About the firm
Companies, investors and government entities around the world turn to Alvarez & Marsal (A&M) for leadership, action and results. Privately held since its founding in 1983, A&M is a leading global professional services firm that provides advisory, business performance improvement and turnaround management services. When conventional approaches are not enough to create transformation and drive change, clients seek our deep expertise and ability to deliver practical solutions to their unique problems.
With over 10,000 people providing services across six continents, we deliver tangible results for corporates, boards, private equity firms, law firms and government agencies facing complex challenges. Our senior leaders, and their teams, leverage A&M’s restructuring heritage to help companies act decisively, catapult growth and accelerate results. We are experienced operators, world-class consultants, former regulators and industry authorities with a shared commitment to telling clients what is really needed for turning change into a strategic business asset, managing risk and unlocking value at every stage of growth.
To learn more, visit: AlvarezandMarsal.com.
Summary
The Privacy Counsel will assist and report to A&M’s Senior Privacy Counsel in support of A&M’s global data protection program, including legal counseling, privacy program initiatives, regulatory compliance, and day-to-day privacy matters impacting A&M’s business units and corporate functions.
Responsibilities
- Monitor global legal developments; identify, research, and evaluate current and emerging data protection laws and regulatory guidance and their impact on A&M.
- Support privacy program initiatives and accountability, including privacy notices and policies; data inventories / records of processing activities; privacy by design; data protection impact assessments; legitimate interest assessments; data transfer impact assessments; individual rights; maturity assessments; and training and awareness. Responsibilities in this area include both substantive privacy analysis, and project and process management.
- Work cross-functionally with Information Technology and the Global Security Office on privacy by design, information security policies, and security incident response; and, with Human Resources, Global Marketing, Finance, Compliance, and Internal Audit on company initiatives, privacy guidelines, and day-to-day privacy matters.
- Support A&M’s business units, internal functions and commercial attorneys in drafting and negotiating DPAs, BAAs, and other privacy agreements, and in responding to client privacy questionnaires and diligence requests.
- Help manage A&M’s response to data subject requests (access, deletion, etc.).
- Support the development of privacy guidelines and supporting communications, and development of privacy content for the firm’s Global Compliance and Privacy & Data Protection intranet pages.
- Support the firm’s use of enterprise governance, risk, and compliance (GRC) tools.
- Serve as a data protection advocate throughout the firm.
Required Skills and Qualifications
- Juris Doctor (or equivalent for non-US lawyers) from an accredited law school, in good standing.
- IAPP certification (e.g., CIPP/US, CIPP/E, CIPM)
- Prior law firm, in-house corporation, or consulting experience with full-time focus on privacy.
- Strong knowledge global privacy laws, including but not limited to GDPR and similar non-EU laws, CCPA, HIPAA, and CAN-SPAM/global anti-spam regulations.
- Excellent verbal and written communication skills.
- Excellent contract drafting and negotiation skills.
- Strong interpersonal and influencing skills.
- Strong project management, organizational and time management skills, with the ability to manage and execute on multiple projects and tasks simultaneously. Flexibility to adapt to the needs of the business and handle ad hoc and urgent projects.
- Sound legal judgment and business awareness, comfortable with a commercial and not overly theoretical approach.
- Team player.
- Highly motivated self-starter.
- Demonstrate A&M Core Values.
Desired Skills and Qualifications
- Project management or consulting experience.
- Experience implementing a privacy compliance program.
- Familiarity with ISO 27001/27701 or other internationally recognized controls frameworks.
- Familiarity with GRC platforms / privacy information management systems.
- Proficiency with Excel and PowerPoint.