Privacy Attorney

**Job Details**

**What you will do**

You will be responsible for supporting Global Privacy Office on range of activities including privacy clause review, privacy impact assessment, data mapping, regulation research, etc.

**How you will do it**
- Support Global Privacy Office on creating and implementation of global privacy requirements.
- Guide the business on complex privacy and data issues as well how privacy interacts and impacts emerging technologies and develop creative solutions while ensuring compliance with global privacy regulations
- Analyze products, policies and initiatives to provide practical privacy risk mitigation strategies for products across multiple jurisdictions
- Provide oversight and expertise on a full range of domestic and international data protection and privacy regulations, compliance operations, trainings, and privacy incidents.
- Work cross-functionally with leaders to translate legal and policy requirements to enable the business to position privacy as a competitive advantage driving business growth and customer loyalty.
- Support the existing Global Privacy Program, including responsibility for the development, implementation and periodic review of privacy policies and procedures
- Review, redline, and negotiate changes on privacy term provisions under various contracts such as procurement contracts, sales contracts, etc.
- Collaborate with product and business teams at all stages of product development to identify any potential privacy risk and provide counseling on risk mitigation by conducting privacy impact assessments
- Support JCI customer due diligence on JCI privacy practices by addressing customer questionnaires
- Work with Global Privacy Office and business for creating and validating data privacy sheets for products and services
- Research and Monitor developments in privacy and data protection impacts to Johnson Controls (e.g., new laws, regulations, important judgements, regulatory guidance, etc.).
- Provide full-service support to the wider legal team on global data privacy and regulatory matters and liaise with regulators.
- Provide policy, legal, product, engineering, and other business teams with legal advice on global data protection laws and regulations for external communications, policy development, and enforcement decisions.

**What we look for**

**Required**
- They must have a law degree with a minimum of 6-8 years of relevant experience including at least 4 years of in-house and/or law firm expertise ideally supporting complex data privacy matters within B2B and/or B2C environments.
- Ability to influence without authority and to work within a matrixed legal team is a key attribute.
- Ability to develop and sustain relationships with management at all levels across geographies, and demonstrate customer management skills is required.
- Good understanding of GDPR, North American privacy laws, such as HIPAA, Federal Trade Commission (“FTC”) requirements and guidelines, the California Consumer Protection Act (“CCPA”), the Canadian - Personal Information Protection and Electronic Documents Act (“PIPEDA”), and others.

**Preferred