Corporate Counsel, Privacy and Data Security

Job Description

• This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Corporate Counsel, Privacy and Data Security in the United States. This role is a senior legal position focused on shaping and operationalizing enterprise-wide privacy, data protection, and data security governance within a fast-evolving healthcare and technology environment. The Corporate Counsel will act as a key advisor across the organization, helping define how data is responsibly used, shared, and protected across clinical, operational, and digital initiatives. This position plays a critical role in balancing regulatory compliance with innovation, enabling teams to move quickly while operating within clear legal and ethical guardrails. You will work closely with cross-functional stakeholders across legal, security, product, IT, and commercial teams to guide complex decisions involving sensitive data and emerging technologies. The environment is highly collaborative, fast-paced, and mission-driven, with strong exposure to enterprise strategy and executive leadership. This is a high-impact individual contributor role with broad organizational influence.
• Accountabilities: Lead and continuously evolve the enterprise privacy and data security governance framework, including policies, standards, and operational guidelines aligned with U.S. healthcare and privacy regulations. Provide legal guidance on data protection, healthcare privacy (including PHI), data security, retention, and compliant data use across products, analytics, and enterprise operations. Advise on high-risk and complex data initiatives, including digital tools, AI use cases, website tracking, member communications, and data-sharing arrangements. Draft, negotiate, and manage a wide range of commercial and technology agreements, including BAAs, SaaS contracts, NDAs, licensing agreements, and vendor arrangements. Lead privacy and data security incident response activities, including breach assessments, regulatory notifications, and coordination with internal and external stakeholders. Support regulatory audits, investigations, and compliance reviews while translating evolving legal and regulatory requirements into actionable business guidance. Collaborate with cross-functional teams to embed privacy-by-design principles into product development, procurement, marketing, and vendor management processes. Requirements: Active license to practice law with 6–8+ years of experience in privacy, data security, or related legal practice, preferably in healthcare or technology environments. Strong expertise in U.S. privacy and data protection laws, including HIPAA/HITECH, CCPA/CPRA, and other evolving state privacy regulations. Proven experience developing and operationalizing privacy programs, governance frameworks, policies, and scalable legal processes. Strong background in drafting and negotiating complex commercial agreements, including BAAs, SaaS contracts, and data protection terms. Experience handling privacy incidents, breach response processes, and regulatory communications or audits. Ability to translate complex legal and regulatory concepts into clear, practical guidance for business and technical stakeholders. Strong judgment, communication skills, and ability to influence across cross-functional and executive-level audiences in a fast-paced environment. Preferred experience in healthcare delivery systems, Medicare Advantage, value-based care, or AI/ML governance frameworks. Benefits: Competitive annual salary ranging from $153,000 to $191,300, based on experience and qualifications. Comprehensive healthcare benefits including medical, dental, and vision coverage. Retirement savings plan and additional financial wellness programs. Remote-first work model with flexibility across the United States. Paid time off, holidays, and additional leave policies supporting work-life balance. Exposure to enterprise-level strategic initiatives in a mission-driven healthcare environment. Professional growth opportunities in privacy law, healthcare regulation, and emerging technology governance.
• How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best! Why Apply Through Jobgether? Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time. #LI-CL1
• We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
• apply for this job