Corporate - Securities and Capital Markets Attorney / Data Privacy Attorney in San Antonio, TX

Profile

Associate General Counsel and Chief Privacy Official
The candidate will help the organization manage data use while maintaining compliance with privacy and data security laws, regulations, and contractual agreements. Manage the organization’s overall data privacy program, develop an approach to ensure transparent awareness for internal leaders and executives about company’s risk posture related to privacy and security. Collaborate with stakeholders across all business sectors (national security, civilian, corporate) in the review of projects and related data to ensure data protection and privacy compliance and oversight of periodic information privacy risk assessment/analysis, mitigation and remediation efforts. Design and execute a plan to help pursue and attain GDPR compliance. Design and execute a plan to attain data and privacy compliance in areas where the organization plans to do work. Provide expertise on privacy and data security topics, including: the evolving landscape of applicable federal and state privacy laws, and accepted and best practices, the use of Personally Identifiable Information (PII) and Protected Health Information (PHI), managing the related risks of 3rd party outsourcing, and technology topics related to employee privacy and ethics in the workplace. Help instill and maintain a cultural focus on continuous improvement regarding privacy and data protection, including: oversight of ongoing privacy training for the workforce, refining and communicating policies and guidance on the privacy implications of company activities, programs, and initiatives, managing privacy-related inquiries in the organization, and administering a process for investigating privacy complaints. Collaborate with the information technology and infosec organization to ensure privacy-related technology and controls are defined and addressed, and to implement an ongoing process to track, investigate and report inappropriate access and/or disclosure of personal information. Monitor, track, and report on overall privacy and data protection program progress; streamline and improve processes as needed. Prepare and negotiate commercial, partnership and teaming agreements on a range of corporate topics. Identify, track, mitigate, and resolve risk issues. Exercise independent judgment and discretion in solving complex legal- and business-related issues.

Qualification and Experience

The candidate should have a Juris Doctor degree required and licensed to practice law in at least one jurisdiction. Bachelor’s or Master’s degree in related field (or equivalent in combined education and experience), and/or privacy certifications preferred. Practicing attorney with 15+ years of related experience, including significant experience with data security and privacy. Significant experience drafting and negotiating commercial transactions and other legal agreements. Strong knowledge of GDPR, CCPA, Privacy Act, FOIA and the e-Government Act and other major privacy frameworks, security laws, rules, and regulations worldwide, plus awareness of the related policy landscape. Experience with incorporating state and federal information privacy laws, including HIPAA, into corporate programs. Experience with privacy-related technologies and emerging technologies which may impact privacy. Strong risk management orientation, ability to effectively steer the organization toward compliance while driving mission and business impact. Knowledge of or experience with FFRDCs, research nonprofits, or government contractors preferred. Experience in InfoSec/cybersecurity and corporate privacy programs preferred. Management experience preferred.

Company info

Apply Now