Assistant General Counsel, Privacy & Data Protection

About The Position

Requirements

• 5+ years of relevant experience (i.e., with a primary focus on privacy and data protection) gained at law firm and in-house (at a publicly traded company).
• Active bar membership in good standing in at least one U.S. jurisdiction (or equivalent foreign qualification), with ability to practice in the role’s location as required.
• Deep expertise in global privacy and data protection laws and frameworks, including GDPR/UK GDPR, U.S. state privacy laws (e.g., CCPA/CPRA), and other international regimes.
• Proven capability to manage high-volume, complex environments with sound judgment and adaptability.
• Fosters inclusivity and manages emotions to achieve optimal business outcomes.
• Able to effectively pivot direction and collaborate across teams to meet strategic initiatives.
• Exceptional business judgment and legal issue identification skills, coupled with strong problem-solving abilities.
• Adept at articulating business needs and defining actionable strategies.
• Actively seeks input from diverse sources to ensure engagement and influence stakeholder buy-in at all levels.
• Excellent communication and interpersonal skills, with a demonstrated a passion for the business.
• Provides clear, concise advice, and creative solutions where necessary, on established timelines to meet business needs that appropriately manage risk.
• Operates autonomously while also being a collaborative team player who brings a positive, “can do” attitude to the workplace.
• Works effectively with other members of the legal and compliance team, internal clients, and cross-functional organizations to influence and develop strategic initiatives.

Nice To Haves

• Privacy or AI certifications a plus.
• Experience supporting data-intensive environments, data/technology-driven products, digital platforms, or AI-enabled services.
• Experience with change management.
• Experience leading or supporting transformation initiatives or high-growth environments.

Responsibilities

• Act as a subject matter expert on privacy and data protection, providing practical, timely, and strategic legal advice across the business.
• Proactively monitor and assess emerging privacy, cybersecurity, and AI regulations (horizon scanning), advising on their potential business impact and readiness planning.
• Influence the strategic implementation of privacy and data protection requirements across products, services, and internal operations.
• Identify problems and support solutions-based practices by using existing precedents or procedures, including creating legal gap analysis of new data protection laws and regulations.
• Support and drive incident response efforts, including on breach notification, investigations, eDiscovery and regulatory exposure.
• Provide guidance to the IT and InfoSec team on data protection matters.
• Maintain and draft contract template language related to data privacy, data protection, and information governance across the enterprise, including vendor, commercial, and M&A contracts.
• Provide privacy guidance and support to commercial, corporate and procurement attorneys on the negotiation of commercial and vendor DPAs.
• Work with various stakeholders across the company to ensure controls, such as vendor due diligence controls, are compliant with applicable law.
• Lead or support global privacy program initiatives, including the development, implementation, and improvement of policies, procedures, standards, templates, and playbooks.
• Draft, review, and maintain internal privacy policies and procedures, as well as external privacy notices, consent language, and disclosures, collaborating and advising the Compliance team where applicable.
• Support the Compliance team on delivering effective privacy training and communications for legal and non-legal audiences across regions, functions, and levels.
• Promote a strong culture of privacy awareness and accountability throughout the organization.

Benefits

• annual incentive plan
• additional S&P Global benefits