the company's operations in the Americas.

Medical Device
badNo H1Bnote

Responsibilities

Provide expert legal counsel to Privacy and Cybersecurity teams to ensure compliance with contractual commitments and regulatory obligations related to data privacy and security
Conduct privacy and data protection impact assessments to ensure sensitive health data is used in compliance with privacy regulations and contractual rights
Advise cybersecurity teams on incident response and investigations, ensuring proper documentation to minimize risks, protect privacy, and fulfill legal obligations during and after security incidents
Collaborate with Procurement and business contracting teams to draft, negotiate, and maintain privacy/data protection terms in contracts and agreements
Lead the company’s legal response to product vulnerabilities, information security breaches, and cyber events, including advising on regulatory notifications at federal, state, and international levels
Counsel IT operations, security teams, and business units on developing and implementing cybersecurity plans, incident response strategies, and compliance with industry standards and regulations
Work closely with Cybersecurity, Procurement, and Legal teams to manage third-party risks, including creating contract templates, negotiation frameworks, and advising on third-party audits and assessments
Advise on the de-identification, pseudonymization, and anonymization of sensitive health data
Provide guidance to business and product teams on data handling requirements based on sensitivity and compliance standards
Implement 'privacy by design' principles in product development processes and contribute to product risk assessments
Stay informed on emerging global regulatory requirements impacting data privacy and security and advise the business accordingly
Develop and provide legal content for privacy training programs, awareness campaigns, and compliance with sensitive health information handling requirements

Qualification

Juris DoctorData privacy lawCybersecurity lawHIPAA complianceUS privacy lawsCybersecurity standardsGlobal privacy lawsLegal writingAnalytical skillsProject managementCommunication skillsLeadership skills

Required

Juris Doctor (JD) from an accredited law school or Law degree
8 years of experience in data privacy and cybersecurity law, ideally within the life sciences, healthcare, medical devices, or similarly regulated industries
Expertise in US data privacy laws and regulations, including HIPAA and US state consumer privacy laws (e.g., CCPA, CPA, etc.)
Expertise in advising on cybersecurity, including product vulnerability, incident response, and legal obligations arising from privacy and security incidents
Experience in advising on cybersecurity standards such as PCI DSS, the NIST Cybersecurity Framework, and the NIS2 Directive

Preferred

Experience in Canada and LATAM data privacy laws and regulations, including LGPD, PIPEDA and the Privacy Act
Familiarity with medical device regulations (FDA, FD&C Act) related to data privacy and security is a plus
Experience managing HIPAA compliance programs and addressing legal issues related to health data
Experience working with IT systems, data management, and collaborating with both technical teams and senior leadership
Excellent written, verbal, and presentation skills, with the ability to communicate complex legal matters in a clear, concise manner to non-legal stakeholders
Strong analytical and strategic thinking skills, with the ability to solve complex legal challenges
Highly organized, detail-oriented, and committed to maintaining high ethical standards and professionalism
Proven ability to prioritize multiple projects and work under tight deadlines in a fast-paced, dynamic environment
Expertise in global data privacy laws (including GDPR) and AI laws (including EU AI Act)
Relevant privacy and cybersecurity certifications (e.g., CIPP/US, AIGP, CIPP, CIPM, CIPP/E, CIPT, CHPS, CHPC, CISSP) are preferred but not required
Extensive experience in negotiating and drafting technology transactions and data protection agreements with customers, vendors, and partners
Ability to manage legal and regulatory compliance across diverse frameworks
Proven leadership skills with the ability to engage with internal stakeholders and lead significant projects
High responsiveness and client-focused, with an ability to manage and nurture strong internal relationships
Preference for experience working within or with the life sciences industry

Benefits

Medical
Dental & Vision
Health Savings Accounts
Health Care & Dependent Care Flexible Spending Accounts
Disability Benefits
Life Insurance
Voluntary Benefits
Paid Absences
Retirement Benefits

Company

Solventum

twitter
company-logo
At Solventum, we enable better, smarter, safer healthcare to improve lives. We never stop solving for you.
people-size10001+ employees
web-link
https://www.solventum.com/

Funding

Current Stage
Late Stage
Company data provided by crunchbase