Associate General Counsel, Privacy and Cyber Risk

| Greater Boulder Area

Responsible for supporting the development, implementation and maintenance of the Company's Global Privacy and Data Protection program with the goal of ensuring compliance with all applicable laws and regulations globally. The position reports to the Chief Compliance and Privacy Officer who reports to the General Counsel. The position will interact with departments/business units across the Company; provide legal advice and support to HR, IT, Information Security and Cyber Defense functions; and oversee and manage two privacy and data protection compliance specialists.


Essential Functions

Supporting the company’s Compliance and Privacy function:

·         Develops, implements and maintains the Company’s Privacy and Data Protection policies, processes and procedures.

·         Monitors changes in Privacy and Data Protection laws and regulations globally to ensure Company adaptation and compliance, including all required country registrations.

·         Provides legal advice regarding the implications of new privacy and data protection laws and regulations globally that impact the Company’s business.

·         Identifies and implements data privacy best practices.

·         Provides strategic guidance to Departments/Business Units in the design and evaluation of Privacy and Data Protection related tools and projects (e.g., privacy-by-design).

·         In coordination with the Compliance Director for Training and Awareness, identifies and helps develop Privacy and Data Protection communications and trainings.

·         Collaborates with Information Security to ensure alignment between Cyber Security and Privacy and Data Protection practices. Manages the review of data protection impact assessments and provides support and guidance for such assessments.

·         Collaborates with and supports the commercial legal and contracting functions on the drafting, review and negotiation of Privacy and Data Protection matters related to customer, vendor, and third-party contracts (e.g., data transfer agreements, model clauses, privacy notices/policies).

·         Serves and supports activities with regulatory and data protection authorities for matters relating to privacy and data protection (e.g., UK’s ICO and FCA, US state attorneys general, etc.).

·         Implements and oversees a process for receiving, documenting, tracking, investigating and acting on all internal and external Data Subject Access Rights requests (e.g., changes to/deletion of information from systems) and complaints. Investigates complaints about breaches of applicable regulations. Maintains a log of incidents of remedial actions.

·         In collaboration with other Company departments (e.g., Information Security, Vendor Management, Enterprise Risk Management, Legal, Internal Audit) establishes an internal and external Privacy and Data Protection due diligence, monitoring and audit program.

·         Manages the collection, analysis and reporting of Privacy and Data Protection program data and metrics for continuous process improvement.

·         Participates in client meetings, sponsor audits and regulatory inspections for questions related to Privacy and Data Protection.

·         Participates in data security incident responses affecting the Company, and leads on understanding privacy impact assessment and breach notification obligations. 

·         Acts as primary legal privacy advisor on matters related to HIPAA, PCI compliance, TCPA, and other data privacy and data protection laws.

·         Coordinates cross-functionally to provide data privacy support and guidance with respect to the Company’s records management program.

Qualification Requirements


·         Completion of law school with a J.D. or L.L.B. degree and admission to the bar and in good standing in at least one jurisdiction in the United States required.

·         7+ years of legal experience as a practicing attorney, with at least 2 of those years advising on global data protection/ privacy laws and requirements.

·         Experience as in-house counsel and litigation/law firm experience strongly preferred.

·         Experience with U.S. and international privacy program development and management preferred, with particular emphasis in the financial services and technology software environments.

·         Experience with US data breach laws and incident response.

·         Experience advising on cyber risk and IT compliance issues. 

·         Knowledge of US, Canada, European, and APAC privacy and data protection laws, regulations and best practices (CASL, CAN-SPAM, PCI DSS, HIPAA, GDPR, Privacy Shield, APEC’s CBPR, etc.).

·         Innovative, forward-thinking and results-oriented with a passion to solve complex problems in a creative and pragmatic way and to translate laws and regulations into actionable policies and procedures that enable business objectives.

·         Demonstrated ability to influence and drive internal and external stakeholders to a decision in a matrix corporate environment.

·         Ability to work independently, meet tight deadlines and work effectively in a multi-functional, international team environment.

·         Ability to manage a small team of privacy compliance specialists.

·         Excellent interpersonal skills, work ethic, and team/collaboration experience.

·         Strong investigative, analytical, communication, and writing skills.

·         Demonstrated ability to get things done and stay mission focused.

·         Strong sense of ownership and accountability, ability to make decisions efficiently and quickly.

·         IAPP certification(s) (CIPP/US, CIPP/E, CIPM) preferred. 

It is the policy of IHS Markit to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, IHS Markit will provide reasonable accommodations for qualified individuals with disabilities. We maintain a drug-free workplace. For candidates in the US, we are a participant in E-Verify (see link below).

Read Full Job Description

Technology we use

  • Engineering
    • .NETLanguages
    • C#Languages
    • C++Languages
    • JavascriptLanguages
    • jQueryLibraries
    • ReactLibraries
    • AngularJSFrameworks
    • ASP.NETFrameworks
    • Node.jsFrameworks
    • CassandraDatabases
    • Microsoft SQL ServerDatabases
    • MySQLDatabases


Our neighbors are Ozo, Upslope Brewing Company and many rotating food trucks! Bike to work (yours or borrow ours), ample parking, bus stops nearby

An Insider's view of IHS Markit Digital

What’s the vibe like in the office?

Uniqueness and creativity can be seen in all areas here! We have a digital community bulletin board where you can buy, sell, or post just about anything (seriously, anything!), a company sponsored picnic that includes spirited cornhole competitions, and regular group outings like running or cycling, before, during, or after work.


Director, Business Development

How do you collaborate with other teams in the company?

My teammates and I come from a diverse set of backgrounds and combine our unique perspectives to provide innovative solutions to problems. As a result, our products push new boundaries and delight our clients.


Product Management Director

How has your career grown since starting at the company?

IHS Markit Digital has provided me a unique set of opportunities, giving my career a healthy jumpstart. I joined as a college summer intern 3 years ago, and am now a full-time Product Analyst! I love the sense of community here, and value working with a leadership team who provides both a supportive and challenging work environment.


Sr. Product Management Analyst

How would you describe the company’s work-life balance?

Our culture promotes hard work while also living a fulfilling life outside of the office. We all love spending time working together on challenging projects, and when the time comes to get away, the support is felt throughout the company. Whether it's an extended vacation or volunteer opportunity to give back to our community!


Associate Creative Director, UI Design

What are IHS Markit Digital Perks + Benefits

Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Pet Insurance
Wellness Programs
Retirement & Stock Options Benefits
401(K) Matching
Child Care & Parental Leave Benefits
Generous Parental Leave
Vacation & Time Off Benefits
Generous PTO
Paid Volunteer Time
Perks & Discounts
Casual Dress
Commuter Benefits
Company Outings
Stocked Kitchen
Recreational Clubs
Fitness Subsidies
Professional Development Benefits
Job Training & Conferences

Additional Perks + Benefits

Pet insurance, ECO pass, loaner bikes and secure bike storage, showers + locker room onsite, food trucks every day and regular visits from Sweet Cow Ice Cream.

More Jobs at IHS Markit Digital18 open jobs
All Jobs
Data + Analytics
Design + UX
Dev + Engineer
Project Mgmt