Job Description

Band

Level 5# Hybrid

Location: Basel, Switzerland or Munich or Nuremberg Germany

There are separate requisitions for Switzerland and Germany—please make sure you apply to the correct role for your preferred base location

Relocation: This role is based in Munich or Nuremberg-Germany. Novartis is unable to offer relocation support—please apply only if this location is accessible for you.

At Novartis, data and AI are helping us reimagine medicine—while trust remains non negotiable. As Head Data Privacy & AI Compliance for Switzerland and Germany, you will enable innovation responsibly by making sure our teams can use data and AI confidently, ethically, and in line with evolving regulations. You will lead the country DPDAI agenda, guide senior stakeholders on practical solutions, and provide clear assurance through strong risk management and governance—helping protect patients, employees, and partners every day.

• Lead DPDAI for Switzerland and Germany, ensuring strong local implementation of Novartis’ global Data Privacy & AI program.
• Manage and develop the German DPDAI team; set clear priorities, ways of working, and delivery standards.
• Serve as Data Privacy Officer for the Swiss Novartis entities.
• Partner with business and functional leaders to enable responsible data and AI use—providing clear, pragmatic regulatory advice.
• Translate global policies and standards into practical country guidance (e.g., consent, secondary use, retention/destruction, and cross‑border transfers).
• Act as the first point of contact for interpretation and application of group‑wide DPDAI policies, procedures, and guidelines.
• Horizon‑scan for emerging privacy and AI legislation; assess impact and drive timely country adoption of required changes.
• Own the country DPDAI risk strategy—identify, assess, and escalate key risks through governance channels, including senior leadership reporting where needed.
• Oversee privacy notices, procedures, training, and response processes (e.g., access requests and complaints) in line with global standards.
• Maintain evidence and risk/control documentation in OneTrust and related frameworks, enabling timely remediation by the business.
• Represent Novartis in relevant industry groups and associations on privacy and AI topics.

Requirements

Essential

• Law degree or business degree with executive education in data privacy (Swiss and German context).
• Proven people leadership experience.
• Deep knowledge of global data privacy and AI regulatory regimes and how to apply them in practice.
• Hands‑on experience designing and running privacy/AI compliance programs, controls, and governance.
• Ability to operate effectively in complex, multi‑country regulatory environments.
• Strong stakeholder management and influencing skills across business and functional teams.
• Fluent in German and English.

Desirable

• Experience in an international law firm and/or in a data privacy & AI compliance function within a multinational organisation.
• Relevant certifications (e.g., CIPP/E, CIPM, AIGP, or AI ethics/compliance credentials).
• Experience in the pharmaceutical, life sciences, or healthcare sector.

Commitment to Diversity & Inclusion:

Novartis is committed to building an outstanding, inclusive work environment and diverse teams representative of the patients and communities we serve.

Adjustments for Applicants with Disabilities:

The law provides for severely disabled / equal applicants the opportunity to involve the local representative body for disabled employees (SBV) in the application process. If you would like to request this, please let us know in advance as a note on your CV.

Skills Desired

Auditing, Business Continuity Management (BCM), Business Networking, Computer Clusters, Electronic Components, Internal Auditing, Law (Legal System), Market Risk, Operational Risks, Operation Risk Management, People Management, Regulatory Compliance Management, Risk Assessments, Risk Compliance (Inactive), Risk Management, Software Frameworks