A law firm in Washington, . is seeking an experienced Data Privacy Attorney to ensure compliance with data privacy laws globally, including in the United States, European Union, Asia, and the Middle East. The successful candidate will collaborate with various departments, including the Office of the General Counsel, Security & Risk Management, and Audit & Advisory, to manage and safeguard personal data. They will also work closely with the Global Data Privacy Office (GDPO) and other internal stakeholders to navigate privacy risks and regulatory requirements, and to support the firm’s data privacy initiatives.
Key Duties and Responsibilities:
- Collaborate with the Office of the General Counsel, Security & Risk Management, and Audit & Advisory departments to ensure compliance with data privacy laws in various jurisdictions.
- Review, draft, and negotiate vendor contracts and commercial relationships involving the transfer of personal data, working with the Procurement function and Security Review Team.
- Work with the GDPO and internal stakeholders to assess proposed projects involving personal data, advising on privacy risks and compliance with local data privacy laws.
- Conduct privacy impact assessments where necessary and respond to requests from individuals exercising their rights under applicable data privacy laws in the UK, EU, and the US.
- Implement measures to demonstrate compliance with data privacy laws, including managing and updating records of processing activities, data mapping, and vendor management reviews.
- Review and update transparency notices, privacy policies, and procedures globally; assist with data privacy audits of the firm’s offices worldwide.
- Maintain the firm’s Binding Corporate Rules, supporting their ongoing review and management across the firm.
- Demonstrate well-developed interpersonal skills, effectively interacting with all organizational levels.
- Utilize strong project management and organizational skills to handle multiple deadlines, prioritize tasks, and anticipate obstacles.
- Drive improvements to the firm’s compliance posture through proactive initiatives.
Requirements:
- 5+ years of relevant experience in data privacy law.
- Juris Doctor (JD) or equivalent degree from an accredited law school.
- Experience advising on European Union data privacy law is highly preferred.
- Active Bar admission and good standing.
Education and Certifications:
- Juris Doctor (JD) or equivalent degree from an accredited law school.
- Active Bar admission and good standing.
- Certifications in data privacy or information governance (., CIPP/US, CIPP/E) are a plus.
Skills:
- Deep understanding of global data privacy laws and regulations.
- Proven ability to review and negotiate complex contracts involving personal data.
- Strong analytical, organizational, and project management skills.
- Excellent written and verbal communication abilities.
- Ability to interact effectively with internal and external stakeholders at all levels.
- Initiative in driving compliance and improving data privacy practices.
Benefits Offered:
- Comprehensive healthcare, life, and disability insurance.
- Generous 401(k) plan.
- At least 11 paid holidays per year, and a PTO program that accrues 23 days during the first year of employment and grows with tenure.
- Well-being programs, including mental health services, mindfulness, resiliency, and medical resources.
- Professional development programs.
- Employee discounts.