This is a non-billable, internal position and is responsible for developing, implementing and maintaining an organization-wide Privacy & Vendor Management Program, including development of policies, procedures and training programs; and drafting and negotiating data privacy provisions and legal terms to protect Seyfarth Shaw LLP’s interests and comply with applicable laws. This role will reside within the Firm’s Office of General Counsel reporting to the Senior Director of Compliance and Information Governance and will serve as a primary point of contact with administrative departments and Firm lawyers related to Seyfarth’s global procurement and data protection program. Job Description Design a vendor risk assessment and quality management system for the Firm and major contracts Function as an internal subject matter expert on data protection by providing guidance and direction on privacy related issues Manage the Firm’s General Data Protection Regulation (GDPR) framework, including updating and publishing Standards, Policies, standard operating procedures, data protection impact assessments and other required documentation Monitor adherence to strict confidentiality and security provisions and identify candidates for vendor security assessments and audits, as necessary Identify and track high risk vendors holding personal information and sensitive personal information and obtain executed data processing agreements, when necessary Proactively track completion of agreements through execution and upload same into the Firm’s centralized contract database Develop and administer the Firm’s vendor procurement program by reviewing supplier agreements and standard terms Formulate and communicate Firm-wide procurement procedures and supplier privacy requirements in order to improve procurement process Collaborate with the Office of General Counsel, Information Technology, Operations and Finance/Accounts Payable in order to deliver business needs, realize procurement value and reduce risk to the Firm Assist with the creation of documentation necessary to support Firm’s compliance with global privacy regulations, laws and client expectations as defined in their Outside Counsel Guidelines Assist Office of General Counsel in responding to potential vendor breach incidents Complete other projects as required to meet the Firm’s goals and objectives Qualifications Licensed attorney in good standing in any US jurisdiction and at least 5 years of experience at a top law Firm or in-house counsel position and excellent academic credentials required Strong working knowledge of U.S. and international privacy laws, including; Privacy Shield, GDPR and ePrivacy; high level of understanding with HIPAA and HITECH regulations. Willingness to stay abreast of emerging laws and regulations surrounding data privacy both nationally and internationally. The ability to update privacy policies and negotiate and draft master services agreements in accordance with global privacy requirements Experience reviewing, negotiating and facilitating the completion of contractual agreements Experience with the development of guidelines, training and tools to support privacy accountability and compliance The ability to communicate complex legal, technical and business concepts and requirements to non-legal professionals Certified Information Privacy Professional (CIPP) preferred