Johnson & Johnson Careers

Senior Counsel, Cybersecurity and Privacy

New Brunswick, New Jersey
Corporate Law

Job Description

Requisition ID: 5148181022

Johnson & Johnson Law Department is currently recruiting for a Senior Counsel, Cybersecurity and Privacy to provide support and legal advice on cybersecurity related matters to relevant groups within the Johnson & Johnson organization. You will also provide support on transactions from a privacy and/or cybersecurity perspective to law department contracting colleagues supporting the Johnson & Johnson Procurement and Supplier Contracting Services organizations and other attorneys as needed.

Caring for the world, one person at a time has inspired and united the people of Johnson & Johnson for over 125 years. We embrace research and science -- bringing innovative ideas, products and services to advance the health and well-being of people. Employees of the Johnson & Johnson Family of Companies work with partners in health care to touch the lives of over a billion people every day, throughout the world.

With $76.5 billion in 2017 sales, Johnson & Johnson is the world's most comprehensive and broadly-based manufacturer of health care products, as well as a provider of related services, for the consumer, pharmaceutical, and medical devices markets. There are more than 265 Johnson & Johnson operating companies employing approximately 126,500 people and with products touching the lives of over a billion people every day, throughout the world.  If you have the talent and desire to touch the world, Johnson & Johnson has the career opportunities to help make it happen.

Job responsibilities:

•             Provides cybersecurity and privacy legal support for complicated legal matters raised by J&J’s global Procurement organization that involve the processing of personal information (a/k/a personal data), data protection, and cybersecurity. Assists with resolution of escalations of privacy and cyber related contract matters. Examples of types of projects that may be supported by this role include projects involving global systems, initiatives involving novel technologies, or the multi-jurisdictional cross-border transfer of personal data.

•             Provides legal support to the Johnson & Johnson Technology Information Security and Risk management group on cybersecurity related matters. The attorney will also support other business and functional stakeholders on legal aspects of cyber risks and controls, including assessing and escalating legal risks under relevant cybersecurity regulations and providing guidance on industry practices.

•             Collaborates with J&J Technology colleagues on the development and maintenance of policies and procedures to ensure that adequate technical and administrative controls are implemented in conformance with applicable cybersecurity/privacy laws and regulations.

•             Supports and collaborates with contracting personnel and Law Department attorneys on complex transactions across J&J’s global enterprise by providing guidance on applicable privacy and cybersecurity laws and regulations, J&J’s established policies and position(s), and implications for cybersecurity and privacy data safeguards/controls, including assisting with creation and updates of contract templates.

•             Creates and delivers cybersecurity/privacy training to the Law Department, Supplier Contracting Services, and other J&J organizations, as requested.  Must maintain current knowledge of applicable cybersecurity laws and standards.

•             Ensures contractual and policy alignment with J&J Technology on data safeguards and cybersecurity for particularly complex or sensitive processing activities.

•             Assists with other privacy contracting and cybersecurity initiatives and projects as directed.


•             A Juris Doctorate or equivalent is required

•             Licensed attorney in good standing in at least one state or jurisdiction

•             Experience with industry and general cyber security and privacy regulations (including, but not limited to, NIST, ISO, SEC, US HIPAA and EU GDPR).  Familiarity with health care and/or technology regulations preferred.

•             Ability to draft, analyze, and interpret complex data privacy and cyber security contract terms, and to demonstrate attention to detail for reviewing contract language for conformity to policies.

•             Familiarity with innovative tools and resources that may impact privacy, data protection and cybersecurity, such as controls within big data lakes, AI / machine learning and IoT.

•             Ability to manage multiple tasks concurrently, continuously prioritize and reprioritize multiple competing critical actions and projects to ensure maximum value to the business.

•             Ability to manage multi-jurisdictional assignments.

•             Must be detail-oriented, organized, and self-motivated, and able to work independently under time pressures.

•             Must be committed to demonstrating the highest ethical standards in all interactions, including with colleagues, peers, stakeholders, business partners, and external parties.

•             Certifications preferred:  CIPT, CISSP or CEH.

•             Ability to travel up to 15-20% both domestically and internationally is required.


Johnson & Johnson Family of Companies are equal opportunity employers, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, protected veteran status, disability status, or any other characteristic protected by law.

Primary Location
United States-New Jersey-New Brunswick-
Johnson & Johnson (6067)
Job Function
Corporate Law
Requisition ID