Job Description Summary

#LI-Hybrid
Location: Home Worker, UK or Barcelona, Spain

We're looking for a visionary legal leader to join us as Global Head AI and Data Privacy Legal, where you'll shape the future of Artificial intelligence (AI), data privacy (including data privacy in cybersecurity incidents) across the organization. This role involves providing and organizing legal advice to support compliance with global data privacy regulations (including EU AI Act, FTC, HIPAAA and state AI regulations, GDPR, CCPA, and other relevant legislation), to support the development and implementation of AI and data privacy policies and procedures and providing legal guidance in these areas.

Job Description

Key Responsibilities:

• Leadership and Management: Lead and manage the global Data Privacy and AI Legal team, providing direction, mentorship, and development opportunities. Ensure a close working relationship with the Novartis Data Privacy, Digital & AI (DPDAI) function (which resides in the Ethics Risk and Compliance (ERC) function), within Legal and across the enterprise.
• Policy Development: Contribute to Enterprise AI Governance and support the development, implementation, and maintenance of AI and data privacy policies and procedures to ensure a responsible use of AI, protect personal data. Track evolving global AI and data privacy laws (e.g., EU AI Act, OECD AI principles, US AI laws, UK DPDI) and translate requirements into actionable guidance.
• Strategic Legal Guidance: Provide and organize expert legal advice and guidance on AI use cases and data privacy issues to internal stakeholders, including senior management, ERC, IT, and P&O. Manage outside counsel for advice on AI and data privacy legal issues as needed.
• Risk Management: Support the identification and mitigation of AI, data privacy and cybersecurity risks conducting regular assessments in close collaboration with DPDAI, IT and business teams.
• Training and Awareness: Support the development and delivery of training programs to educate employees on AI and data privacy best practices and legal requirements.
• Incident Response: Lead and support the legal response to AI-related incidents, date privacy data breaches (including in and cybersecurity incidents), ensuring timely and effective resolution.
• Collaboration: Collaborate with cross-functional teams, including ERC, IT, security, P&O, Legal and the business to ensure an integrated approach to AI and data privacy. Collaborate to influence policy/legislation, including within trade associations, and update senior management on AI and data privacy legal developments. Represent the company in global regulatory discussions, industry groups, and associations on AI and data privacy matters.
• Reporting: Prepare and present reports on AI and data privacy compliance and incidents to senior management and regulatory authorities.

Essential Requirements:

• University degree in law; admission to the bar highly preferred.
• Proven working experience on AI (in particular in relation to the EU AI Act) and data privacy, including in cybersecurity matters and ethics in a multi-disciplinary and international setting, as well as significant experience assessing AI systems from a legal and compliance perspective (including risk categorization, audit requirements, transparency obligations, and lifecycle governance).
• Several years of experience in leading a team of lawyers.
• Excellent leadership, communication, and analytical skills paired with the ability to manage complex legal issues and provide clear, actionable advice.
• Relevant certifications such as certifications related to AI ethics, compliance, and CIPP/E, CIPP/US, CIPM are required.
• Strong ethical standards and integrity.
• Ability to work in a fast-paced, dynamic environment.
• Proficiency in English (written and spoken).

Desirable Requirements:

• Experience in a multinational company. Experience in the healthcare and/or tech sectors is preferred.

Commitment to Diversity and Inclusion:

Novartis is committed to building an outstanding, inclusive work environment and diverse teams representative of the patients and communities we serve.

Skills Desired