We're looking for a Privacy Lawyer, Director. This is a big role and one that's critically important to Index Exchange. We need this person to bring deep subject matter expertise in global privacy laws, as well as commercial expertise to drive our ongoing commitment to a robust and dynamic international privacy program that respects our legal obligations and supports the growth of our business. We don't mind if this person sits in London, New York or Toronto, as long as they can deliver subject matter expertise and build relationships on our team, in our company, and with our external partners. Passionate, curious, and eager; we want someone keen to enjoy the momentum that a fast-moving company offers. More than anything, we need someone authentic – we want to know you, what you stand for, how you approach things, and why.

Here's What You'll be Doing:
  • Maintaining and scaling a comprehensive, strategic global privacy program for a rapidly growing, global company, including a focus on both internal and external privacy requirements (data protection impact assessments, data mapping, employee data management and privacy by design)
  • Engaging in regular communications with product/engineering teams to ensure alignment of the privacy program with Index Exchange's product roadmap (including regarding anticipated changes to the Transparency and Consent Framework)
  • Representing Index Exchange's privacy interests with external parties (state or local government bodies, regulators, industry stakeholders and/or strategic partners)
  • Developing risk assessment, documentation and mitigation protocols, including processes for investigating and responding to privacy and security complaints or breaches
  • Establishing and maintaining strong relationships within Index Exchange's legal department, across all business units and with external stakeholders

  • Working with Index Exchange's senior leadership to ensure the privacy program meets needs across stakeholder groups
  • Supporting the General Counsel and Associate General Counsel by identifying legal, regulatory and compliance requirements, risks, and appropriately mitigating these risks
  • Cultivating high engagement with industry stakeholders and groups globally (i.e. IAB)
  • Researching and responding to general inquiries related to compliance matters, including GDPR, CCPA/CPRA, PIPEDA, and global privacy-related matters, and advising as to appropriate responses
  • Serving as the internal expert for all privacy related issues; working closely external counsel as required

  • Conducting ongoing compliance monitoring activities, including routine reviews of our policies and compliance programs
  • Developing, delivering, and overseeing ongoing privacy training for Index Exchange employees
  • Managing data subject access rights to inspect, amend, and restrict access to personal data when appropriate

Here's What You Need:
  • Hold an LLB/JD degree from a recognized university
  • Have 3-5 years of post-qualification privacy experience from a private practice and/or in-house environment (including experience with GDPR, CCPA/CPRA, PIPEDA, COPPA, etc.)
  • Be a member in good standing with your applicable bar(s) (as noted above, we are open to a Canadian, US or UK bar call)
  • Enjoy juggling multiple matters at once and prioritizing accordingly
  • Have excellent written/verbal communication and advocacy skills
  • Experience in the digital advertising or technology industries is a strong asset but not a requirement.

Why You'll Love Working Here:
  • Comprehensive health, dental, and vision plans at no cost to you
  • Time off and flexible work schedules
  • Retirement plan with a 5% company match
  • Stock options and equity packages
  • Generous parental leave
  • Monthly wellness stipend plus fitness discounts and quarterly wellness group activities
  • Home office stipend
  • Community engagement opportunities and donation-matching program
  • Annual virtual company retreats and regular community-led team events