Job Details

Director of Data Privacy (LAW FIRM)

New York, NY, United States
  • Employment Type: Direct Hire

Our client is seeking a Director of Data Privacy for their New York office. The Director will be responsible for ensuring that the Firm is compliant with all applicable data protection laws and regulations in the jurisdictions throughout the world in which the Firm operates, with a particular emphasis initially on the EU General Data Protection Regulation (GDPR). The Director will lead the existing GDPR project management team to strategically plan and direct privacy programs and training. Experience working in a senior data privacy role, preferably within a professional services environment, is required, as is significant experience managing multiple senior stakeholders. Expert knowledge of Data Protection legislation, in particular the GDPR, is also a must and additional recognized privacy qualifications are preferred (e.g., CIPP). Send resumes to [email protected]

Responsibilities include but are not limited to:

  • Informs, advises on and monitors compliance with data protection laws
  • Develops and updates privacy policies and procedures
  • Implements training and awareness programs and materials for all personnel in the field of data privacy
  • Assists Firm Management with the developing and embedding of appropriate firmwide data privacy culture
  • Acts as a point of contact for Firm personnel in respect of queries relating to Firm policy as regards data privacy
  • Serves as the Firm’s contact person for regulators relating to data protection (or support local contact personnel) and lead the Firm’s response to any breach notification, regulatory investigation or request for information, including but not limited to subject
  • Accesses Requests, the “Right to be Forgotten” and audit information or access requests
  • Supports the Firm’s data incident response teams
  • Works In conjunction with the Director of Internal Audit, monitors adherence to all data protection policies and undertakes or coordinates regular reviews to ensure that data is protected, controls are in place and working and privacy notices remain up to date
  • Works with the Director of Procurement and Operations to ensure firmwide procurement processes meet appropriate data privacy standards and assist in the development of a review and compliance program for vendor management and ongoing assessment
  • Works alongside the Business Development team, advises on data privacy law and regulation applicable to marketing and devise and implement appropriate strategies and policies in this regard
  • Develops new privacy strategies and initiatives, and provides necessary guidance and program adjustments
  • Provides periodic reports and updates to Firm Management on privacy risk topics and status of Firm privacy programs
  • Maintains relationships with key internal stakeholders (e.g., Information Technology, Information Governance, Internal Audit, Office of General Counsel, and Procurement)
  • The Director will report to the Chief Professional Resources Officer.

Qualifications:

  • Excellent academics
  • Experience working in a senior data privacy role, preferably within a professional services environment; significant experience managing multiple senior stakeholders
  • Expert knowledge of Data Protection legislation, in particular the GDPR
  • Additional recognized privacy qualifications preferred (e.g., CIPP)
  • Excellent communication skills (both written and oral)
  • Willingness to travel internationally as needed
     

Interested in this job? Get in touch.

(Accepted file formats are PDF, DOC, DOCX, TXT, RTF and ZIP. File size maximum is 2 MB.)