Description:
The Role:An American Multinational Corporation is seeking a highly skilled and forward-thinking attorney to serve as Counsel – Privacy, Cybersecurity, and Data, providing legal guidance and strategic counsel across GM's global operations. This role is pivotal in ensuring GM's compliance with global privacy and cybersecurity laws, regulatory obligations, and customer commitments, while enabling responsible innovation across products, services, and technologies.
The successful candidate will serve as a trusted legal partner to GM's Privacy Operations, Software Product & Engineering, IT, Cybersecurity, and Public Policy teams. You will work cross-functionally to embed privacy-by-design and security-by-default principles into GM's product development lifecycle and operational processes.
In this role you will:
- Interpret and advise on global privacy, cybersecurity, and data laws and frameworks.
- Support the ongoing operation and governance of GM's global privacy program, including policies, standards, assurance, and audit readiness, to ensure best in class practices.
- Respond to business inquiries and support enterprise change management in a dynamic regulatory environment.
- Monitor legislative and regulatory developments and collaborate with Public Policy to align advocacy and product strategy.
- Assess and provide strategic advice to operationalize new laws and regulations.
- Build trusted relationships with executives and cross‑functional partners; communicate proactively.
- Advise on consent orders and regulator interactions, including interpreting obligations and guiding submissions.
- Provide legal oversight for privacy impact assessments, records of processing, and risk escalation.
- Counsel on cross-border data transfers, data retention, minimization, and de-identification practices.
- Advise product and software teams on privacy considerations in connected vehicle technologies and digital services, ensuring GM's privacy principles are carried into design and deployment.
- Draft, review, and negotiate data protection agreements (DPAs), standard contractual clauses (SCCs), and other data-sharing terms.
Additional Job Description:
Your Skills & Abilities (Required Qualifications)
- J.D. from an accredited law school; licensed to practice in the U.S.
- 5+ years of legal experience, with significant exposure to privacy, including technology law or regulatory compliance.
- Experience working in a software or technology-driven environment.
- Excellent analytical, communication, and negotiation skills.
- Ability to work independently and collaboratively in a fast-paced, matrixed environment.
- Familiarity with connected devices, cameras, location services, or mobile applications.
- Certifications such as CIPP/US or CIPT.
- Experience in automotive, mobility, or regulated industries.
