Reporting to the Chief Privacy Officer, the Senior Corporate Counsel, Privacy works with cross-functional partners to drive the continued implementation of The Home Depot’s Privacy and Data Governance Programs, including developing and enhancing corporate policies and business-specific processes and procedures related to privacy and data governance. The Counsel collaborates with IT Security to manage the company’s privacy and data security training program, including development and execution of activities to promote privacy awareness within the company. S/he serves as the subject matter expert to the company on issues of data governance and provides expert advice and strategic operational guidance to all functions across the company. The Counsel collaborates with other members of the Legal Department and business functions to analyze and assist with pertinent privacy and data governance aspects of legal agreements. S/he oversees or assists with and helps investigate, manage and mitigate privacy incidents, complaints, or breaches.
Specifically, the Counsel will:
- Collaborate with the Data Governance business team to drive creation and implementation of enterprise-wide cross-functional initiatives bridging both the legal and technical aspects of data governance, including collaborating with business teams on projects that involve any of the upstream or downstream data flows and processes.
- Provide counsel, strategic advice and business guidance on privacy and data governance matters across all lines of a dynamic retail business, with specific emphasis on supporting the company’s data strategy and issues related to customer communications and analytics.
- Drive thought leadership of, develop, and implement data governance strategies and processes to ensure the classification, confidentiality, privacy, security, retention, and lawful disposition of customer and employee data.
- Collaborate with Legal, Privacy, Data Governance, Operations, Internal Audit, Compliance, IT, and other business units to enhance and mature already existing programs consistent with established frameworks.
- Guide, advise, and develop best practices for the application of data governance principles to enterprise-wide initiatives.
- Provide guidance on compliance with global data governance, privacy and data security laws, regulations, industry standards, self-regulatory requirements, and best practices applicable to the retail industry (primarily North America).
- Review and negotiate privacy and data governance contractual issues that arise in a wide variety of commercial transactions.
- Assist the Chief Privacy Officer in the execution and continuous improvement of The Home Depot’s Privacy and Data Governance Programs, including policies and procedures as they relate to customers and associates.
- Understand the technologies that create data governance and privacy challenges and keep current on legislative, judicial and regulatory data governance and privacy and data security developments in order to understand and communicate the effect of such developments on The Home Depot’s business.
- Provide perspective on legislative, regulatory, or other policy initiatives as needed by Government Relations Team and Chief Privacy Officer.
- Assist the Incident Response Team in the review and coordination of potential privacy or data security incidents, including investigations, notifications, and other resolution efforts.
- Develop and deliver privacy and data security training and awareness programs.
Knowledge, Skills, Abilities and Competencies
- Ability to lead thought on data governance and data privacy issues and a proven record of accomplishment applying this expertise to enterprise-wide programs and initiatives
- Capacity to represent legal perspectives in a large, cross-functional, collaborative environment
- Excellent verbal, written and interpersonal communication skills
- Ability to prepare and assist in preparation of reports and presentations to officers and executives as appropriate.
- Ability to confront conflict and difficult issues in a professional, assertive and proactive manner.
- The self-starting ability to aggressively tackle new responsibilities and initiatives without receiving sufficient training or completely clear direction.
Qualifications & Experience
- 8+ years of legal practice, including experience as in-house counsel
- IAPP Privacy Certification such as CIPP or CIPM highly preferred.
- JD with a strong academic background
- Strong customer service focus
- The ability to identify and analyze complex legal issues
- The ability to work independently in a fast-paced environment
- Member of a state bar
- Demonstrated legal project management experience; solid organizational and time management skills
- Experience with developing and implementing a data governance program or significant components of a comprehensive data governance program
- Demonstrated privacy, compliance or other form of operational experience translating legal and regulatory requirements into simple, practical processes and practices
- Demonstrated ability to independently drive and timely deliver on large, multi-faceted and complex projects
- Demonstrated knowledge and experience with privacy and data governance laws and regulations and ability to translate that knowledge to deliver relevant and actionable guidance to the business. Specifically, possess strong substantive knowledge of legal and self-regulatory privacy and data security requirements globally (primarily North America), including, but not limited to, California Consumer Protection Act, GDPR, PCI-DSS, Online Behavioral Advertising Principles, State Data Protection laws, including Breach Notification laws, FTC Act, TCPA & TSR, CAN-SPAM, COPPA, CASL, PIPEDA and various other federal, state and municipal privacy laws and industry regulations.
Application Submission Information:
Please send CV and cover letter to firstname.lastname@example.org