Attorney - Privacy

About The Position

Requirements

• Juris Doctor (JD) and active bar membership required
• 3+ years of relevant experience in mergers and acquisitions, corporate transactions and/or complex commercial contract negotiation with a combination of in-house and private firm experience. (Insurance/financial services experience highly preferred)
• Demonstrated experience advising on privacy laws applicable to insurance and financial services (GLBA, HIPAA, CCPA) and associated privacy/compliance requirements.
• Hands-on experience drafting, reviewing and negotiating data protection agreements, including DPAs and BAAs as well as contracts and other associated privacy documentation.
• Excellent verbal and written communication skills which allow you to collaborate effectively with legal colleagues and cross‑functional partners to deliver strong outcomes.
• Ability to translate complex legal issues into meaningful and relevant communications for stakeholders outside the legal team.
• Demonstrated history of working closely with internal business partners as a strategic partner to identify and prioritize business needs and assess and communicate risk.
• Consistently demonstrates an understanding of, and motivation to, achieve business goals in a legally defensible manner.
• Ability to produce clear, concise, and persuasive work product and ability to utilize persuasive advising skills.
• Provides clear, concise, and practical legal guidance that enables informed decision‑making.
• Thrives in a fast‑paced environment and responds effectively to evolving legal and business priorities.
• Utilizes creative problem-solving techniques to address new circumstances and presents solutions.
• Demonstrated willingness to learn new skills and accept feedback.
• Seeks continuous improvement in privacy practices, processes, and legal support.
• Thinks innovatively, brings ideas to life, and approaches business challenges from a broad corporate perspective.
• Anticipates and removes barriers to accomplish business objectives.
• Constantly pursues exceptional results that take us “next level.”

Nice To Haves

• CIPP/US (preferred)
• Insurance/financial services experience highly preferred
• Experience working with and advising global capability centers. (preferred)

Responsibilities

• Advise business partners on privacy and data protection matters, including the collection, use, sharing, retention, and security of personal information.
• Conduct risk assessments related to privacy incidents and data security events and recommend remediation and notification actions.
• Provide legal guidance on new technologies, products, and processes that impact company data, with a focus on risk mitigation and compliance.
• Draft, review, and negotiate privacy‑related provisions in commercial contracts and vendor agreements.
• Monitor, research, and advise on legal and regulatory developments affecting privacy and data protection, particularly in the insurance and financial services sectors.
• Partner with cross‑functional teams (including compliance, security, IT, and product) to develop and improve privacy workflows, policies, and processes.
• Support legislative and regulatory engagement efforts related to privacy in coordination with government relations and trade associations.
• Engage and manage outside counsel or alternative legal service providers to deliver high‑quality, cost‑effective legal services.

Benefits

• A rich benefits package including medical, dental, vision and a 401(k) plan with matching company contributions
• An annual incentive bonus plan
• Generous paid time off including 11 holidays, 2 wellness days, and 8 volunteer hours annually — PTO increases with tenure
• A supportive, responsive management approach and opportunities for career growth and advancement
• Paid parental leave and adoption/surrogacy assistance
• An employee giving program that double matches your donations to eligible nonprofits and schools