Privacy Officer

Our client, a top international law firm, is seeking a Privacy Officer to join their Privacy Team. In this role, the Privacy Officer will be responsible for managing and overseeing compliance for all Privacy, Data Protection and Data Governance processes for the Firm. Ideal candidate will have experience managing data privacy programs as well as experience with U.S. EU and UK data privacy regulations. J.D. preferred but not required. At least one privacy certification such as CIPP, CIPM, CDPSE required.

Duties and Responsibilities:

  • Responsible for management of the data privacy program
  • Manages and oversees compliance of all Privacy, Data Protection and Data Governance processes
  • Responsible for evaluation of the risk associated with potential personal data loss due to unintended disclosure
  • Oversee the “privacy by design” and data protection activities related to internal operations and client engagements
  • Identify need for and help co-author any necessary privacy policy, process, and standards
  • Review privacy terms for client and third-party agreements; align operational compliance
  • Implement procedures to ensure that third parties engaged are compliant with the privacy standards
  • Conduct Data Privacy Impact Assessments (DPIA’s) on high-risk new systems, applications, workflows and third-party engagements, as appropriate
  • Develop recommended action plans as a result of DPIAs where necessary and appropriate
  • Respond to Data Subject Access Requests (DSAR’s) and coordinate their resolution
  • Prepare and maintain a high-level “enterprise personal data map” which includes company and third-party managed personal information
  • Define information and privacy data management framework, policy, procedures, and work instructions in partnership with lawyers, IT, practice support, and administrative departments
  • Plan and execute periodic privacy data audits to evaluate the health of prioritized enterprise data and facilitate remediation of personal data issues and defects
  • Ensure continued compliance with ISO27701 privacy certification
  • Educate employees about the data privacy compliance responsibilities and obligations by designing and implementing training plans, to include information on the processing and controlling of data
  • Track and monitor updates and developments to applicable data privacy laws and regulations and make program and training changes and recommendations accordingly
  • Act as primary point of contact for members of staff and lawyers on data privacy matters, and as point of contact for relevant data protection authorities
  • Work collaboratively with the CCO, CIO, CISO, and management on all data privacy issues
  • The Privacy Officer will be required to perform other duties as deemed necessary and assigned by the Chief Compliance Officer or Management

Qualifications:

  • Significant experience managing data privacy programs
  • Some experience with U.S. (e.g., HIPAA, CCPA), EU (GDPR), and UK (ICO) data privacy regulations
  • Experience with other regional privacy regulations such as POPIA, PIPA, PIPL, UAE Data Protection Law, etc. a plus
  • Experienced in matrix management across multiple functions
  • J.D. preferred
  • Bachelor’s degree required
  • At least one privacy certification such as CIPP, CIPM, CDPSE required
  • Vaccination Required

#LI-LS1
#LI-Hybrid

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Receive job alerts twice per week:

We use Sendinblue as our marketing platform. By Clicking below to submit this form, you acknowledge that the information you provided will be transferred to Sendinblue for processing in accordance with their terms of use