Associate General Counsel, Privacy & Cybersecurity

Summary

Join Brightspeed as an Assistant General Counsel, Privacy & Cybersecurity and become a key member of our growing team. Working closely with the Chief Privacy Officer, you will manage and maintain a top-tier privacy program. You will serve as a privacy and strategic thought leader, providing legal advice and mitigating legal risks. This role requires extensive experience in privacy law, data governance, and cybersecurity. You will interact with internal and external stakeholders and lead the Privacy Office's response to data access requests. Brightspeed offers competitive compensation and comprehensive benefits, including medical, dental, vision, and life insurance, a 401k plan, and more.

Requirements

• A law degree from an accredited law school
• Actively licensed with a state bar and in good standing
• Extensive experience assessing and mitigating legal risks associated with privacy and data governance, cybersecurity, data and digital transactions
• In-depth knowledge of key US federal and state privacy laws, and working knowledge of laws such as the Health Information Portability and Accountability Act (HIPAA), Customer Proprietary Network Information (CPNI) regulations, Payment Card Information (PCI) rules and regulations, CCPA, CPRA, and the Children's Online Privacy Protection Act (COPPA)

Responsibilities

• Serve as a subject matter expert on all aspects of privacy, data protection, cybersecurity, national security, data use and access, data management and governance and technology matters, advise on complex legal issues related to AI and use of emergent technologies
• Serve as a trusted legal advisor to the business and provide sound legal advice on the application of federal and state privacy laws and regulations to business operations
• Monitor the complex and evolving landscape of law and regulation to stay apprised of important developments and proactively identify and mitigate areas of privacy or compliance risk, provide clear, concise, and actionable legal guidance, and communicate clearly and succinctly to lawyers and non-lawyers, changes to or developments in privacy and data protection laws and regulations and their impact on business operations
• Interact with internal and external stakeholders in the telecommunications and other industries, and also with federal and state agencies
• Help define and prioritize strategic projects for the Privacy team
• Oversee the Privacy Office’s incident response strategy, support the incident response team and program, advise on breach determination and notification requirements and processes under applicable federal and state laws
• Lead the Privacy Office’s response to external data access requests such as requests from law enforcement
• Interpret and apply privacy and data protection law and contractual requirements to a wide variety of business initiatives and transactions, negotiate data privacy, data protection and data use agreements, develop and implement policies, procedures, and related training

Preferred Qualifications

• Privacy and cybersecurity certifications (e.g., CIPP/US, CIPM, etc.)
• Experience with digital marketing and advertising rules and regulations, state consumer protection statutes, CAN-SPAM, Telephone Consumer Protection Act (TCPA), Telemarketing Sales Rules (TSR), and FTC marketing guidelines
• Experience in the telecommunications industry or similar critical infrastructure sector

Benefits

• Competitive medical, dental, vision, and life insurance
• An employee assistance program
• A 401K plan with company match
• A host of voluntary benefits