Privacy Counsel (NQ – 3 years PQE) - UK & EU
We have an exciting career opportunity for a privacy lawyer to join the Privacy Centre of Excellence (COE) in a UK & EU role. This position provides great flexibility and visibility across the business for a driven candidate. Data is fundamental to our client services at Marsh, and we pride ourselves on being responsible stewards of the large volumes of global data we are entrusted with, and in our thoughtful design of innovative offerings to help clients manage risks. We are looking for a forward-thinking and collaborative lawyer to join our team. As Privacy Counsel, you’ll report to our Chief Privacy Officer and DPO, UK & EU.
We will count on you to:
To work with diverse business and function leaders globally to help drive our data protection agenda and ensure we follow best practices.
To be part of a dedicated Privacy team that strives to deliver data protection while focusing on client service excellence and innovative digital offering
Provide day-to-day advice and guidance for data protection queries and escalations across all business areas
Provide support with the management of responses to data subject rights requests, as well as privacy-related complaints, audits, and investigations
Negotiate data protection terms in third party contracts and handle escalation from the Legal team, including with respect to matters relating to international data transfers
Serve as an Incident Response Leader on business data incidents, including by providing legal advice and supporting the notification and communication of personal data breaches, both internal and external
Conduct privacy risk assessments and DPIAs, supporting the business to assess key privacy risks in new initiatives
Support the team to keep up-to-date with legal and regulatory developments, guidance and case law, and contribute to the internal Privacy blog
Collaborate with cross-functional teams to advise on compliance with privacy and cyber laws and regulations, responding to queries from colleagues across the enterprise
Work in an environment which will proactively support your development and growth
Be part of a dedicated privacy team that strives to deliver data protection while focusing on client service excellence and innovative offerings
What do you need to have?
NQ – 3 years PQE and experience working in a corporate environment or law firm, with a focus on privacy and data protection
Strong knowledge of UK & EU data protection legislation and an understanding of the broader data law environment
Experience drafting and negotiating commercial contracts, with a focus on data protection terms and security terms
Experience in managing the end-to-end process of data subject rights requests, particularly access requests
Knowledge of international data transfer requirements, including the use of standard contractual clauses and binding corporate rules
Experience conducting legal research and producing summaries and guidance notes for different audiences
Ability to work under pressure in a fast paced and dynamic environment
Ability to work within a matrix environment, managing relationships with different business stakeholders and to problem-solve effectively across multiple geographies
Excellent communication (verbal and written) skills
Strong planning and organisation skills
What makes you stand out:
Business proficiency of European languages (especially French, Spanish or German)
Experience interacting with regulators on data protection and privacy issues
Understanding of information technology systems and their security requirements
Familiarity with data lakes and governance, digital platforms, cookie and other third-party online tracking, and privacy-enhancing technologies
Understanding of AI and developments in the generative AI space, as well as the related regulatory environment
Any CIPP certification

