Associate Counsel, Global Privacy and Data Protection

About The Position

Requirements

• 2 or more years of work experience with a Bachelor’s Degree or an Advanced Degree (e.g. Masters, MBA, JD, MD, or PhD)
• Juris Doctor degree from an accredited law school.
• Current member in good standing of a State Bar with the ability to become barred or a registered in-house counsel in the state where this role is located.
• Strong academic credentials.

Nice To Haves

• 3 or more years of work experience with a Bachelor’s Degree or more than 2 years of work experience with an Advanced Degree (e.g. Masters, MBA, JD, MD)
• 4 or more years of experience providing legal advice on incident response and breach reporting, cyber-related contract terms, and cybersecurity regulatory issues (e.g., SEC cybersecurity disclosure rules, NYDFS Part 500, GLBA safeguards rules, EU DORA regulations, Australia’s SOCI Act).
• Familiarity with widely-accepted cybersecurity standards and frameworks, such as NIST’s Cybersecurity Framework or ISO 27002.
• Experience negotiating cybersecurity and data governance terms in contracts with vendors and clients.
• Understanding of and experience with Privacy Enhancing Technologies.
• Understanding of global legal frameworks or financial services regulatory environments, particularly those in Latin America/Caribbean, Middle East, Africa, or Asia-Pacific regions.
• Professional proficiency in Spanish.
• Ability to manage multiple priorities in a fast-paced, time-sensitive, and challenging but highly rewarding environment.
• Excellent judgment, strong analytical, problem-solving, client counseling, and negotiation skills.
• Excellent written and verbal communication skills, with the ability to clearly and easily present complex topics and ideas to senior leaders.
• Self-motivated and entrepreneurial, and a confident, forward-thinking, creative, optimistic, curious, and collaborative team player.

Responsibilities

• Track and analyze new and current laws and regulations and advise the business on cybersecurity, data governance, and data protection obligations around the world.
• Help manage Visa’s privacy incident response program, revise incident playbooks, advise on process improvements, and review/triage reported potential privacy incidents.
• Work closely with global, cross-functional teams, including senior management, and collaborate with product, regulatory, and regional counsel to provide comprehensive legal advice on cybersecurity and data governance strategy and policy to support operations, diligence on and integration of newly acquired companies, and new initiatives across all business lines and regions.
• Draft, negotiate, and advise the business on the cybersecurity and data governance aspects of contracts and advise the third-party technology risk team on the vendor risk management program.
• Counsel Visa’s cyber defense team in connection with potential cyber and privacy incidents, including response, remediation, reporting, and legal risks and requirements.
• Advise on Visa’s compliance with the rules issued under Executive Order 14117 (Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern) and similar data export and localization regulations.
• Guide the continued improvement of Visa’s global cybersecurity and privacy program, with a focus on Privacy Enhancing Technologies.
• Coordinate with outside counsel as necessary with respect to data protection and cybersecurity matters.

Benefits

• Medical
• Dental
• Vision
• 401 (k)
• FSA/HSA
• Life Insurance
• Paid Time Off
• Wellness Program