Senior Director of Privacy, Information Security United States Marlborough, MA, United States Discover a Technology career with real meaning. One that offers the opportunity to showcase your talents, achieve measurable success and gain immense satisfaction by enabling healthier lives everywhere, every day. We are looking for a Privacy leader to join us on our mission to make our global security platform a solid differentiator in the Medical Technology industry. With your passion and energy in leading our global privacy program, you will ensure our organization's compliance with relevant privacy laws and regulations, and to safeguard the personal information of customers, employees, and partners. Reporting to our CISO, the Senior Director of Privacy, Information Security, is responsible for designing, operationalizing, and overseeing Hologic’s Global Privacy Program. You will develop privacy strategies, policies, and procedures to minimize risk and enable business objectives while maintaining the trust of stakeholders. **Responsibilities** + Serve as the leader for global privacy compliance, managing a team that ensures that privacy policies, requirements, and processes meet or exceed industry standards. + Develop scalable resources and processes to facilitate compliance with global privacy requirements + Oversee development and delivery of ongoing privacy training to employees. + Manage privacy compliance to ensure Hologic stays compliant with emerging global policies, regulations, and industry practices (e.g., GDPR, CCPA, HIPAA, etc.). + Deliver strategic privacy advice and insights to the executive leadership + Work closely with the CISO and CLO on privacy and security incidents, law enforcement requests, and internal investigations + Advise senior management and business units on privacy risks and mitigation strategies. + Provide privacy expertise to the Product team on product offerings, Commercial and R&D teams for new services and /or customer engagements, and the IT department on enterprise IT systems + Engage with the privacy legal community, including coordinating with external counsel + Lead and cultivate professional growth of a small but growing team of privacy professionals, including fostering an environment where members of your team are empowered to do the best work. + Serve as the primary point of contact for privacy-related inquiries, investigations, and regulatory requests. + Lead privacy impact assessments, data mapping, and gap analyses for new projects and processes. + Train and educate employees on privacy policies, data protection, and best practices. + Oversee incident response for privacy breaches, including investigation, notification, and remediation. + Manage relationships with regulators, external auditors, and other stakeholders regarding privacy matters. + Collaborate with IT, Legal, HR, Security, and other departments to ensure data protection and privacy compliance. + Maintain records of processing activities, data subject requests, and privacy risk assessments. + Monitor industry trends, regulatory changes, and emerging technologies that may impact privacy and data protection. **Minimum Qualifications** + At least 12 years of experience focusing on global privacy/data protection law + At least 5 - 8 years of leadership experience in building, developing and managing the operational aspects of privacy compliance programs for technology companies + Passionate about global privacy and data protection law, as well as medical device technology policy more broadly + A passion for people management, strong management skills, and a commitment to fostering diversity, inclusion, and a strong sense of belonging + A commitment to provide high quality client service and a strong desire to build trusted advisor relationships with key clients and executives + Ability to draft policies, advise, and provide recommendations that are clear, concise, and human readable, including the ability to simplify complex legal and technical scenarios + High standards of integrity, a commitment to personal excellence, strong judgment, and intellectual curiosity that takes your understanding, work product and client relationships to the next level **Preferred qualifications** + Masters degree or JD a plus + IAPP certification is a plus (CIPP-EU, CIPP-US, CIPM, CIPT, or similar) + Strong understanding of Enterprise IT systems, healthcare technology, connected device technology and cloud services + Knowledge of US federal and state privacy laws, such as the FTC Act, HIPAA, FCRA, GLBA, CAN-SPAM, COPPA, FERPA, VPPA, TCPA, BIPA, CCPA, CPRA, VCDPA, CPA, breach notification laws, and self-regulatory regimes (such as NAI and DAA). + Knowledge of global privacy laws, such as GDPR, China Data Protection Law, etc + Experience conducting privacy assessments and working with clients to develop data maps/records of processing. + Strong drafting skills and experience developing privacy policies and procedures, privacy impact assessments, and data processing agreements. + Strong oral and written communication skills as well as comfort with analyzing and interpreting laws and regulations and providing practical, implementable advice. The annualized base salary range for this role is $184,200 to $327,300 and is bonus eligible. Final compensation packages will ultimately depend on factors including relevant experience, skillset, knowledge, geography, education, business needs, and market demand. **Why Hologic?** We are committed to making Hologic the company where top talent comes to grow. For you to succeed, we want to enable you with the tools and knowledge required and so we provide comprehensive training when you join as well as continued development and training throughout your career. If you have the right skills and experience, **apply today!** \#LI-RF1 #SeniorDirector-level Agency and Third Party Recruiter Notice: Agencies that submit a resume to Hologic must have a current executed Hologic Agency Agreement executed by a member of the Human Resource Department. In addition Agencies may only submit candidates to positions for which they have been invited to do so by a Hologic Recruiter. All resumes must be sent to the Hologic Recruiter under these terms or they will not be considered. Hologic, Inc. is proud to be an Equal Opportunity Employer inclusive of disability and veterans.