Corporate Counsel - Privacy, Cybersecurity & AI

Key Accountabilities

• Acts as attorney for the Privacy Office, cybersecurity, incident management and AI legal functions globally. Supports the Chief Privacy Officer in oversight of the Rackspace privacy function. 
• Maintains Privacy Office records and action plans, measures Privacy Office KPIs, and provides regular privacy reports to the Chief Privacy Officer and operational groups.    
• Tracks existing and proposed privacy, cybersecurity and AI legislation related to operations of the company, updates the privacy program directly, and advises affected stakeholders accordingly.  
• Maintains all privacy-related policies, procedures, notices (and records of consent), external public collateral, and Privacy Office playbooks and provides advice and support to business on compliance. 
• Consults with the Chief Information Security Officer, Chief Information Officer, Law Enforcement, Incident Management & AI teams on interdependent policies, procedures, and external collateral. 
• Maintains entity, data protection officer, local representative and cybersecurity registrations, and documentation required by law. 
• Maintains data mapping, records of processing activity, legitimate interest and impact and transfer assessments, and transfer agreements. 
• Advises the Marketing organization on privacy matters including data collection and processing procedures, cookies and tracking technologies, and privacy-related advertising. 
• Advises the Supply Chain and Security organizations on third party management and due diligence, and maintains processor and subprocessor records and notices required by law. 
• Supports Supply Chain and Product counsel in the drafting of appropriate template privacy and cybersecurity transactional terms, playbook direction for negotiation, and process for approvals. 
• Advises the Chief Information Security Officer and Chief Information Officer on privacy related security and records management privacy requirements and controls; and advises the Chief Information Security Officer on cybersecurity obligations and compliance. 
• Advises the President AI, Chief Information Security Officer and related teams on AI governance and compliance. 
• Assists the Chief Privacy Officer and Incident Management teams in incident response, conducts privileged incident investigations, conducts assessment and notification of potential data & cybersecurity breaches, conducts legal analysis of incident trends, maintains records of breaches and near misses, assists in recovery and remediation. 
• Coordinates and ensures timely fulfillment of data subject requests including data discovery, and maintenance of request logs and records.  
• Conducts internal privacy audits and checks, coordinates external privacy audits, completes third-party privacy certifications, and supports security audits and certifications. 
• Handles pre-litigation privacy or cybersecurity complaints, claims, and regulatory investigations; and acts as liaison with supervisory authorities. 
• Manages privacy tooling including OneTrust, TrustArc, and data discovery tooling and works with internal systems staff to integrate tooling as required. 
• Provides onboarding and annual training for employees, and proactive privacy training and enablement to client business functions to manage legal workloads, mitigate legal risk and enable business activities. 
• Provides supervision and training to more junior supporting team members, and works collaboratively across legal and business functions.  
• Collates available privacy training and updating materials for other legal teams, and encourages the development of privacy competence and expertise across the global legal department. Is an engaged member of the global legal department, supporting cross-departmental initiatives and activities. 
• Advises global senior executives and other internal clients, providing applied legal advice and working with clients to navigate available options. 
• There are opportunities to become involved in other legal assignments and projects as they may arise.

Key Skills

• Ability to balance accuracy and thoroughness, with a pragmatic commercial approach showing excellent commercial and strategic judgment.  
• Excellent communication skills, and a patient and calm approach with clients and legal team members. 
• Ability to build strong relationships with internal clients and legal stakeholders, act as a trusted partner and business enabler, with a willingness to challenge when required. 
• Ability to problem solve with business clients to reach solutions and results, in novel situations.  
• Excellent time management and organizational skills, with ability to context shift and handle a varied workload.  

Qualifications

• JD degree or local equivalent, with strong academic background. 
• Active bar admission as appropriate to the role. 
• CIPP/E, CIPP/US, CIPM, CIPT & AIGP preferred (with certified cybersecurity expertise as bonus). 
• No less than 3 years of relevant legal experience as a qualified privacy and cybersecurity counsel. 
• Experience with large-scale data processing and in the technology sector (previous in-house experience in a global technology company is a bonus). 
• Advanced knowledge of applicable laws – including data privacy law, cybersecurity law, AI law, and contract law (multi-jurisdictional knowledge of legal issues in these areas is a bonus). 
• Advanced knowledge of privacy management tooling (including OneTrust and TrustArc, data discovery tooling, and Archer) and privacy engineering, preferred.