Company Overview: Our Client is a well-known Energy Company operating on the east coast. With a commitment to providing essential services to the community while embracing sustainability and innovation, they are dedicated to shaping the future of energy in the region. They are currently seeking a highly experienced Senior Privacy Attorney to join their legal team and lead their privacy and data protection initiatives.
Position Overview: As the Senior Privacy Attorney, you will be responsible for providing expert legal counsel and guidance on privacy and data protection matters to ensure compliance with applicable laws, regulations, and industry standards. Leveraging your extensive experience in privacy law, you will play a key role in developing and implementing strategies to protect sensitive information and uphold the privacy rights of our Client's customers and stakeholders.
Key Responsibilities:
- Privacy Compliance: Oversee and ensure compliance with relevant privacy laws and regulations, including but not limited to GDPR, CCPA, HIPAA, and other state and federal privacy laws.
- Policy Development: Develop, implement, and maintain comprehensive privacy policies, procedures, and guidelines to safeguard personal data and mitigate privacy risks across the organization.
- Data Governance: Collaborate with cross-functional teams to establish and maintain effective data governance frameworks, including data classification, data retention, and data breach response protocols.
- Privacy Impact Assessments: Conduct privacy impact assessments (PIAs) to evaluate the potential privacy risks associated with new projects, initiatives, and technologies, and recommend appropriate risk mitigation measures.
- Contract Review: Review and negotiate privacy-related provisions in contracts, vendor agreements, and third-party arrangements to ensure compliance with privacy requirements and protect the organization's interests.
- Training and Awareness: Develop and deliver privacy training programs and awareness campaigns to educate employees and stakeholders on privacy best practices, regulatory requirements, and emerging trends.
- Incident Response: Lead and coordinate responses to privacy incidents and data breaches, including investigations, notifications, remediation efforts, and communication with regulatory authorities and affected individuals.
- External Engagement: Monitor developments in privacy law and regulation, participate in industry forums and working groups, and engage with regulators, industry peers, and privacy advocacy organizations to stay informed and influence policy discussions.
Qualifications:
- Juris Doctor (JD) degree from an accredited law school.
- Admission to the New York State Bar or eligibility for admission.
- Minimum of 7-10 years of experience practicing law with a focus on privacy and data protection, preferably in a regulated industry or large organization.
- In-depth knowledge of privacy laws, regulations, and standards, including GDPR, CCPA, HIPAA, and other relevant frameworks.
- Proven track record in developing and implementing privacy programs, policies, and procedures.
- Experience conducting privacy impact assessments, managing data incidents, and interfacing with regulatory authorities.
- Strong analytical, problem-solving, and communication skills, with the ability to effectively communicate complex legal concepts to non-legal stakeholders.
- Ability to work collaboratively in a fast-paced environment, manage multiple priorities, and drive results.
- CIPP/E, CIPP/US, or other relevant privacy certifications are a plus.
Why Join: Joining our Client offers a unique opportunity to make a meaningful impact in a vital industry while advancing your career in a supportive and dynamic environment. As a Senior Privacy Attorney, you will have the opportunity to shape the organization's privacy strategy, influence decision-making, and contribute to their mission of delivering essential services to the community.