PURPOSE OF THE ROLE
• We are seeking an experienced Senior Data Protection Lawyer to join our well-established Office of the General Counsel (OGC) team, leading the Firm's strategic approach to data protection compliance and ensuring we meet all regulatory obligations and client expectations.
• In this role, you will collaborate with stakeholders across the Firm, including the OGC and Onboarding teams, gaining exposure to high-level decision-making and business strategy. You will have the opportunity to work on complex, strategic matters that directly influence the Firm, our clients, and the continued growth and development of our business.THE TEAM
• The OGC team comprises over 35 lawyers and other team members. It acts as the internal legal function of the Firm, overseeing regulatory compliance in the jurisdictions in which the Firm operates and supporting the Firm in managing legal risk in the work it undertakes.
• The team has a number of sub-teams that handle claims and complaints, oversee negotiation of the Firm's professional indemnity and other insurances, ensure compliance across the firm with legal and regulatory requirements, manage conflicts, negotiate key supplier contracts for the Firm and terms that govern key client relationships and is involved in strategic activity including supporting the Firm's board.
• The Senior Data Protection Lawyer leads the Data Protection sub-team. The team is based in the UK but supports the Firm globally; therefore, this role also involves supporting the Firm's offices (present and future) outside of the UK. WHAT TO EXPECT IN THIS ROLE
Leadership
• Ensuring that potential data protection issues are identified and addressed with a robust plan to maintain the Firm's compliance.
• Ensuring that the team's policies, training, and legal advice are appropriate for, or adapted to suit, the whole AG group.
• Managing and developing the Data Protection team, including direct reports, to ensure the retention, growth, and full potential of talent within the team.
• Defining, communicating, and refining the vision for the Data Protection team, ensuring alignment with the OGC strategy to support the Firm achieve its strategic goals.
• Having strong visibility via consistent office presence due to leadership responsibility and management of others, particularly junior team members.
• Building strong relationships with key stakeholders across the Firm, including the Information Security, wider IT, Procurement, HR, and Finance teams as well as the practice groups.
Legal Advisory
• Providing clear, commercially focused legal advice to all areas of the Firm on data protection law, ensuring alignment with wider commercial and regulatory considerations.
• Shaping strategies to address upcoming issues, legislative and regulatory changes, market trends, and best practices.
• Developing and deliver training on data protection risk and compliance issues for all Groups and Business Services teams.
• Ensuring the data protection team deals promptly with key data protection advisory matters including:
• Responding to personal data and confidential information breaches (or suspected breaches) within any applicable mandatory timeframes.
• Responding to data subject rights request within any applicable mandatory timeframes.
• Supporting the Firm to obtain data subject consent to the regulatory standard wherever required.
• Ensuring that transparency information required under data protection law is drafted clearly and that processes are in place to enable this to be made available to data subjects at an appropriate time.
• Advising on whether proposed processing can be conducted and, if it can, providing clear advice on the measures that must be put in place to do so in accordance with data protection law.
• Advising on the transfers of personal data to other jurisdictions and ensuring that processes are in place to enable any additional safeguards to be implemented.
Compliance Oversight:
• The Senior Data Protection Lawyer drives the development and implementation of the Firm's data protection compliance strategy, systems, and frameworks, ensuring they are robust yet practical. This includes:
• Ensuring systems and processes are in place to incorporate data protection by design and by default into business operations.
• Running a robust data protection impact assessment process.
• Maintaining a record of processing for the Firm's operations.
• Striving for continuous improvement to the data protection compliance programme.
• They support the GC/COLP in managing data protection regulatory obligations, including reporting to the Information Commissioner's Office and other applicable regulators and supervisory bodies.
• They oversee the Data Protection team's support to (i) the Commercial & Regulatory team in OGC for client questionnaires and contracts reviews and (ii) the Firm's Procurement team.
• The Senior Data Protection Lawyer works closely with the Firm's Information Security team, whose work underpins the Firm's compliance with security aspects of data protection law.
Risk Management:
• The Senior Data Protection Lawyer leads efforts to embed a strong data protection risk management culture across the Firm as part of the OGC team.
• They assess and enhance compliance controls to meet regulatory objectives and ensure the Firm's compliance activities remain current and fit for purpose.
• They ensure that risk management strategies are documented, including in policies on the Practice Manual and that these are kept up to date and communicated to appropriate audiences. KNOWLEDGE, SKILLS & EXPERIENCE ACQUIRED
• The Senior Data Protection Lawyer must be a qualified lawyer possessing significant data protection experience in private practice and risk and compliance expertise within a leading international law firm or equivalent organisation.
• They must demonstrate proven leadership and line management experience, with a strong ability to influence, persuade, and command respect across the Firm.
• They must possess an in-depth understanding of the regulatory regime that law firms operate within.
• They must exhibit resilience, strength of character, and a practical, solution-driven approach to challenges.
• They must be capable of tailoring their approach to deliver clear, concise, and logical advice across international boundaries, mindful of cultural differences.
• They must ensure confidentiality and discretion in all matters and contribute to the Firm's overall success through collaborative teamwork and independent leadership.
• They must have an eye for detail whilst being able to see ‘the big picture'.
• They must be flexible, commercial and solution driven in approach.
• They must be able to be a ‘lawyer to the lawyers' and demonstrate the judgment, experience and insight which would command respect from that population.
• They must be able to work to deadlines, juggle multiple projects, and deliver under pressure. OUR FIRM
Addleshaw Goddard is a place where you are valued, encouraged, and challenged to fulfil your potential in a supportive and collegiate environment. Our culture of improvement, growth and collaboration delivers results, drives innovation, and rewards ambition.
We not only provide technical excellence and experience but, crucially, demonstrate real insight into our clients and what really matters to them and as such we are natural choice for FTSE100 clients and their equivalents in other markets.
Our success has been built by people from the widest range of backgrounds, locations, and perspectives. We have a number of employee networks that provide space to discuss the differences that make us who we are and celebrate this at AG. OUR APPROACH: IMAGINE THE BEST YOU CAN BE
Everything we've accomplished can be traced back to our people and the way we work. Our reputation is something we are proud of, and constantly invest in.
Here, you'll do high calibre work, with high-character colleagues who care for one another and our clients.
Are you up for the challenge?
Read Less
