Work Schedule

Environmental Conditions

Job Description

Thermo Fisher Scientific is seeking a dedicated and strategic Senior Privacy Specialist, Corporate Counsel to join our Global Privacy and Technology Office (GPTO). This role provides the chance to collaborate with both business and legal teams across a diverse range of technologies and services. The ideal candidate will bring experience advising on privacy matters in highly regulated environments, such as pharmaceutical or clinical research, and will have a pragmatic approach to solving complex problems.

We seek a candidate who is inquisitive, enthusiastic about taking on challenges, and passionate about encouraging innovation while maintaining privacy and ethical data practices!

How You Will Make an Impact

The main duty of the Senior Privacy Specialist position is to maintain the organization's consistency with privacy and data security regulations on a global scale. They must have the capacity to lead and take ownership of multiple projects and work independently, but to also be confident enough to raise concerns where appropriate.

This individual will:

• Provide clear, actionable legal guidance on global data protection laws, regulations, and standards (e.g., GDPR, CCPA/CPRA, HIPAA).
• Draft, review, and negotiate data protection terms in global agreements, including client/vendor contracts, business associate agreements (BAAs), and agreements for the transfer of data.
• Identify and analyze potential privacy risks and assist in conducting risk evaluations (e.g., DPIAs, assessments related to HIPAA security).
• Collaborate with teammates on privacy-by-design initiatives for innovative technology, digital health tools, or artificial intelligence systems.
• Work closely with collaborators in Legal, IT, and Commercial teams to integrate privacy into systems and processes.
• Advise on and be responsible for the full lifecycle of subject access requests and other individual rights under applicable privacy laws.
• Support the company’s HIPAA Privacy Officer in implementing and maintaining HIPAA-compliant policies, procedures, and training.
• Be responsible for legal developments and provide timely updates to business partners and legal colleagues regarding relevant changes in data protection law.
• Partake in sharing knowledge and developing standard methodology across the GPTO.

Keys to Success

Education and Knowledge

• Juris doctorate degree or equivalent.
• Active license to practice law in at least one jurisdiction.
• Certifications such as IAPP (CIPP/E, CIPP/US, CIPM) desirable.
• Fluency in business English required; proficiency in other languages is a plus.

Experience

• Must have 4–6 years of expertise in safeguarding information and upholding privacy laws, with a preference for experience in a multinational corporation or regulated sector.
• Strong solid grasp of global privacy frameworks, including HIPAA and data transfer mechanisms (e.g., SCCs, TIAs).
• Experience performing and advising on Data Protection Impact Assessments (DPIAs), Transfer Impact Assessments (TIAs), or HIPAA Security Risk Assessments.
• Proven skill in coordinating complex projects with multiple collaborators across jurisdictions.
• Skilled in simplifying legal issues and presenting risk in practical, business-friendly terms.
• Familiarity and understanding of privacy management platforms such as TrustArc or OneTrust.
• Self-starter with strong judgment and a collaborative mentality.
• Passion for continuous learning and creative problem-solving.