Senior Legal Counsel, Data Privacy

Job Title: Senior Legal Counsel Data Privacy

Location: Europe

Aptean is changing. Our bespoke ERP solutions are transforming a huge range of global businesses, from food producers to manufacturers. In a world of generic enterprise software, we provide targeted solutions that bring together the very best technology and drive greater results. With over 3500 employees, 60 different products and a global client base, there’s no better time to advance your career at Aptean.

Are you ready for what’s next, now? We are! If being part of a dynamic, high growth organization excites you and you are eager to learn and grow, then this opportunity is for you! Our fast-paced environment and dynamic Legal department is eager for a mover and shaker to step into this role and become an integral part of our team.

As a Senior Legal Counsel Data Privacy you’ll be a subject matter expert with responsibility for providing data privacy advice and support to the Aptean group of companies. In addition to advising on applicable legislation and how to apply this practically to Aptean’s business operations, this position requires versatility and agility, as you will be guiding and advising a wide variety of stakeholders from across the business and at various levels of seniority.

This role is critical in helping Aptean comply with its data privacy obligations. You will need to be able to operate comfortably and effectively across different jurisdictions, and to promptly identify risks and issues that need to be escalated within the wider team and the company.

Aptean requires someone who is hands-on with a strong professional ethic and the energy, interest, and capability to quickly switch between a broad range of subjects while providing diligent and thorough advice. You will need to be comfortable operating in a small team and the ability to prioritise, manage conflicting priorities and remain calm under pressure is essential.

• Lead, advise on and implement a number of privacy initiatives including data mapping, data retention, DPIAs, SCCs and international data transfer processes.
• Manage data subject rights requests and coordinate their resolution.
• Implement and support privacy and data management framework, policy, procedures and work instructions in partnership with the in-house legal team, IT, security and other cross functional teams.
• Work with current privacy infrastructure, analyse, build and refine processes and assist with undertaking audits and risk assessments.
• Escalate and report on privacy risks and assist with crafting and implementing appropriate legal solutions.
• Train and educate the company’s employees about data privacy compliance responsibilities and obligations by designing and implementing training plans.
• Track and monitor updates and developments to applicable data privacy law and regulation and assist with making program and training changes and recommendations accordingly.
• Act as primary point of contact for members of staff and lawyers on data privacy matters, and as point of contact for relevant data protection authorities.
• Assist with identification and remediation of data incidents involving personal data.
• Assist the Security team with crafting and implementation of information security policies and procedures.
• Advise on marketing and third-party marketing initiatives involving e-privacy compliance and data sharing.
• Review and update fair processing information and privacy notices.
• Assist with negotiation of privacy terms in agreements with customers, vendors and partners.
• Work closely with internal clients from all business units (including Security and R&D teams) to support their objectives.
• Support privacy initiatives for multiple jurisdictions and develop a working knowledge of key local law matters which impact the business.
• Work efficiently across many projects and issues effectively at the same time.
• Liaise with regulatory authorities if necessary.

• Qualified lawyer with in-house legal background, ideally in a software/IT company.
• 8-10 years of experience implementing data privacy initiatives and providing privacy support.
• Data Privacy certification CIPP/E required and CIPP/US desired.
• Experience drafting data privacy addendums, data transfer agreements, policies, notices, disclosures, and other external facing materials.
• Strong working knowledge of GDPR and other key data privacy laws.
• Ability to influence stakeholders and inspire trust and confidence.
• Excellent verbal and written communication and drafting skills.
• Ability to work well independently and in a team in a dynamic, rapidly changing workplace.
• Positive can-do attitude and solution orientated.
• The ability and interpersonal skills to collaborate with employees at all levels.
• Experience in the software industry.
• Experience working with an Information Security team in a software company environment.
• Good knowledge of technical controls and privacy-enhancing technologies (PETs).
• Good understanding of ISO 27001, NIST CSF, SOC 2, and best practices in system hardening, access management, and incident response.
• A combination of in-house company experience and law firm experience is desired.
• Strong work ethic and demonstrated ability to manage a high volume workload with minimal supervision.

If you share our mindset, you can share in our success. To find out more about joining Aptean, get in touch today.