Counsel II

Job Description – Counsel II – Privacy, AI, and Data Governance (Remote)Reporting to the Assistant General Counsel, Privacy, AI, and Data Governance, this Counsel II position provides legal and operational guidance to Omnicell's data privacy, information security, artificial intelligence, and data governance programs and stakeholders. Responsibilities include (i) developing and implementing comprehensive privacy, AI, and data governance frameworks; (ii) ensuring compliance with evolving data protection, security, and AI regulations across multiple jurisdictions; (iii) serving as a trusted business partner to engineering, security, compliance, IT, and other internal stakeholders; (iv) managing vendor risk assessments and leading negotiations on data processing agreements, security terms, and AI-related contracts; and (v) ensuring that Omnicell's Privacy by Design frameworks are maintained and continue to evolve in accordance with future business needs and regulatory developments. Successful candidates will be both results-driven and client-focused.ResponsibilitiesDevelop, implement, and maintain privacy policies, procedures, and compliance programs in accordance with applicable global data protection lawsMonitor emerging legislation and regulatory guidance related to privacy, cybersecurity, and AI; assess impact on business operations and recommend compliance strategiesFormalize and maintain legal artifacts including policies, procedures, templates, playbooks, and guidance documents for privacy, cybersecurity, and AI governanceSupport cybersecurity legal initiatives, including contract negotiations for security terms, incident response planning, regulatory breach notifications, and coordination with information security teamsDevelop and advance Omnicell's AI governance framework, including conducting risk assessments and reviews for AI systems, ensuring compliance with emerging AI regulations, and implementing ethical AI principlesConduct Data Protection Impact Assessments, Algorithmic Impact Assessments, and security risk assessments for new technologies, systems, and business initiativesProvide strategic legal counsel on data governance initiatives, including data classification, retention, cross-border transfers, and data subject rights managementCoordinate incident response activities for data breaches and security incidents, including regulatory notifications and customer communicationsNegotiate complex data and technology transactions, including data processing agreements, business associate agreements, security exhibits, and AI-related contractual provisionsCollaborate with training teams to develop and deliver data privacy, security, and AI governance training programs for employees and stakeholdersRequired Knowledge & SkillsStrong initiative and willingness to learn and develop new skillsAbility to identify complex legal and regulatory issues and offer pragmatic, actionable solutionsExperience working within fast-growing technology companies and adaptability to evolving business policies and proceduresDeep understanding of privacy laws and cybersecurity regulatory frameworksKnowledge of AI governance principles and emerging AI regulationsEffective interpersonal and problem-solving skillsStrong contract negotiation skills with specific experience in data processing agreements, security terms, and technology transactionsAbility to translate complex technical and legal concepts for diverse audiencesAbility to independently set and communicate prioritized goals and timelines to internal stakeholdersHighly organized with strong attention to detailBasic QualificationsJ.D.; member in good standing of a state BarCIPP/US or CIPP/E (both preferred)5+ years of experience in either a law firm or in-house legal department providing counsel on data privacy, cybersecurity, and AI regulations, including regulatory compliance, complex data or technology transactions, and incident responseSubstantial experience collaborating with cross-functional teams including IT, security, engineering, and compliancePreferred QualificationsCIPM, AIGP, or other relevant privacy/cybersecurity certificationsHealthcare industry experienceKnowledge of information security frameworks (NIST, ISO 27001, SOC 2)Familiarity with AI/ML technologies and their legal implicationsExperience with AI governance and emerging technology legal issuesExperience with regulatory examinations and auditsWork ConditionsFlexibility in working hours as neededSome travel, ~10%