Assistant General Counsel, Privacy

We are seeking an Assistant General Counsel, Privacy to join our General Counsel's Office. Reporting to the Chief Privacy Officer, this role presents an exciting opportunity to lead privacy compliance for Thomson Reuters globally, with a primary focus on Canadian and U.S. privacy laws and global cybersecurity regulations. The successful candidate will be a strategic legal advisor who navigates complex regulatory landscapes while enabling business growth and innovation through privacy-by-design principles. 

About the Role 

In this opportunity as Assistant General Counsel, Privacy, you will provide strategic legal counsel and operational leadership across all aspects of global privacy and cybersecurity compliance, including: 

Strategic Legal Counsel & Program Leadership 

• Lead a team of attorneys and privacy professionals 

• Partner with executive leadership and business segments to integrate privacy considerations into business strategy and product development 

• Monitor evolving privacy laws and regulations globally, assessing organizational impact and translating legal requirements into business guidance and operational execution 

• Serve as subject matter expert on specialized legal issues unique to data privacy and cybersecurity 

Privacy Program Management 

• Assist in the design, maintenance, and continuous enhancement of the Thomson Reuters Privacy Program, including drafting privacy policies and establishing governance frameworks 

• Conduct comprehensive privacy risk assessments for products, systems, and operations, providing risk-mitigation counseling 

• Advise on privacy-by-design principles, review Privacy Impact Assessments (PIAs), and conduct risk assessments for new products, services, and business initiatives 

• Assess privacy implications of AI, machine learning, and other emerging technologies 

Cross-Functional Collaboration 

• Work closely with product teams, business lines, Information Security, Data & Analytics, and other internal functions to identify and address privacy risks 

• Lead and/or serve as subject matter expert for privacy due diligence and integration activities as part of mergers, acquisitions, and divestitures 

• Develop and manage procedures for vetting and auditing vendors and third parties on privacy compliance requirements 

• Assist contracting teams in drafting, maintaining, and negotiating data protection agreements 

Incident Response & Compliance 

• Provide legal counsel to cybersecurity teams during privacy incident investigations and breach response, ensuring investigations are conducted and documented appropriately to minimize risks, protect individual privacy, and fulfill legal obligations 

• Oversee consumer/data subject rights (DSR) request processes in collaboration with the Privacy Office 

• Support relationships with regulatory authorities during investigations or inquiries 

About You 

You're a fit for the role of Assistant General Counsel, Privacy if you have:

Education & Credentials 

• Juris Doctor from an accredited law school 

• Active bar admission in at least one U.S. state (Canadian bar admission a plus) 

Experience 

• 10+ years of progressive privacy and data protection legal experience 

• International privacy experience, particularly with Canadian and U.S. privacy laws 

• Experience in fast-paced, technology-driven organizations 

• Proven track record advising on enterprise-wide privacy programs 

• Experience with incident response and regulatory interactions 

• Background in management consulting or law firm advisory services preferred 

Leadership & Skills 

• Strong people leadership experience with ability to build and develop teams 

• Exceptional communication skills with ability to translate complex legal terms into business requirements for diverse audiences 

• Strategic thinking with ability to provide practical, risk-balanced counsel that enables business objectives 

• Deep understanding of global privacy laws (GDPR, CCPA, PIPEDA, LGPD, etc.) 

• Knowledge of information security principles, cybersecurity laws, and data processing operations 

• Strong sense of urgency and results-orientation 

• Proven ability to lead, motivate, influence, and guide cross-functional teams and direct reports 

• Strong interpersonal skills, and fosters a culture of belonging that enables everyone to contribute to their full potential 

• Ethical, with the ability to handle confidential information with discretion 

• Demonstrates a commitment to the company's vision, mission, and values 

Preferred Qualifications 

• Professional privacy certification (CIPP/US, CIPP/C, CIPP/E, CIPM, CIPT, or equivalent) 

• Experience advising content-driven AI companies 

• Experience managing privacy requirements as a service provider to various regulated entities (healthcare/HIPAA, financial services/GLBA, etc.) 

• Technical background in data architecture or cybersecurity

#LI-JK3