Senior Managing Counsel, Privacy & Cybersecurity (Americas)

Solventum

Job Overview

Location

USA

Job Type

Full-time

Full Job Description

📋 Description

• As the Senior Managing Counsel, Privacy & Cybersecurity (Americas) at Solventum, you will be instrumental in safeguarding the company's sensitive data and ensuring robust privacy and cybersecurity practices across its USAC and LATAM operations.
• This pivotal role involves providing expert legal counsel and strategic guidance to cross-functional teams, including IT, cybersecurity, business units, and external partners, to proactively manage and mitigate legal risks associated with data security and privacy.
• You will play a critical role in enhancing Solventum's overall security posture, ensuring unwavering compliance with global and regional regulations, and overseeing comprehensive security and compliance assessments for applications, internal processes, product offerings, and third-party vendors.
• Reporting directly to the Chief Privacy Officer and the Vice President of Information and Digital, you will be a key advisor in shaping the company's approach to data protection and cyber resilience.
• Your responsibilities will include providing expert legal advice to the Privacy and Cybersecurity teams, ensuring strict adherence to contractual obligations and regulatory mandates concerning data privacy and security.
• You will lead and conduct thorough privacy and data protection impact assessments, verifying that sensitive health data is handled in full compliance with all applicable privacy regulations and contractual rights.
• A significant part of your role will be advising cybersecurity teams on effective incident response and investigation protocols, ensuring meticulous documentation to minimize legal risks, protect individual privacy, and fulfill all legal obligations during and after any security incidents.
• You will collaborate closely with Procurement and business contracting teams to expertly draft, negotiate, and maintain critical privacy and data protection terms within all company contracts and agreements.
• You will spearhead the company's legal response to product vulnerabilities, information security breaches, and significant cyber events, providing essential guidance on regulatory notifications at federal, state, and international levels.
• You will counsel IT operations, security teams, and various business units on the development and implementation of comprehensive cybersecurity plans, effective incident response strategies, and adherence to relevant industry standards and regulations.
• Working in tandem with Cybersecurity, Procurement, and Legal teams, you will manage third-party risks by developing contract templates, establishing negotiation frameworks, and providing expert advice on third-party audits and assessments.
• You will offer specialized guidance on the de-identification, pseudonymization, and anonymization of sensitive health data, ensuring compliance and ethical handling.
• Provide clear and actionable guidance to business and product development teams regarding data handling requirements, considering data sensitivity and applicable compliance standards.
• Champion and implement “privacy by design” principles throughout the product development lifecycle, actively contributing to product risk assessments from a legal and privacy perspective.
• Maintain a proactive stance by staying abreast of emerging global regulatory requirements impacting data privacy and security, and advising the business on necessary adaptations and strategies.
• Develop and deliver essential legal content for comprehensive privacy training programs, awareness campaigns, and ensure compliance with sensitive health information handling requirements across the organization.
• This role requires a deep understanding of the healthcare and life sciences sector, enabling you to navigate its unique privacy and security challenges effectively.
• You will be a key contributor to building a culture of privacy and security consciousness throughout Solventum, ensuring that legal considerations are integrated into business operations at every level.
• The position offers the opportunity to shape the legal framework for privacy and cybersecurity at a new, dynamic healthcare company with a strong legacy, impacting patient care and healthcare professional enablement.
• You will work remotely within the United States, with potential for up to 20% domestic and international travel, offering a blend of autonomy and engagement.
• This role is crucial for maintaining trust with patients, healthcare providers, and regulatory bodies by ensuring the highest standards of data protection and cybersecurity are met.

🎯 Requirements

• Juris Doctor (JD) from an accredited law school or equivalent law degree.
• Minimum of 8 years of experience specifically in data privacy and cybersecurity law, preferably within the life sciences, healthcare, medical devices, or similarly regulated industries.
• Demonstrated expertise in global data privacy laws (including GDPR) and emerging AI laws (including the EU AI Act).
• Profound knowledge of US data privacy laws and regulations, including HIPAA and key US state consumer privacy laws (e.g., CCPA, CPA, etc.).
• Proven expertise in advising on cybersecurity matters, including product vulnerability management, incident response, and legal obligations arising from privacy and security incidents.
• Experience advising on cybersecurity standards such as PCI DSS and the NIST Cybersecurity Framework.

🏖️ Benefits

• Competitive salary range ($211,600 - $290,950) plus potential for variable incentive pay.
• Comprehensive benefits package including Medical, Dental & Vision insurance, Health Savings Accounts (HSAs), and Flexible Spending Accounts (FSAs).
• Robust retirement benefits and life insurance options.
• Opportunities for professional development and continuous learning in a dynamic industry.
• Remote work flexibility within the United States, allowing for a better work-life balance.

Skills & Technologies

Senior

Remote

$211k-290k

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Solventum

Visit Website

About Solventum

Solventum Corporation is an independent, NYSE-listed healthcare company spun off from 3M in April 2024. Headquartered in Maplewood, Minnesota, we unite 22,000 “solvers” across 38 countries who create breakthrough products for wound care, oral care, health-information technology, and biopharma filtration. Our portfolio includes trusted brands such as 3M™ Clarity™ Orthodontics, Veraflo™ and Prevena™ Therapy Systems, and Littmann® Stethoscopes. By merging deep clinical insight with digital innovation, we enable better, smarter, safer patient outcomes while offering free continuing-education programs for healthcare professionals. Never stopping until healing is solved, we turn momentum into measurable impact for providers, payers, and patients worldwide.

View Company Profile