← back to jobs
> job detail
J
👽Other

Dir, Priv & Data Protection Officer APAC

jj · Singapore, Singapore
// classified as
Other (Adjacent or hard to classify.)
posted
<1d ago
location
Singapore, Singapore
languages
tools
> description

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at jnj.com.

As guided by Our Credo, Johnson & Johnson is responsible to our employees who work with us throughout the world. We provide an inclusive work environment where each person is considered as an individual. At Johnson & Johnson, we respect the diversity and dignity of our employees and recognize their merit.

Job Function:

Legal & Compliance

Job Sub Function:

Law Business Partners

Job Category:

Professional

All Job Posting Locations:

North Ryde, New South Wales, Australia, Singapore, Singapore

Job Description:

Johnson & Johnson announced plans to separate our Orthopaedics business to establish a standalone orthopaedics company, operating as DePuy Synthes. The process of the planned separation is anticipated to be completed within 18 to 24 months, subject to legal requirements, including consultation with works councils and other employee representative bodies, as may be required, regulatory approvals and other customary conditions and approvals. Should you accept this position, it is anticipated that, following conclusion of the transaction, you would be an employee of DePuy Synthes and your employment would be governed by DePuy Synthes employment processes, programs, policies, and benefit plans. In that case, details of any planned changes would be provided to you by DePuy Synthes at an appropriate time and subject to any necessary consultation processes.​

DePuy Synthes is recruiting for a Director, Privacy Officer & DPO, APAC, located in Singapore, Central Singapore OR North Ryde, Austrailia

This role serves as the senior privacy leader for DePuy Synthes in the region, with accountability for privacy governance and formal Data Protection Officer (DPO) duties. The Director, Privacy Officer & DPO provides strategic leadership to ensure compliance with global and local data protection laws while enabling responsible innovation across a complex medical technology organization. This role has significant enterprise impact, partnering closely with Legal, IT, Security, Health Care Compliance, HR, Commercial, Clinical, Medical Safety and HEMA, and R&D teams to embed privacy‑by‑design across business operations and digital products. 

Key Responsibilities 

  • Lead the implementation and ongoing oversight of the DePuy Synthes privacy program in the region, ensuring alignment with applicable local and regional data protection laws and regulations. 
  • Advise business partners on privacy and data protection requirements in all stages of R&D, product development, commercialization, clinical trials, HEMA activities and lifecycle management.  
  • Serve as the designated Data Protection Officer (DPO), acting as an independent advisor on data protection obligations and risk management. 
  • Lead efforts to embed privacy capabilities in named privacy stewards from relevant functions, including handling escalations, driving consistency and delivering ongoing training and education to the stewards. 
  • Identify any required regional-specific variants from global privacy policies, standards, and procedures to support compliant collection, use, transfer, and retention of personal data in the region. 
  • Provide strategic guidance to business leaders on privacy risks associated with new products, digital health solutions, clinical activities, and commercial initiatives. 
  • Oversee regional privacy impact assessments, data transfer assessments, and mitigation plans for high‑risk processing activities. 
  • Partner with Information Security and Legal teams to support incident response, breach management, and regulatory communications in the region when required. 
  • Lead privacy training and awareness programs to strengthen a culture of data protection and accountability across the organization. 
  • Monitor regional regulatory developments and emerging privacy risks, translating requirements into practical business guidance. 
  • Maintain external relationships with regional regulators and internal stakeholders to support audits, inquiries, inspections and data incident responses in conjunction with cross-functional partners. 
  • Provide support for data contracting processes, including for escalations.   

Qualifications 

Education 

  • Bachelor’s degree required, preferably in Law, Information Systems, Business, or a related field. 
  • Advanced degree (JD, LLM, MBA, or equivalent) preferred. 

Experience and Skills 

Required: 

  • Minimum 10–12 years of progressive experience in privacy, data protection, cybersecurity or related legal roles, including leadership responsibility, including in a complex global corporation or private practice. 
  • Demonstrated experience serving as, or supporting, a Data Protection Officer function within a regulated environment. 
  • Experience in privacy data regulations in the healthcare industry. 
  • Strong working knowledge of global privacy regulations (e.g., GDPR, APAC privacy frameworks) and their business application. 
  • Proven ability to influence senior leaders and operate effectively in a complex, global organization. 
  • Experience partnering with technology, security, and digital teams on privacy‑by‑design initiatives. 

Preferred: 

  • Specific data protection or privacy experience within medical devices, medtech, life sciences pharmaceutical industries or healthcare insurers or systems. 
  • Experience supporting global or regional privacy programs across multiple jurisdictions. 
  • Strong judgment, independence, and ability to manage sensitive matters with discretion and integrity. 
  • Prior engagement with regulators and supervisory authorities. 
  • Demonstrated people leadership or program leadership experience. 

Other: 

  • Language: Fluency in English required; experience with at least one additional regional languages expected. 
  • Travel: Up to 20% international travel. 
  • Certifications: Privacy certifications (e.g., CIPP/E, CIPP/A, CIPM) preferred. 

For more information on how we support the whole health of our employees throughout their wellness, career, and life journey, please visit www.careers.jnj.com

Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. 

 

Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants’ needs. If you are an individual with a disability and would like to request an accommodation, external applicants please contact us via https://www.jnj.com/contact-us/careers, internal employees contact AskGS to be directed to your accommodation resource. 

 

#LI-Hybrid 

#DePuySynthesCareers 

 

 

Required Skills:

 

 

Preferred Skills:

Business Agility, Collaborating, Commercial Laws, Compliance Management, Corporate Governance, Dispute Resolution, Lawyering, Legal Documents Preparation, Legal Services, Negotiation, Process Improvements, Representing, Risk Management, Strategic Thinking, Tactical Planning, Technical Credibility
Apply at jj