Job Overview:

The Global Corporate Compliance & Privacy Counsel supports the design, implementation, and continuous improvement of Fortrea’s global compliance and privacy programmes. Working within a collaborative, team-based counsel model, the role helps maintain a consistent, regulator-ready framework across jurisdictions while serving as a subject matter expert in designated areas (e.g., investigations, third‑party risk, data transfers, incident response, AI governance). The Counsel provides practical, risk-based advice that translates legal requirements into operational controls and supports audits, inspections, and continuous improvement. Success looks like strong partnership with stakeholders, consistent standards and decision-making globally, and measurable reduction of compliance and privacy risk exposure.

Summary of Responsibilities:

• Collaborate with peer counsels to implement, and continuously improve the global compliance and privacy framework, including policies, standards, governance routines, and controls.
• Act as a subject matter expert in assigned domains including anti-bribery and corruption, Investigations and enforcement, third-party risk management, AI governance and emerging regulation, data privacy and protection (inc. PIPL) and provide escalation support on complex or high‑risk matters.
• Provide practical, risk-based legal advice to global stakeholders and translate regulatory requirements into implementable business processes and controls.
• Lead and/or support risk assessments and documentation, including compliance risk assessments, DPIAs, Transfer Impact Assessments (TIAs), and other reviews for new technologies, digital tools, and AI systems; document mitigations and track implementation.
• Support and/or lead internal investigations and incident response, including ethical concerns, conflicts of interest, fraud/corruption allegations, privacy incidents, and regulatory breaches; ensure consistent standards, escalation, documentation, remediation planning, and reporting obligations where required.
• Draft, review, and maintain global compliance and privacy policies, standards, templates, and guidance for approval by VP Corporate Compliance; ensure alignment with applicable laws and internal governance frameworks and maintain regulator-ready documentation.
• Oversee and optimise privacy operational processes, including data subject rights/DSAR governance, transparency documentation, and privacy notices; partner with operational teams to enable timely and compliant responses within your assign jurisdictional area.
• Advise on compliant cross-border data transfers and related mechanisms and monitor legal developments in your allocated domains affecting international data flows.
• Support third-party risk management by advising on due diligence frameworks, contractual requirements, and monitoring processes for high-risk vendors and engagements, including data processing and AI-enabled services.
• Contribute to risk monitoring, control testing, audit readiness, and regulatory inspection support; coordinate with Internal Audit, Quality, and other functions on reviews and remediation as necessary.
• Contribute to the continuous improvement of compliance systems, processes, and governance structures
• Support policy development, risk assessments, and guidance within assigned domains
• Co-develop and deliver training and awareness initiatives and promote a culture of integrity, compliance, and privacy-by-design across the organization as required.
• Support cross-border legal analysis and ensure alignment with local regulatory requirements
• Partner with key stakeholders including HR, IT, Operations and Quality functions to manage compliance risks.
• Work collaboratively with other counsels within the Compliance & Privacy legal team to enable consistent investigative standards, appropriate escalation and documentation and contribute to remediation planning and regulatory reporting where required.
• Co-develop global training and communication strategies with the compliance team and deliver targeted training in SME areas
• Promote a culture of integrity and ethical conduct across the organisationShare regulatory updates, enforcement trends, and best practices across the global legal team to ensure consistent interpretation and application of standards worldwide.
• Perform all other duties as needed or assigned.
• Whilst no travel is anticipated for this role, you may be asked to travel up to 10% of your role over the performance period.

Qualifications (Minimum Required):

• Qualified lawyer (China, Hong Kong, Japan, South Korea, Australia or New Zealand, or equivalent jurisdiction).
• Strong knowledge of global compliance and data protection frameworks (e.g., PIPL, APPI, PIPA) and ability to apply risk-based principles.
• Ability to translate complex legal requirements into practical, operational guidance;
• Strong documentation skills and comfort engaging with clients, vendors, regulators and auditors.
• Strong collaboration, stakeholder management, and influencing skills; sound judgment, high integrity, and ability to balance global consistency with local nuance.
• Comfort working in a matrixed, global team structure with shared ownership and consistent decision-making across regions and functions.
• Fluent in Mandarin and English

Experience (Minimum Required):  

• 3-5 years’ experience in compliance, privacy, technology law, or regulatory roles.
• Demonstrated experience working in a multinational and/or highly regulated environment (e.g., life sciences, healthcare, technology, financial services).
• Demonstrated ability to operate in team-based, global compliance and privacy functions.

Preferred Qualifications Include:

• Relevant certifications preferred (e.g., CCEP, CIPP/E, CIPM, CIPT) and/or privacy/security standards familiarity (e.g., ISO 27701).
• Experience advising on cross-border data transfers and leading or supporting investigations and incident response.
• Familiarity with emerging regulation and governance in digital/AI systems and experience developing related standards, guidance, or due diligence materials.
• Experience in advising on regional sanction controls and their impacts on the business.

Physical Demands / Work Environment:

• Preferred office based but would consider a blended role with 1 day a week from home.

Office/Home-Based:

Work Environment:

• Work is performed in an office environment with exposure to electrical office equipment.
• Occasional drives to site locations with occasional travel both domestic and international.

Physical Requirements:

• Frequently stationary for 6-8 hours per day.
• Repetitive hand movement of both hands with the ability to make fast, simple, repeated movements of the fingers, hands, and wrists.
• Occasional crouching, stooping, with frequent bending and twisting of upper body and neck.
• Ability to access and use a variety of computer software developed both in-house and off-the-shelf.
• Light to moderate lifting and carrying, or moving of objects, including luggage and laptop computer with a maximum lift of 15-20 lbs.
• Regular and consistent attendance.
• Varied hours may be required.

Learn more about our EEO & Accommodations request here.