Deputy Chief Privacy Officer

A&O Shearman

  • Belfast
  • Permanent
  • Full-time
  • 5 days ago
Job descriptionWe have an exciting opportunity for you to join our growing Data Privacy Team based in the A&O Shearman Belfast office.The role will support the CPO in creating and maintaining a strong, technically capable and versatile function that enables colleagues to deliver world class legal, technology and AI services to our clients and will forge strong collaborative relationships with functional leads. The Deputy Chief Privacy Officer will allow the CPO to confidently focus on the wider strategic goals of the business and department after its globally significant merger.What you will do
  • To support the CPO in the delivery of data privacy strategy to ensure the firm for the global firm and compliance with legal and regulatory obligations across its network (30+ countries), ensuring alignment to the firm's risk appetite, client expectations and legal and regulatory changes and attitudes
  • Mange and provide day to day leadership and advice on data incident response globally, ensuring appropriate action is taken to minimize the risks associated with actual or potential exfiltration of data, including forensic document review, legal and regulatory reporting, client and individual notifications and reputation management.
  • Act as a trusted adviser to partners, functional heads and others on data incident management, response and remediation worldwide
  • To support the CPO and CISO in the formulation and delivery of the firm's cyber and incident response strategy and response framework
  • Ensure data security risks are appropriately identified, mitigated and managed to ensure operational resilience, including tracking and legal and regulatory developments globally and adapting the firm's policies and compliance frameworks accordingly
  • Lead and deliver strategic projects across the firm, ensuring compliance with legal and regulatory obligations, enhancing data governance and driving the firm's security and data strategies
  • Establish, maintain and develop relationships with strategic external partners to enable delivery against the CPO's strategic objectives
  • To lead on data protection regulatory reporting globally, developing and maintaining systems and processes designed to meet regulatory reporting obligations, working closely with partners, clients, subject matter experts inside and outside the business to ensure the firm meets legal and regulatory obligations to clients, regulators, individuals and other third parties
  • To ensure the safeguarding of individuals' privacy and security with a compassionate and empathetic approach, addressing their concerns and needs with sensitivity
  • To develop, maintain and report to senior management and other key stakeholders on regulatory data breach records to ensure the firm meets its legal obligations and to inform decision-making and strategy development in the firm
  • Provide expert advice to Client Audit and Engagement Terms teams in connection with data incident response and reporting
  • Lead thorough and independent investigations into data privacy and security issues, including in response to compliance breaches and complaints, ensuring the highest levels of accountability
  • To provide expert legal advice on the compliant handling of data throughout its lifecycle, including ingestion/creation, internal and external transfer/sharing, data retention, archiving and disposal
  • To support the CPO in the provision of advice to ensure the development of future technology meets all legal, regulatory and ethical standards
  • Leverage advanced technology solutions to meet the responsibilities of the team and this role, ensuring compliance with evolving regulatory standards and industry best practices
  • Build strong working relationships with technical, security and risk teams to work effectively together to ensure compliance with multi-disciplinary regulatory frameworks, including data privacy and legal regulation, and work with Client Audit and Engagement Terms teams to shape and comply with incident reporting and security requirements in a way that is positive for the firm and its clients
  • To design and champion data privacy and security training and awareness programmes and initiatives in order to drive cultural awareness and embed change across the global business
What you will have
  • England and Wales qualified lawyer with at least 8 years post qualification experience
  • Recognized data privacy qualification and/or a minimum of 5 years' experience providing data privacy advice in legal or professional services organisation or similar corporate
  • Expert knowledge of international privacy laws, regulations and industry best practice and experience of implementing privacy policies and practices in an international context
  • The ability to advise on strategies at a global level to manage and mitigate risks associated with data privacy and security
  • Detailed knowledge and experience of advising on international data transfers, data export restrictions and individual rights
  • Experience of adopting and using IT solutions to identify, manage and meet data privacy requirements and goals
  • Experience of coordinating and advising senior stakeholders on data incidents in a highly regulated global context
  • Knowledge and experience of advising on data privacy aspects of data, technology and cyber security issues
  • Ability to influence senior stakeholders and provide directive advice in a fast paced highly regulated environment
  • Proven experience in managing and providing leadership to lawyers and/or specialists
  • An ability to evaluate and prioritise efforts in keeping with the organisation's strategy and culture
  • A pro-active and highly collaborative mindset
  • Excellent attention to detail
  • A high degree of initiative and creative thinking, capable of developing original solutions to complex problems
  • Strong project management skills
  • Excellent communication skills
  • Proven good independent judgement
  • Excellent analytical skills and the ability to review and assimilate/report on large volumes of data in short timescales
  • Willingness to be available for incident and emergency handling outside of core office hours where required
  • Demonstrable commitment to high standards of ethics, regulatory compliance, client service and business integrity
What we can offer youWe recognize that our people are our most valuable asset, which is reflected in the wide range of benefits that are available to our employees. Some of these benefits include: our occupational pension scheme, group income protection cover, private medical insurance, mental health resources and free apps, health and wellbeing services encompassing GP service, emergency back-up care support, parental and special leave, online discounts and lifestyle management services.We recognise the value of flexible working and embrace hybrid working, allowing our people to work from home up to 40% of their working time. We do, however, remain committed to working together in person for the remaining 60% of time so that we can learn, grow and succeed together.Should you require additional support at any stage of the recruitment process due to a disability or a health condition, please do not hesitate to contact a member of our recruitment team who will work with you to provide any adjustments as required.We are an equal opportunities recruiter and do not discriminate on the basis of race, color, sex, religion, sexual orientation, national origin, disability, or any other protected characteristic.If this role is not of interest we may have another suitable opportunity here for you at A&O Shearman! Visit our careers portal at and submit your CV to our to be notified when the perfect opportunity becomes available.Area of expertiseRisk Management & ComplianceOfficeUnited Kingdom - BelfastWorking arrangementHybrid (combination of office & remote working)

A&O Shearman