Executive Director, Compliance

Job Description

We are seeking a skilled privacy professional to help drive our privacy strategy, implement our global privacy program, ensure compliance with global data protection laws, enable innovation in an evolving and highly regulated digital landscape, and foster a culture of responsible data stewardship across the organization. 

The Deputy Chief Privacy Officer reports to the Chief Privacy Officer and will manage a team of professionals located globally.

The Global Privacy Office is comprised of two teams.  One team is responsible for counseling internal stakeholders on privacy matters, as well as engaging with external organizations, data subjects, and regulators.  The other team drives program governance and privacy operations, supporting privacy compliance through the development and maintenance of program strategy, processes, tools, and assurance.  The primary responsibility of the Deputy Chief Privacy Officer is to lead the team responsible for internal and external stakeholder engagement, working in close partnership with the operations lead.

Specific responsibilities include:

• Oversee the team of Regional Privacy Leads and privacy professionals who engage directly with internal company stakeholders on matters related to privacy compliance, including privacy by design, Privacy Impact Assessments, Data Protection Impact Assessments, and adherence to our Policies, Rulebook Standards, and Specifications.

• Monitor the evolving global regulatory landscape, including tracking and analyzing new data protection laws, assessing potential impact to ensure timely adaptation of existing business practices, and effectively communicating with impacted stakeholders.

• Serve as a member of the Company’s Privacy & Data Protection Board (PDPB), which provides overall governance and strategic oversight to the Global Privacy Program.

• Provide privacy support for new global business development opportunities.

• Provide privacy support for the research organization, including global clinical trial operations.

• Partner with the Chief Privacy Officer, our company's internal policy teams, and external organizations, including privacy consortia and think tanks, to educate global lawmakers on industry best practices and requirements for effective global clinical research.

• Co-lead our network of 250+ Global Privacy Stewards who help implement the global privacy program in counties and divisions across the enterprise.

• Support investigations of potential privacy incidents, including fact-finding, analysis of reporting requirements under applicable data protection law, potential engagement with data protection authorities, coordinating cross-functional incident response, and driving resolution.

Education and Certifications

• Juris Doctor (J.D.).

• Certified Information Privacy Professional (CIPP) certification preferred.

Required Experience and Skills

• 10+ years of direct Privacy experience in a large, global corporation or law firm.  Legal or compliance experience in the pharmaceutical or life sciences industry preferred.

• An in-depth understanding of global privacy, AI, and cybersecurity laws and regulations, global enforcement frameworks, and industry-leading best practices.

• Demonstrated experience with privacy assessments, leading incident response efforts, data governance best practices, privacy contracting and contract negotiation, vendor due diligence, and emerging digital technologies.

• Excellent communication, leadership, and interpersonal skills, with the ability to help manage a global team (in-person and virtual), influence change across a vast and highly matrixed global organization, and effectively communicate privacy-related issues across all divisions and levels.

• Solution-oriented mindset with strong problem-solving skills.

Current Employees apply HERE

Current Contingent Workers apply HERE

US and Puerto Rico Residents Only:

Our company is committed to inclusion, ensuring that candidates can engage in a hiring process that exhibits their true capabilities. Please click here if you need an accommodation during the application or hiring process.

As an Equal Employment Opportunity Employer, we provide equal opportunities to all employees and applicants for employment and prohibit discrimination on the basis of race, color, age, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or other applicable legally protected characteristics.  As a federal contractor, we comply with all affirmative action requirements for protected veterans and individuals with disabilities.  For more information about personal rights under the U.S. Equal Opportunity Employment laws, visit:

EEOC Know Your Rights

EEOC GINA Supplement​

We are proud to be a company that embraces the value of bringing together, talented, and committed people with diverse experiences, perspectives, skills and backgrounds. The fastest way to breakthrough innovation is when people with diverse ideas, broad experiences, backgrounds, and skills come together in an inclusive environment. We encourage our colleagues to respectfully challenge one another’s thinking and approach problems collectively.

Learn more about your rights, including under California, Colorado and other US State Acts

U.S. Hybrid Work Model

Effective September 5, 2023, employees in office-based positions in the U.S. will be working a Hybrid work consisting of three total days on-site per week, Monday - Thursday, although the specific days may vary by site or organization, with Friday designated as a remote-working day, unless business critical tasks require an on-site presence.This Hybrid work model does not apply to, and daily in-person attendance is required for, field-based positions; facility-based, manufacturing-based, or research-based positions where the work to be performed is located at a Company site; positions covered by a collective-bargaining agreement (unless the agreement provides for hybrid work); or any other position for which the Company has determined the job requirements cannot be reasonably met working remotely. Please note, this Hybrid work model guidance also does not apply to roles that have been designated as “remote”.

The Company is required to provide a reasonable estimate of the salary range for this job in certain states and cities within the United States. Final determinations with respect to salary will take into account a number of factors, which may include, but not be limited to the primary work location and the chosen candidate’s relevant skills, experience, and education.

Expected US salary range:

$206,200.00 - $324,600.00

Available benefits include bonus eligibility, long term incentive if applicable, health care and other insurance benefits (for employee and family), retirement benefits, paid holidays, vacation, and sick days. A summary of benefits is listed here.

San Francisco Residents Only: We will consider qualified applicants with arrest and conviction records for employment in compliance with the San Francisco Fair Chance Ordinance

Los Angeles Residents Only: We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance

Search Firm Representatives Please Read Carefully 
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company.  No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. 

Employee Status:

Regular

Relocation:

No relocation

VISA Sponsorship:

No

Travel Requirements:

10%

Flexible Work Arrangements:

Hybrid

Shift:

Not Indicated

Valid Driving License:

No

Hazardous Material(s):

N/A

Required Skills:

Business, Business, Business Consultations, Business Relationship Management (BRM), Clinical Judgment, Clinical Research, Compliance Program Development, Compliance Reporting, Confidentiality, Customer-Focused, Cybersecurity, Cybersecurity Law, Data Governance, Data Privacy, Data Privacy Law, Data Privacy Protection, Data Privacy Standards, Data Protection Impact Assessment (DPIA), Data Protection Privacy, Detail-Oriented, Digital Technology, Digital Trends, Global Team Collaboration, Influence, Innovation {+ 11 more}

 Preferred Skills:

Job Posting End Date:

06/5/2025

*A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.