Description:
What's the opportunity?An American Software Company's Legal team is seeking a dedicated counsel to lead the company's program on Data Protection and manage legal matters involving privacy and cybersecurity, as well as help support other Compliance and Product-led initiatives. Reporting to the Sr. Director of Compliance & DPO, this role will advise and partner with our engineering, product, security, sales, marketing and other teams throughout the organization to manage legal risk and compliance with global privacy and cybersecurity laws and regulations. You will develop and effectuate strategies and initiatives that focus on building a scalable privacy and security program, as well as educate and train key stakeholders on prioritizing Data Protection as a core value for An American Software Company. Furthermore, you will help develop and evolve other legal and regulatory compliance initiatives involving subjects such as artificial intelligence.
What will I be doing?
- Provide a wide range of subject matter expertise and resource on privacy, security and Data Protection
- Work with teams worldwide on various privacy, security and compliance initiatives
- Partner very closely with your colleagues on An American Software Company's legal team on a number of cross functional projects with privacy and regulatory compliance implications
- Draft external notices and disclosures, and manage/update Data Protection and privacy related internal and external policies and procedures to ensure compliance with global laws and regulations related to Data Protection
- Provide guidance and interpretation on legal requirements to the engineering and product teams with respect to existing and new product features and functionality for privacy-by-design and security-by-design initiatives
- Respond to customer, vendor and employee questions about their individual data rights and An American Software Company's processing activities as well as An American Software Company's data management practices and policies
- Draft and manage Data Protection impact assessments
- Own data-related contractual templates, such as Data Processing Addendum, Business Associate Agreement, Information Security Addendum, etc. and train Commercial Legal team on negotiation playbook and regulatory updates
- Analyze privacy law developments and provide analysis and guidance for implementation into business processes
- Counsel and advise commercial teams and business partners on Data Protection related provisions in contracts
- Keep up with industry guidelines and best practices on data management and how they apply to An American Software Company's offerings
- Support projects in other key Data Protection-related compliance areas such as our Code of Conduct, new product analyses and initiatives, risk management, cyber insurance and security incidents.
- 5-10 years relevant experience as an attorney with a law firm or in-house legal department advising a multinational SaaS company on global data privacy regulation and laws
- Deep experience with global privacy regulations, which include GDPR, the ePrivacy Directive and CCPA-CPRA. Working understanding of Australian Privacy Act, HIPAA, PIPEDA and desire to learn LGPD and upcoming regulations
- Working understanding of the EU AI Act and other developing regulatory laws associated with AI data governance
- Foundational knowledge of key security programs such as SOC2, ISO and HIPAA
- CIPP/E or CIPP/US certification
- A level of comfort in influencing and educating an organization on the importance of privacy and implementation of privacy initiatives, and capable of gaining respect of senior leaders in the organization
- An ability to multi-task which includes handling a variety of legal issues simultaneously
- Attention to detail, a sense of passion to support An American Software Company's privacy initiatives and the versatility and confidence to take on challenges that are presented to you
- Strong familiarity and curiosity about emerging technologies such as artificial intelligence, network and cyber security, infrastructure resiliency and cloud computing
- Ability to express sophisticated ideas in easily understandable and effective ways
- Agility in handling conflict and creating/influencing/implementing policies and procedures
- Illinois state bar licensed attorney or ability to be registered as in-house counsel if licensed in another jurisdiction