Significant post-qualification legal experience gathered in house or in private practice, with a minimum of 3 years of legal experience.
Exceptional expertise and experience in data privacy, cybersecurity, and artificial intelligence (“AI”) matters.
Demonstrated in-depth familiarity with international privacy, data protection and data management concepts, principles, operations, legislation and regulations, including those in Europe, U.S., and APAC.
3+ years of experience in software or technology industries (strong preference for experience in start-ups/fast growth environments).
Experience or familiarity with conducting privacy impact assessments on a range of operational projects, including emerging technologies.
Experience responding to access to information requests and experience investigating and responding to privacy incidents.
Experience negotiating Data Privacy Agreements (“DPAs”) and other privacy language in commercial contracts.
Industry recognized privacy certification, such as those from IAPP, like CIPM, CIPP/US, CIPP/E, AIGP, or similar certification.
Experience in an international environment.
Experience as an in-house lawyer within a corporate group.
Familiarity with technology and information systems is desirable to appropriately assess privacy risks in response to implementation of new technologies, programs and processes.
Responsibilities:
Provide advice and counsel on issues pertaining to artificial intelligence (“AI”), data privacy, and cyber security, ensuring adherence to global regulatory mandates.
Act as a subject matter expert on privacy laws affecting cloud technologies.
Support the development, review, and implementation of the privacy program including raising awareness, training, monitoring, and enforcement of such practice.
Manage, create, and refresh Company policies pertaining to AI, data privacy, and cybersecurity.
Ensure the Company remains current with key regulatory changes affecting the business by, for example, conducting legal research and providing updates on applicable laws and regulations.
Coordinate and formulate responses to internal and external inquiries, information access requests, audits, investigations, disputes, and complaints (e.g., administrative, litigation, regulatory), insofar as they relate to AI, data privacy, and cybersecurity (e.g., data breaches, incidents).
Ensure the completion of Privacy Impact Assessments and Data Protection Impact Assessments within the pre-defined framework.
Engage with internal stakeholders to implement best practices and governance models.
Support product development and the Company’s go-to-market strategy by integrating privacy-by-design principles.