In-House Privacy Counsel

The position is described below. If you want to apply, click the Apply button at the top or bottom of this page. You'll be required to create an account or sign in to an existing one.

If you have a disability and need assistance with the application, you can request a reasonable accommodation. Send an email to Accessibility (accommodation requests only; other inquiries won't receive a response).

Regular or Temporary:

Regular

Language Fluency: English (Required)

Work Shift:

1st Shift (United States of America)

Please review the following job description:

The In-House Privacy Counsel will lead all aspects of data privacy and protection across the organization. This role will be responsible for providing strategic direction for the company’s privacy compliance program, including policy development, risk assessment, incident response, and training. The successful candidate will bring deep expertise in privacy law and cybersecurity regulations, and will collaborate closely with cross-functional teams to ensure compliance and mitigate risk.

KEY RESPONSIBILITIES

Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.

• Provide strategic legal counsel on data privacy and protection matters across the organization.
• Lead and scale the company’s privacy compliance program, ensuring alignment with business objectives and regulatory requirements.
• Develop and implement comprehensive data privacy and security policies and procedures.
• Oversee the protection of data collected by the company and ensure compliance with applicable laws and regulations.
• Draft, review, and negotiate privacy and security contractual clauses and data protection agreements.
• Monitor and assess changes in privacy laws and regulations, including CCPA, GLBA, GDPR, HIPAA, NYDFS, and others.
• Conduct privacy risk assessments and manage incident response for data breaches and cybersecurity events.
• Deliver ongoing training and education to employees on data privacy and security best practices.
• Collaborate with cybersecurity, IT, HR, and other cross-functional teams to ensure cohesive privacy strategies.
• Support privacy-related aspects of M&A activity, including due diligence and integration planning.
• Maintain strong relationships with internal stakeholders and external counsel to manage privacy-related legal matters.

EDUCATION AND EXPERIENCE

The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Juris Doctor (JD) from an ABA-accredited law school (Required)
• Licensed to practice law in any U.S. state (Required)
• 7 years of sophisticated data privacy and security experience, preferably with an Am Law 200 or boutique law firm and/or in-house legal department
• Experience assessing data privacy compliance and developing comprehensive data privacy and security policies
• Experience addressing data breach or incidents and providing strategic advice and training on data security issues
• Insurance industry, CFIUS, and/or sanctions experience a plus

CERTIFICATIONS, LICENSES, REGISTRATIONS

• Active law license in good standing (Required)

FUNCTIONAL SKILLS

• Strong legal research and analytical skills
• Outstanding written and verbal communication skills
• Ability to build trusted partnerships with cross-functional teams including cybersecurity, IT, and HR
• Proven ability to manage multiple priorities in a fast-paced environment
• High level of discretion and professionalism
• Ability to work independently and collaboratively across teams
• Strategic mindset with a practical, solution-oriented approach
• Experience managing outside counsel and privacy-related legal matters
• Familiarity with privacy training and policy development

General Description of Available Benefits for Eligible Employees of CRC Group: At CRC Group, we're committed to supporting every aspect of teammates' well-being – physical, emotional, financial, social, and professional. Our best-in-class benefits program is designed to care for the whole you, offering a wide range of coverage and support. Eligible full-time teammates enjoy access to medical, dental, vision, life, disability, and AD&D insurance; tax-advantaged savings accounts; and a 401(k) plan with company match. CRC Group also offers generous paid time off programs, including company holidays, vacation and sick days, new parent leave, and more. Eligible positions may also qualify for restricted stock units and/or a deferred compensation plan.

CRC Group supports a diverse workforce and is an Equal Opportunity Employer that does not discriminate against individuals on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status or other classification protected by law. CRC Group is a Drug Free Workplace.

EEO is the Law Pay Transparency Nondiscrimination Provision E-Verify