Senior Managing Counsel, Privacy & Cybersecurity (Americas)

Thank you for your interest in joining Solventum. Solventum is a new healthcare company with a long legacy of solving big challenges that improve lives and help healthcare professionals perform at their best. At Solventum, people are at the heart of every innovation we pursue. Guided by empathy, insight, and clinical intelligence, we collaborate with the best minds in healthcare to address our customers’ toughest challenges. While we continue updating the Solventum Careers Page and applicant materials, some documents may still reflect legacy branding. Please note that all listed roles are Solventum positions, and our Privacy Policy: https://www.solventum.com/en-us/home/legal/website-privacy-statement/applicant-privacy/ applies to any personal information you submit. As it was with 3M, at Solventum all qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Job Description:

At Solventum, we enable better, smarter, safer healthcare to improve lives. As a new company with a long legacy of creating breakthrough solutions for our customers’ toughest challenges, we pioneer game-changing innovations at the intersection of health, material and data science that change patients' lives for the better while enabling healthcare professionals to perform at their best. Because people, and their wellbeing, are at the heart of every scientific advancement we pursue.

We partner closely with the brightest minds in healthcare to ensure that every solution we create melds the latest technology with compassion and empathy. Because at Solventum, we never stop solving for you.

The Impact You’ll Make in this Role

The Sr. Managing Counsel, Privacy & Cybersecurity (USAC & LATAM) will lead the legal support for privacy and cybersecurity efforts across the company’s USAC and LATAM operations.  The role involves advising and collaborating with the IT, cybersecurity, business and functional teams, and external partners to manage legal risks related to data security and privacy.  This position will play a key role in strengthening the company's security posture, ensuring compliance, and overseeing security and compliance assessments across applications, processes, products, and vendors.  The Sr. Managing Counsel will report to the Chief Privacy Officer and the Vice President of Information and Digital, based in the United States.
•    Provide expert legal counsel to Privacy and Cybersecurity teams to ensure compliance with contractual commitments and regulatory obligations related to data privacy and security. 
•    Conduct privacy and data protection impact assessments to ensure sensitive health data is used in compliance with privacy regulations and contractual rights. 
•    Advise cybersecurity teams on incident response and investigations, ensuring proper documentation to minimize risks, protect privacy, and fulfill legal obligations during and after security incidents. 
•    Collaborate with Procurement and business contracting teams to draft, negotiate, and maintain privacy/data protection terms in contracts and agreements. 
•    Lead the company’s legal response to product vulnerabilities, information security breaches, and cyber events, including advising on regulatory notifications at federal, state, and international levels. 
•    Counsel IT operations, security teams, and business units on developing and implementing cybersecurity plans, incident response strategies, and compliance with industry standards and regulations. 
•    Work closely with Cybersecurity, Procurement, and Legal teams to manage third-party risks, including creating contract templates, negotiation frameworks, and advising on third-party audits and assessments.
•    Advise on the de-identification, pseudonymization, and anonymization of sensitive health data. 
•    Provide guidance to business and product teams on data handling requirements based on sensitivity and compliance standards. 
•    Implement “privacy by design” principles in product development processes and contribute to product risk assessments. 
•    Stay informed on emerging global regulatory requirements impacting data privacy and security and advise the business accordingly. 
•    Develop and provide legal content for privacy training programs, awareness campaigns, and compliance with sensitive health information handling requirements.

Your skills & Expertise

To set you up for success in this role from day one, Solventum requires (at a minimum) the following qualifications:

• Juris Doctor (JD) from an accredited law school or Law degree

• 8 years of experience in data privacy and cybersecurity law, ideally within the life sciences, healthcare, medical devices, or similarly regulated industries

• Expertise in US data privacy laws and regulations, including HIPAA and US state consumer privacy laws (e.g., CCPA, CPA, etc.).

• Expertise in advising on cybersecurity, including product vulnerability, incident response, and legal obligations arising from privacy and security incidents

• Experience in advising on cybersecurity standards such as PCI DSS, the NIST Cybersecurity Framework, and the NIS2 Directive.

Additional qualifications that could help you succeed even further in this role include:

• Experience in Canada and LATAM data privacy laws and regulations, including LGPD, PIPEDA and the Privacy Act.

• Familiarity with medical device regulations (FDA, FD&C Act) related to data privacy and security is a plus.

• Experience managing HIPAA compliance programs and addressing legal issues related to health data.

• Experience working with IT systems, data management, and collaborating with both technical teams and senior leadership.

• Excellent written, verbal, and presentation skills, with the ability to communicate complex legal matters in a clear, concise manner to non-legal stakeholders.

• Strong analytical and strategic thinking skills, with the ability to solve complex legal challenges.

• Highly organized, detail-oriented, and committed to maintaining high ethical standards and professionalism.

• Proven ability to prioritize multiple projects and work under tight deadlines in a fast-paced, dynamic environment.

• Expertise in global data privacy laws (including GDPR) and AI laws (including EU AI Act).

• Relevant privacy and cybersecurity certifications (e.g., CIPP/US, AIGP, CIPP, CIPM, CIPP/E, CIPT, CHPS, CHPC, CISSP) are preferred but not required.

• Extensive experience in negotiating and drafting technology transactions and data protection agreements with customers, vendors, and partners.

• Ability to manage legal and regulatory compliance across diverse frameworks.

• Proven leadership skills with the ability to engage with internal stakeholders and lead significant projects.

• High responsiveness and client-focused, with an ability to manage and nurture strong internal relationships.

• Preference for experience working within or with the life sciences industry.

Work location: Remote - United States

Travel: May include up to 20% domestic travel

Relocation Assistance: Not authorized

Must be legally authorized to work in the country of employment without sponsorship for employment visa status (e.g., H1B status).

Supporting Your Well-being 

Solventum offers many programs to help you live your best life – both physically and financially. To ensure competitive pay and benefits, Solventum regularly benchmarks with other companies that are comparable in size and scope. 

Applicable to US Applicants Only:The expected compensation range for this position is $207,348 - $253,425, which includes base pay plus variable incentive pay, if eligible. This range represents a good faith estimate for this position. The specific compensation offered to a candidate may vary based on factors including, but not limited to, the candidate’s relevant knowledge, training, skills, work location, and/or experience. In addition, this position may be eligible for a range of benefits (e.g., Medical, Dental & Vision, Health Savings Accounts, Health Care & Dependent Care Flexible Spending Accounts, Disability Benefits, Life Insurance, Voluntary Benefits, Paid Absences and Retirement Benefits, etc.). Additional information is available at: https://www.solventum.com/en-us/home/our-company/careers/#Total-Rewards

Responsibilities of this position include that corporate policies, procedures and security standards are complied with while performing assigned duties.

Solventum is committed to maintaining the highest standards of integrity and professionalism in our recruitment process.  Applicants must remain alert to fraudulent job postings and recruitment schemes that falsely claim to represent Solventum and seek to exploit job seekers.

Please note that all email communications from Solventum regarding job opportunities with the company will be from an email with a domain of @solventum.com. Be wary of unsolicited emails or messages regarding Solventum job opportunities from emails with other email domains.

Please note, Solventum does not expect candidates in this position to perform work in the unincorporated areas of Los Angeles County.

Solventum is an equal opportunity employer.  Solventum  will not discriminate against any applicant for employment on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status.

Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly.

Solventum Global Terms of Use and Privacy Statement

Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at Solventum are conditioned on your acceptance and compliance with these terms.

Please access the linked document by clicking here, select the country where you are applying for employment, and review. Before submitting your application you will be asked to confirm your agreement with the
terms.