Legal Counsel - Data Privacy

We are seeking a highly motivated and detail-oriented Data Privacy Professional to join our team. The ideal candidate will have 7-10 years of experience in reviewing Data Processing Agreements (DPAs), Standard Contractual Clauses (SCCs) for the EU and UK, and hands-on experience with the implementation of the General Data Protection Regulation (GDPR), Iso 27701, DPDPA, CCPA. The candidate should possess a legal academic qualification combined with a strong understanding of technical and security controls, ensuring a balanced approach to legal compliance and data protection practices. Key Responsibilities: 1. Contractual Review and Negotiation: Review and negotiate Data Processing Agreements (DPAs), EU Standard Contractual Clauses (SCCs), and UK SCCs to ensure compliance with data protection laws and organizational standards. Collaborate with internal stakeholders to address contract-related data privacy risks and concerns. 2. GDPR Implementation: Lead or support the implementation of GDPR-compliant processes and frameworks across the organization. Conduct gap analyses and recommend necessary actions for alignment with GDPR and other applicable data protection regulations. 3. Legal Advisory: Provide expert advice on privacy-related legal matters, including cross-border data transfers and regulatory requirements. Monitor and interpret changes in global data protection laws and their potential impact on the business. 4. Technical and Security Controls: Work closely with IT and security teams to ensure appropriate technical and organizational measures are in place to protect personal data. Provide recommendations on privacy-enhancing technologies and secure data handling practices. 5. Training and Awareness: Conduct training sessions for employees and stakeholders on data protection principles, regulatory updates, and best practices. Promote a culture of privacy within the organization. 6. Privacy Impact Assessments: Perform Data Protection Impact Assessments (DPIAs) for new projects, systems, and processes involving personal data. Identify and mitigate risks associated with data processing activities. Qualifications and Skills: Bachelors or Master’s degree in Law Experience in data privacy, with a focus on reviewing and negotiating DPAs, EU SCCs, and UK SCCs and other global related laws and regulation which has a bearing on Privacy. Strong knowledge of GDPR and its practical implementation in an organizational context. Solid understanding of technical and security controls related to data protection. Certifications such as CIPP/E, CIPM, or CIPT are mandatory. Excellent communication, analytical, and problem-solving skills. Ability to work collaboratively across departments and with external partners. Preferred Attributes: Experience with privacy management tools and technologies (e.g., OneTrust, TrustArc). Familiarity with other global data protection laws, such as the PDPA or PIPL. Proactive, detail-oriented, and capable of handling multiple projects simultaneously.