The candidate who fills this roll will join Pfizer’s Global Privacy Office and will report to the Chief Privacy Officer within the Legal Division at Pfizer's New York City Headquarters. Although the position is located in the United States, a significant portion of position involves supporting privacy issues globally.
The successful candidate will establish and maintain a dynamic working relationship with Corporate Governance and other business clients. Contractual responsibilities include:
- Enabling the development and execution of data driven business initiatives while ensuring compliance with global data privacy and information security laws.
- Guiding Pfizer’s business leaders and effectively counseling multiple client groups in a matrix organization to ensure that privacy and data protectionrisk is managedeffectively, including in the following areas:
- Internet of things (IoT), mobile apps, wearables, artificial intelligence (AI), software as medical devices, digital marketing initiatives
- Clinical research/collaboration, secondary use of data and real world data acquisition
- Management of data incidents and support of Pfizer’s data breach response readiness program
- Vendor contract strategy, including review and negotiation of privacy and security terms.
- Updating and developing new policies, procedures, and guidance documents as needed across markets, divisions, and functional areas of Pfizer.
- Support of Business Technology and Global Security to ensure that a robust data security program is maintained and the privacy implications of information management and oversight are addressed.
- Conducting factual investigations and risk assessments of how the company obtains, uses, stores and shares personal information across data lifecycle.
- Managing and coordinating with local lawyers in country to facilitate markets’ compliance with global and regional requirements, and enable implementation of privacy policies and procedures.
- Responsibilities will include legal support to workstreams and processes relating to the EU General Data Protection Regulation (GDPR).
- Educating business clients through targeted counseling, training and awareness programs.
- Managing outside counsel and third party consulting firms on discreet projects.
- At least four years of privacy experience at a law firm or in-house legal department, ideally with an international component
- Excellent oral and written communication skills, including strong oral presentation and project management skills
- Strong interpersonal skills
- A high degree of credibility, independence, integrity and trust and ability to work effectively and sensitively in a matrix organization across multiple geographies and cultures often with senior leaders while managing a high volume of varied projects
- Sound and practical business judgment and decision making
- Privacy professional certification
- Knowledge of the healthcare/pharmaceutical industry preferred, but not required
- A knowledge of information technology as it relates to privacy and data protection risks.
- JD from accredited law school, demonstrated academic achievement, and current bar membership in good standing
- The ability to travelinternationally approximately 10-20%