Executive Director, Global Privacy

Revolution Medicines is a late-stage clinical oncology company developing novel targeted therapies for patients with RAS-addicted cancers. The company’s R&D pipeline comprises RAS(ON) inhibitors designed to suppress diverse oncogenic variants of RAS proteins. The company’s RAS(ON) inhibitors daraxonrasib (RMC-6236), a RAS(ON) multi-selective inhibitor; elironrasib (RMC-6291), a RAS(ON) G12C-selective inhibitor; zoldonrasib (RMC-9805), a RAS(ON) G12D-selective inhibitor; and RMC-5127, a RAS(ON) G12V-selective inhibitor, are currently in clinical development. As a new member of the Revolution Medicines team, you will join other outstanding professionals in a tireless commitment to patients with cancers harboring mutations in the RAS signaling pathway. The Opportunity: RevMed is seeking an experienced privacy executive to support RevMed’s business.  The Executive Director, Global Privacy will lead the strategy, development, and execution of the company’s Privacy Program, ensuring all activities are conducted ethically and in accordance with applicable laws, regulations, and industry codes. This attorney will be instrumental in shaping and sustaining a culture of integrity as the company advances and commercializes its oncology pipeline. The Executive Director, Global Privacy is a senior leader responsible for driving the organization’s global privacy strategy, governance, and compliance framework. This role ensures that all business activities involving personal data are conducted ethically and in compliance with applicable international laws, regulations, and industry standards. Reporting to the Vice President, Compliance, this role serves as a key advisor to the General Counsel (GC) and other senior executives on global privacy, data protection, and responsible data use, while fostering a culture of privacy-by-design across all business functions worldwide. The position can be based in the US or Switzerland. Key responsibilities include: Strategic Leadership & Governance Lead the development and execution of a comprehensive global privacy strategy aligned with business objectives and the broader compliance program. Serve as a senior advisor to the General Counsel (GC) and other senior executives on global privacy risks, regulatory developments, and data governance. Establish and maintain enterprise-wide global privacy governance frameworks, policies, and standards. Design the Global Privacy team structure and operating model leveraging both regional and global resources, support design and implementation of technology-enabled systems and processes for regional adaptation where appropriate and recruit a high-performing team. Provide regular updates to the General Counsel and other senior executives on global privacy program performance, risks, and mitigation strategies. Global Privacy Program Management Design, implement, and continuously enhance a global privacy program aligned with international laws and best practices. Ensure alignment of the privacy program with the company’s overall compliance framework and enterprise risk management approach. Ensure compliance with global privacy and data protection regulations, including GDPR, UK GDPR, HIPAA, CCPA/CPRA, and other applicable international and local laws. Oversee Data Privacy Impact Assessments (DPIAs), cross-border data transfer mechanisms, and global risk assessments. Monitor and report on privacy metrics, trends, and program effectiveness across regions. Clinical and Commercialization Data-Driven Activities Serve as the primary privacy lead for all clinical trial-related activities, including data collected from clinical sites, investigators, and patients. Partner with R&D and clinical teams to ensure compliant handling of sensitive clinical and health data. Collaborate with Commercialization teams to advise on processes, controls, and risks related to data-driven activities, including analytics, digital initiatives, and commercialization strategies. Operational Integration Embed privacy-by-design and privacy-by-default principles into systems, products, and business processes globally. Partner cross-functionally with Compliance, Legal, IT Security, R&D, HR, and Commercial teams across regions. Support global initiatives involving sensitive data, including clinical, digital, and analytics-driven programs. Work closely with HR and Information Security (IS) to address employee and internal data privacy matters, including monitoring, investigations, and governance of workforce data. Risk Management, Investigations & Incident Response Lead or oversee global privacy incident response, including breach assessment, notification, and remediation across jurisdictions. Lead and/or oversee privacy-related investigations, including internal reviews and regulatory-driven inquiries. Collaborate with Compliance and Information Security to ensure consistent global controls and preparedness. Identify, assess, and mitigate global privacy risks in alignment with enterprise risk management priorities. Regulatory & External Engagement, Third-party & Contractual Oversight Serve as a key point of contact for global data protection authorities and regulators, in coordination with Compliance and Legal. Support global regulatory inquiries, audits, and inspections related to privacy. Oversee global privacy due diligence and risk management for third-party vendors and partners. Own and maintain privacy-related standards across the organization, including templates and playbooks. Review, negotiate, or oversee negotiation of privacy and data protection terms in contracts, including data processing agreements (DPAs), standard contractual clauses (SCCs), and related provisions. Ensure consistent and appropriate privacy language across all contractual forms and third-party engagements. Training, Culture & Awareness Develop and deliver global privacy training and awareness pro