Job Overview:
The Global Corporate Compliance & Privacy Counsel supports the design, implementation, and continuous improvement of Fortrea’s global compliance and privacy programmes. Working within a collaborative, team-based counsel model, the role helps maintain a consistent, regulator-ready framework across jurisdictions while serving as a subject matter expert in designated areas (e.g., investigations, third‑party risk, data transfers, incident response, AI governance). The Counsel provides practical, risk-based advice that translates legal requirements into operational controls and supports audits, inspections, and continuous improvement. Success looks like strong partnership with stakeholders, consistent standards and decision-making globally, and measurable reduction of compliance and privacy risk exposure.
Summary of Responsibilities:
- Collaborate with peer counsels to implement, and continuously improve the global compliance and privacy framework, including policies, standards, governance routines, and controls.
- Act as a subject matter expert in assigned domains including anti-bribery and corruption, Investigations and enforcement, third-party risk management, AI governance and emerging regulation, data privacy and protection (inc. PIPL) and provide escalation support on complex or high‑risk matters.
- Provide practical, risk-based legal advice to global stakeholders and translate regulatory requirements into implementable business processes and controls.
- Lead and/or support risk assessments and documentation, including compliance risk assessments, DPIAs, Transfer Impact Assessments (TIAs), and other reviews for new technologies, digital tools, and AI systems; document mitigations and track implementation.
- Support and/or lead internal investigations and incident response, including ethical concerns, conflicts of interest, fraud/corruption allegations, privacy incidents, and regulatory breaches; ensure consistent standards, escalation, documentation, remediation planning, and reporting obligations where required.
- Draft, review, and maintain global compliance and privacy policies, standards, templates, and guidance for approval by VP Corporate Compliance; ensure alignment with applicable laws and internal governance frameworks and maintain regulator-ready documentation.
- Oversee and optimise privacy operational processes, including data subject rights/DSAR governance, transparency documentation, and privacy notices; partner with operational teams to enable timely and compliant responses within your assign jurisdictional area.
- Advise on compliant cross-border data transfers and related mechanisms and monitor legal developments in your allocated domains affecting international data flows.
- Support third-party risk management by advising on due diligence frameworks, contractual requirements, and monitoring processes for high-risk vendors and engagements, including data processing and AI-enabled services.
- Contribute to risk monitoring, control testing, audit readiness, and regulatory inspection support; coordinate with Internal Audit, Quality, and other functions on reviews and remediation as necessary.
- Contribute to the continuous improvement of compliance systems, processes, and governance structures
- Support policy development, risk assessments, and guidance within assigned domains
- Co-develop and deliver training and awareness initiatives and promote a culture of integrity, compliance, and privacy-by-design across the organization as required.
- Support cross-border legal analysis and ensure alignment with local regulatory requirements
- Partner with key stakeholders including HR, IT, Operations and Quality functions to manage compliance risks.
- Work collaboratively with other counsels within the Compliance & Privacy legal team to enable consistent investigative standards, appropriate escalation and documentation and contribute to remediation planning and regulatory reporting where required.
- Co-develop global training and communication strategies with the compliance team and deliver targeted training in SME areas
- Promote a culture of integrity and ethical conduct across the organisationShare regulatory updates, enforcement trends, and best practices across the global legal team to ensure consistent interpretation and application of standards worldwide.
- Perform all other duties as needed or assigned.
- Whilst no travel is anticipated for this role, you may be asked to travel up to 10% of your role over the performance period.
Qualifications (Minimum Required):
- Qualified lawyer (China, Hong Kong, Japan, South Korea, Australia or New Zealand, or equivalent jurisdiction).
- Strong knowledge of global compliance and data protection frameworks (e.g., PIPL, APPI, PIPA) and ability to apply risk-based principles.
- Ability to translate complex legal requirements into practical, operational guidance;
- Strong documentation skills and comfort engaging with clients, vendors, regulators and auditors.
- Strong collaboration, stakeholder management, and influencing skills; sound judgment, high integrity, and ability to balance global consistency with local nuance.
- Comfort working in a matrixed, global team structure with shared ownership and consistent decision-making across regions and functions.
- Fluent in Mandarin and English
Experience (Minimum Required):
- 3-5 years’ experience in compliance, privacy, technology law, or regulatory roles.
- Demonstrated experience working in a multinational and/or highly regulated environment (e.g., life sciences, healthcare, technology, financial services).
- Demonstrated ability to operate in team-based, global compliance and privacy functions.
Preferred Qualifications Include:
- Relevant certifications preferred (e.g., CCEP, CIPP/E, CIPM, CIPT) and/or privacy/security standards familiarity (e.g., ISO 27701).
- Experience advising on cross-border data transfers and leading or supporting investigations and incident response.
- Familiarity with emerging regulation and governance in digital/AI systems and experience developing related standards, guidance, or due diligence materials.
- Experience in advising on regional sanction controls and their impacts on the business.
Physical Demands / Work Environment:
- Preferred office based but would consider a blended role with 1 day a week from home.
Office/Home-Based:
Work Environment:
- Work is performed in an office environment with exposure to electrical office equipment.
- Occasional drives to site locations with occasional travel both domestic and international.
Physical Requirements:
- Frequently stationary for 6-8 hours per day.
- Repetitive hand movement of both hands with the ability to make fast, simple, repeated movements of the fingers, hands, and wrists.
- Occasional crouching, stooping, with frequent bending and twisting of upper body and neck.
- Ability to access and use a variety of computer software developed both in-house and off-the-shelf.
- Light to moderate lifting and carrying, or moving of objects, including luggage and laptop computer with a maximum lift of 15-20 lbs.
- Regular and consistent attendance.
- Varied hours may be required.
Learn more about our EEO & Accommodations request here .