Data Privacy - Transactional Attorney in San Antonio, TX

In-House

San Antonio, TX

Data Privacy - Transactional Attorney in San Antonio, TX

Attorney

Min 3 yrs required

No

Job Title: Corporate Counsel - Privacy, Cybersecurity & AI

Job Responsibilities:
- Acts as an attorney for the Privacy Office, cybersecurity, incident management, and AI legal functions globally, supporting the Chief Privacy Officer in overseeing the privacy function.
- Maintains Privacy Office records and action plans, measures Privacy Office KPIs, and provides regular privacy reports to the Chief Privacy Officer and operational groups.
- Tracks existing and proposed privacy, cybersecurity, and AI legislation related to the company's operations, updates the privacy program accordingly, and advises affected stakeholders.
- Maintains all privacy-related policies, procedures, notices, external public collateral, and Privacy Office playbooks, providing advice and support to the business on compliance.
- Consults with the Chief Information Security Officer, Chief Information Officer, Law Enforcement, Incident Management & AI teams on interdependent policies, procedures, and external collateral.
- Maintains entity, data protection officer, local representative, and cybersecurity registrations, and documentation required by law.
- Maintains data mapping, records of processing activity, legitimate interest and impact and transfer assessments, and transfer agreements.
- Advises the Marketing organization on privacy matters including data collection and processing procedures, cookies and tracking technologies, and privacy-related advertising.
- Advises the Supply Chain and Security organizations on third-party management and due diligence, maintaining processor and subprocessor records and notices required by law.
- Supports Supply Chain and Product counsel in drafting appropriate template privacy and cybersecurity transactional terms, playbook direction for negotiation, and process for approvals.
- Advises the Chief Information Security Officer and Chief Information Officer on privacy-related security and records management privacy requirements and controls; advises on cybersecurity obligations and compliance.
- Advises the President AI, Chief Information Security Officer, and related teams on AI governance and compliance.
- Assists the Chief Privacy Officer and Incident Management teams in incident response, conducts privileged incident investigations, assessment and notification of potential data & cybersecurity breaches, legal analysis of incident trends, and maintains records of breaches and near misses.
- Coordinates and ensures timely fulfillment of data subject requests including data discovery, and maintenance of request logs and records.
- Conducts internal privacy audits and checks, coordinates external privacy audits, completes third-party privacy certifications, and supports security audits and certifications.
- Handles pre-litigation privacy or cybersecurity complaints, claims, and regulatory investigations; acts as liaison with supervisory authorities.
- Manages privacy tooling including OneTrust, TrustArc, and data discovery tooling, integrating these tools with internal systems as required.
- Provides onboarding and annual training for employees, and proactive privacy training and enablement to client business functions to manage legal workloads, mitigate legal risk, and enable business activities.
- Provides supervision and training to more junior supporting team members and works collaboratively across legal and business functions.
- Collates available privacy training and updating materials for other legal teams, encouraging the development of privacy competence and expertise across the global legal department.
- Advises global senior executives and other internal clients, providing applied legal advice and working with clients to navigate available options.
- Opportunities to engage in other legal assignments and projects as they arise.

Education and Experience Information:
- JD degree or local equivalent, with a strong academic background.
- Active bar admission as appropriate to the role.
- CIPP/E, CIPP/US, CIPM, CIPT & AIGP preferred (certified cybersecurity expertise is a bonus).
- No less than 3 years of relevant legal experience as a qualified privacy and cybersecurity counsel.
- Experience with large-scale data processing and in the technology sector (previous in-house experience in a global technology company is a bonus).
- Advanced knowledge of applicable laws, including data privacy law, cybersecurity law, AI law, and contract law (multi-jurisdictional knowledge is a bonus).
- Advanced knowledge of privacy management tooling (including OneTrust, TrustArc, data discovery tooling, and Archer) and privacy engineering preferred.

Salary Information:
The text does not provide specific salary information.