Senior Legal Counsel, Data Protection

Summary

Join BeyondTrust as a Senior Legal Counsel, Data Protection and become a key member of the legal team, collaborating closely with the DPO and other teams. You will play a crucial role in identifying and managing legal and commercial risks related to data processing. This position blends transactional and privacy management duties, demanding strong analytical, communication, and interpersonal skills. You will possess in-house experience in a global commercial setting, a deep understanding of cloud/SaaS agreements, and the ability to negotiate contracts effectively. Your responsibilities will encompass drafting and negotiating DPAs, supporting data privacy assessments, implementing global data privacy programs, and acting as a subject matter expert on data protection matters. BeyondTrust offers a culture of flexibility, trust, and continual learning.

Requirements

• Qualified solicitor or barrister with a valid practicing certificate
• Commercially focused with solid knowledge of regulatory requirements and commercial contracts
• At least 5 years post-qualification data privacy law experience within a fast-paced global commercial environment with experience of working on cloud/SaaS agreements and privacy management systems (technology sector an advantage)
• Experience of privacy management programs and cross-border transfers is also required
• Well organized, detail oriented with a positive attitude and ability to work under pressure to prioritise and meet competing deadlines
• Strong relationship-building skills and excellent interpersonal, influencing and communication skills, both oral and written
• Ability to translate complex legal issues to a wide range of colleagues
• Excellent analytical, judgement and decision-making skills
• Team player with excellent negotiation, writing and communication skills
• Self-starter with a sense of humour

Responsibilities

• Drafting and negotiating data processing agreements (DPAs), both customer and vendor facing, as part of wider commercial contract negotiations
• Providing support in relation to data privacy impact assessments, transfer impact assessments and data subject requests
• Supporting the DPO in the implementation and execution of global data privacy programs, including the provision of training to the organisation, data mapping and updating contracts templates and policies
• Providing support on data privacy matters involving employee and non-employee related queries and projects
• Completing and addressing questionnaires and privacy queries from customers
• Supporting the Security Risk Management (SRM) team in the performance of internal and external audits, providing evidence and addressing auditors’ queries regarding privacy and data protection
• Completing privacy portions of questionnaires as part of the Request for Proposal (RFP) and Request for Information (RFI) process
• Managing the process to keep up to date privacy policies and notices, both internal and external facing
• Internal counseling to ensure the principles of privacy by design and by default are integral in the product development process
• Acting as subject matter expert (SME) for matters related to privacy and data protection within the organization, addressing queries and providing guidance to other internal departments
• Providing support in relation to the privacy due diligence process for vendors and working with other internal teams such as Procurement, IT and Security as part of the procurement process
• Staying up to date with global upcoming privacy laws and regulations and translating the same within the organisation’s privacy program

Preferred Qualifications

• CIPP/E, CIPP/US or CIPM qualification a bonus
• Experience of advising on US privacy issues in addition to UK/EU is preferred