The Data Privacy Attorney performs highly advanced legal work. Work involves providing counsel and related services primarily related to data privacy, data management, cybersecurity, and intellectual property matters in connection with TRS business activity and compliance requirements; providing general legal counsel and representation to agency board of trustees and executive management; and providing research and other legal support. Works under minimal supervision, with extensive latitude for the use of initiative and independent judgment.
Detailed Position Description:
Data Privacy Counsel
- Reviews and analyzes documents, fact situations, and relevant laws and rules, and provides legal services and advice to the General Counsel & Chief Compliance Officer (CCO), Chief Information Security Officer (CISO), agency management including the Board of Trustees and Executive Director, and other agency staff regarding data privacy, data management, cybersecurity, and intellectual property matters.
- Monitors and analyzes changes in laws, regulations and industry and advises appropriate organizational leadership of such changes in a timely manner.
- Identifies and anticipates potential or future legal and operational issues that present a risk to TRS and engages with others to identify potential solutions. Ensures that risks are effectively measured, monitored, and controlled.
- Participates in the review and coordination of potential privacy or data security incidents, including investigations, notifications, and other resolution efforts.
- Manages e-discovery and litigation/responses to regulatory actions relating to data security, data privacy, and intellectual property matters.
- Manages incident investigation teams composed of various stakeholders. Coordinates notifications and resolution efforts.
- Partners with the CISO and Privacy Officer on cybersecurity and data protection strategy and assists with the implementation of the strategy at all levels for all types of TRS information and data.
- Provides legal advice on intellectual property laws, including trademark and copyright registrations and protection.
- Develops, implements, updates, and enforces policies and procedures related to data privacy, data management, cybersecurity, and intellectual property matters.
- Develops and delivers legal training and written guidance to internal customers.
General Legal Counsel and Representation
- Attends meetings of the Board of Trustees, Board committees, and Information Security committees as directed; assists with preparing meeting materials, such as drafting proposed resolutions, meeting minutes, and related materials; and delivers presentations as assigned.
- Coordinates with the Office of the Attorney General on agency litigation; researches and analyzes legal issues and prepares legal memoranda; gathers and reviews evidence and prepares discovery responses and affidavits; and assists in defense or prosecution of litigation.
- Represents the agency as assigned in meetings and negotiations with other attorneys and external participants, including executive and legislative branches of Texas state government.
- Works with outside counsel on assigned matters, including managing workflow and evaluating work product.
Research and Support
- Conducts legal research with respect to assigned or referred matters.
- Assists in the preparation of contracts, memoranda, briefs, rules and amendments to rules, resolutions, policies, guidelines, procedures, pleadings, letters, or other materials as assigned.
- Tracks deadlines and takes appropriate action on assigned matters.
- May coordinate the related work of legal assistants, specialists, and support staff.
- Leads or participates in special projects as assigned.
- Performs related work as assigned
WHAT YOU WILL BRING
- Juris Doctor (J.D.) degree from an accredited law school.
- Seven (7) years of full-time experience as a practicing attorney in at least one of the following areas: data privacy and security (US and internationally), cybersecurity, data security, intellectual property, and related areas.
- Experience with data incident response, compliance, and investigations.
- Experience counseling clients on privacy compliance matters.
- Experience advising clients in a wide range of data privacy laws, including US federal and state privacy and data security laws and regulations (including the new California Privacy Act, NY SHIELD law, Electronic Communications Privacy Act of 1986 (ECPA), Fair Credit Reporting Act (FCRA), Gramm-Leach-Bailey Act (GLBA) and breach notification laws, among others), as well as the General Data Protection Regulation (GDPR) and other international privacy and data security laws
- Experience may be concurrent.
Registration, Certification, or Licensure:
- Licensed to practice law in the State of Texas and a member in good standing of the State Bar of Texas; or hold a valid, active law license issued by another state and be eligible for Texas licensure under Board of Law Examiners Rule 13: Applicants From Other Jurisdictions (candidate must obtain Texas license within eight months of hire date).
Application Submission Information: