Purpose: The Data Privacy and Security Attorney will monitor internal compliance, inform, and advise on Blanchard's data privacy obligations. This role will also provide legal support with contract law and support efficient and cost-effective compliance with data security and privacy standards, keeping the company leadership informed about Blanchard's state of network security.

Salary Band: $122,800 - $150,000

Duties include:

Legal Responsibilities

• Provide legal support to business units and corporate functions on all aspects of contract law with particular emphasis on privacy and cyber security requirements, including consumer privacy.
• Help the company efficiently and cost effectively achieve compliance with various data security, privacy, and protection frameworks and standards.
• Advise, counsel, structure and negotiate sales, licensing, joint development, and technology transactions and contracts, including relating to data privacy and security, as well as internally developed and vendor provided Artificial Intelligence products, and supporting firmwide divisions.
• Review and draft language for RFPs, contracts, and other legal documents related to privacy and data security requirements; negotiate arrangements related to the use and collection of personal information.
• Review corporate initiatives involving inter-affiliate transfers of personal data to ensure compliance with applicable law.
• Draft and negotiate technology contracts, including cloud computing agreements, software licenses, and other IT contracts and vendor agreements.
• Support the creation of policies, procedures, and training to promote awareness of privacy, security, and records management requirements.

Data Privacy/Security Responsibilities

• Information Security: Help IT develop and implement the framework for the security of our computer networks and data, including cybersecurity measures and response protocols, to mitigate the threat of malware, ransomware, phishing, other cyber attacks, and insider threats.
• Implement Data Compliance Measures: Ensure implementation and operationalization of compliance measures per IT team guidance in accordance with GDPR, CCPA, and other relevant data privacy laws and regulations. Keep up-to-date with changes in data protection laws and ensure ongoing operationalization in accordance with compliance guidelines.
• Own the assessing and auditing of computer networks and IT for potential weak points and implementing solutions.
• Establish documented security measures to detect, prevent, and mitigate cyber attacks and insider threats working with IT.
• Develop, document, and deploy response protocols for information security, and develop and manage disaster recovery plans for compromised data.
• Keep the company leadership informed about the state of the network security.
• Develop proposals for cybersecurity and compliance investments and presenting them to executive leadership.
• Data Security Policies: Develop, document, implement, and maintain data security policies, procedures, and guidelines in line with industry best practices.
• Risk Management: Conduct data protection impact assessments (DPIAs) and regularly review and update risk assessments to identify and mitigate data protection risks.
• Implement and manage the cyber governance, risk, and data compliance process.
• Training and Awareness: Educate and train employees on information security, cybersecurity risks, and data protection principles and practices. Foster a culture of security and privacy within the organization

Knowledge, Skills & Abilities

Aptitude:

• High level of integrity
• Ethical judgement
• Attention to detail
• Ability to handle sensitive and confidential information responsibly
• Excellent written and verbal communicator
• Strategic thinker

Education & Experience:

Work Environment: Normal office environment to include walking between buildings, lifting, carrying resource materials in excess of 20lbs and occasionally moving furniture and climbing ladder. Sitting for extended period of time to read, write and operate computer at desk. Requires adaptability, quick decision making, ability to interpret data, dependability, good judgment, reading, social skills, stress controls, ability to work independently

Blanchard isan equal opportunity employer and is committed to providing a workplace free from harassment and discrimination. We celebrate the unique differences of our employees because that is what drives curiosity, innovation, and the success of our business. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, gender identity or expression, age, marital status, veteran status, disability status, or any other status protected by the laws or regulations in the locations where we operate. Accommodations are available for applicants with disabilities.

#LI-Remote