Assistant General Counsel for Privacy and Cybersecurity @ Moody's

Prestige & Privacy

Assistant General Counsel for Privacy and Cybersecurity @ Moody's

whistlercontact_locationNew York City or Charlotte, NC

You all know Moody's. They're the "global integrated risk assessment firm that empowers organizations to make better decisions...." and they're the ones who give states their credit ratings (congratulations, Connecticut on making it to Aa3!).

As their Assistant General Counsel for Privacy and Security, you'll have a high degree of autonomy as the lead for privacy in the Americas.

Along with maintaining current knowledge of applicable US and international privacy and cybersecurity laws and standards, monitor new developments to facilitate organizational adaptation and compliance. While designing and implementing a global privacy law compliance program, including processes for the completion of personal information inventories, privacy impact assessments, and data protection policies and procedures

Responsibilities:

  • Maintain current knowledge of applicable US and international privacy and cybersecurity laws and standards, and monitor new developments to facilitate organizational adaptation and compliance
  • Design and implement a global privacy law compliance program, including processes for the completion of personal information inventories, privacy impact assessments, and data protection policies and procedures
  • Create and retain a data record inventory of data processing activities of the company and any other privacy-related documentation required by the GDPR or similar laws or regulations
  • Coordinate with other members of the legal team, information security and business stakeholders to ensure existing and new products, services and processes comply with applicable privacy requirements
  • Oversee, direct and assist with delivery of privacy training to company employees
  • Support incident response team for incidents or breaches involving personal data
  • Act as privacy subject matter expert in the negotiation and implementation of contract terms concerning data privacy and protection, between the company and vendors, third-party contractors, suppliers, customers, and agencies
  • Liaise with privacy and cybersecurity professionals at peer companies and industry organizations to benchmark efforts and learn best practices

 

Qualifications:

  • Minimum of 10+ years of experience in a role focused on data privacy/protection compliance.
  • Deep working knowledge of current US privacy laws and cybersecurity laws, the General Data Protection Regulation, and industry standard contractual requirements and regulations pertaining to data privacy and security
  • Experience managing privacy programs from inception to operation, including privacy risk and compliance management, metrics tracking, privacy training development and deployment, and incident management
  • Strong technical understanding relating to IT environments, cloud computing and the online space (e.g., social media, cookies, mobile apps, big data analytics, etc.), with particular focus on how these technologies are used to communicate, collect, use and/or share personal data Strong project management skills with proficiency in managing multiple projects simultaneously
  • Law degree from well-respected university.
  • Certification in privacy and data protection (CIPP, CIPM or CIPT) is a plus
  • Prior experience in the financial services /business information provider industries or B2B industry is an advantage
  • Experience working in a multi-national corporation (in particular, headquartered in the U.S.) or experience working on projects involving stakeholders from multiple jurisdictions strongly preferred
  • Excellent leadership and communication skills, and desire to work as part of a global team in a fast paced environment

Apply Now