Data Privacy Attoreny Jobs

Company Description

Breakwater Solutions combines technology automation and human expertise to help mitigate risk and gain insight from sprawling information. Our expert consulting, software, and managed services address the challenges within information governance, disputes and investigations, regulatory compliance, privacy, and cybersecurity. We enable governance, legal, and risk professionals to locate, access, analyze, and manage information by making data transparent and actionable. Breakwater helps clients in public and private sectors mitigate risk, improve productivity, and increase profitability by transforming how they use data.

Role Description

This is a full-time remote role for a Data Privacy Attorney. The Data Privacy Attorney will be responsible for providing legal advice and strategies for clients to prevent data breaches and comply with federal and state data privacy laws. The Data Privacy Attorney will also provide guidance on privacy policies and procedures and represent clients in litigation related to data privacy issues.

This role will

- act like subject matter expert in data protection, privacy, and data governance laws and assist in building and maintaining a data privacy and governance compliance program that builds trust with customers and stakeholders.

- Advise on data privacy compliance as it relates to clients products and services and actively engage with global privacy champions program to direct and manage privacy operations in compliance with applicable laws.

- will be responsible for assessing privacy operations to determine regulatory risk and educating and advising clients employees on privacy, cybersecurity, and data governance legal compliance.

Responaibilities

Act as subject matter expert in data protection, privacy, and data governance laws for broader legal team who advise product and services teams on legal compliance for the company’s products and services.

• Advise the business on legal compliance with privacy, data protection, and data governance legal requirements.

• Advise on and maintain documentation of data protection impact assessments, privacy assessments, transfer impact assessments, cross border data flows, data subject requests, and privacy incidents across a global organization.

• Perform privacy assessments of new and existing products and services, tools and processes using risk-based prioritization and automation tools.

• Support M&A activities related to privacy, cybersecurity, and data governance obligations.

• Advise on data protection terms in both revenue and procurement related contracts.

• Review privacy- and cybersecurity law-related blogs and sales materials.

• Develop and deliver privacy training across the organization.

• Develop content addressing legal and regulatory requirements of interest to our customers, partners, and stakeholders for Trust Center publication (SIG, CAIQ-lite, HIPAA, FinServ, etc).

• Develop and maintain policies, processes, playbooks, trainings, and reference materials relating to privacy requirements to support sales and sales operations.

• Support our global privacy champions program.

• Act as DPO for Germany and other EEA countries, as may be required.

• Remain up to date on global data privacy regulations related to the organization and update the business accordingly.

Qualifications

The successful candidate’s profile shall ideally include:

• Law degree and 5-7 years post-qualifying experience in a combination of private practice and in-house counseling.

• Qualified to practice law in the U.S. or EEA and in good standing with the relevant qualifying authority.

• Expertise in global privacy laws, including frameworks and standards relied on by regulatory bodies.

• Expertise in global cybersecurity, data protection, and data governance laws.

• Experience in applying global privacy law to digital services.

• Keen business sense and ability to distill legal theory to pragmatic and risk-based action items.

• Highly analytical with strong attention to detail.

• Ability to communicate with intention both speaking and in writing.

• Ability to thrive in a high performance, fast-paced environment and to multitask, prioritize effectively and meet deadlines.

• Team-oriented, with a good sense of humor and high level of integrity, responsibility and professionalism, and the ability to build relationships and collaborate across functions.

• Commitment to diversity, inclusion, and belonging.

Candidates with the following skills and experience would be preferred:

• Familiarity with industry standards relating to information systems management and security controls, such as NIST Risk Management Framework, ISO 27001, NIST 800-53, and SOC 2.

• Experience in-house with an IT or technology company covering multiple jurisdictions, including at least the US and EEA.

• Knowledge and experience with enterprise cloud privacy risks.

• Understanding of legal risks in supply chains for software and cloud services.

• Familiarity with OneTrust Platform