Corporate Counsel – Data Protection
This position reports directly to the Assistant General Counsel and Data Protection Officer (DPO) for ICF International (ICF) within the Office of General Counsel (OGC), and will be based in the company’s Fairfax, VA headquarter location.
The OGC comprises an exceptional team of experienced lawyers, auditors, technology and industry specialists who specialize in providing extensive and general advice on, and managing the handling of, all major legal, regulatory, risk management and reputational issues affecting ICF on both a contentious and non-contentious basis.
The OGC is looking for a talented and dynamic attorney with demonstrated experience to join its fast-growing team. This is a fast-paced, but rewarding position with the opportunity for growth if you are inquisitive, proactive, team-oriented, collaborative, solution-oriented, and enthusiastic about privacy, data protection, intellectual property and technology.
Working as Corporate Counsel – Data Protection, you will be a self-starter and play a key role in supporting and advancing ICF’s multifaceted Global Data Protection and ePrivacy (GDPE) Program and helping ensure ICF’s continued compliance with its related regulatory obligations and contractual obligations while meeting the data steward and data governance expectations of ICF employees, clients, regulators and the public.
Partner with key stakeholders on the Data Protection Team and cross function teams (HR, information security, etc.) to support the evolution of and compliance with data protection and ePrivacy policies, procedures, standards, practices, processes, controls, certifications, audits and other ICF GDPE Program components.
Conduct ongoing privacy and data protection training and awareness activities.
Interact with internal business partners to understand their business processes, projects, initiatives, applications, tools, and technologies and strategically guide them to successfully navigate and embed rapidly evolving privacy and data protection regulatory requirements, controls and related considerations into projects, initiatives, tools, services and contracts.
Guide business team regarding privacy-by-design/default plans and methods and privacy impact assessment submission to ensure existing and new initiatives, services, tools, marketing and contractual activities comply data protection laws and regulations, as well as ICF GDPE Program.
Review existing products, initiatives, services, tools, marketing and contractual activities to ensure compliance with privacy and data protection laws and regulations, contract obligations, as well as ICF GDPE Program and deliver high quality, thoughtful, creative, actionable and timely business savvy advice and guidance under tight deadlines.
Draft, review, negotiate and advise regarding various client-facing, supplier-facing or collaborative-facing commercial and government contracts or RFx as they pertain to privacy, data privacy, data security, intellectual property, cross border/data localization restrictions, etc.
Maintain strong coordination, cooperation and mutual support between the OGC and other departments with compliance obligations such as the internal audit, IT, marketing, HR, contracts and business groups to ensure that roles and responsibilities are effectively fulfilled in the ICF’s GDPE Program and legal and ethical compliance program.
Conduct, guide and participate in legal and regulatory risk assessments.
Manage risk mitigation plans and make recommendations on the appropriate financial investment to accomplish the policies and implement the procedures.
Support the DPO, DPT and Incident Response Team (IRT) in the review, coordination of and response to privacy and data protection inquiries or incidents/breaches from data subjects to government regulators.
Support privacy and data protection-related enforcement, responses to government investigations, or related actions.
Monitor and assess the effectiveness of ICF GDPE Program compliance activity and facilitate related assurance and auditing.
Perform privacy, data protection and IP due diligence M&A reviews.
Maintain expertise on evolving global privacy and data protection statutes, regulations, case law, and standards and help to identify legal issues of critical importance to and impact on ICF.
Additional portfolio activities will vary based on experience of the successful candidate and ICF’s needs but may include intellectual property, licensing, service contracts, marketing and related issues concerning cutting -edge technology innovations.
JD from accredited U.S. law school
Active, good standing member in a U.S. state bar
2+ years preferred of broad and relevant legal experience with law firm and/or in-house experience, much of it spent advising on privacy and data protection matters; 1+ year of supporting enterprise and cloud technology/solutions and related intellectual property considerations
Extensive knowledge of global privacy regimes (ePrivacy, CASL, CAN-SPAM, TCPA, etc.) and as well as best practices and industry self-regulatory codes related to online advertising and social media
Extensive knowledge of global data protection regulatory frameworks (GDPR, PIPEDA, CCPA, US Sectoral areas, HIPPA, PRC Cybersecurity Laws, etc.)
Familiarity with cyber threat landscape, IT/IS risk management, assessment, and standards, (SOC 1&2, ISO/IEC 27001, 27002, 27005, and the NIST Cybersecurity Framework)
The successful candidate for this role also will have:
Intellectual agility, curiosity, and confidence to learn quickly on the job.
Strategic influential, analytical, critical thinker, and solution-oriented skills with superior initiative, demonstrative legal and business acumen and the ability to progress consensus through logical and persuasive demeanor.
Strong proactive work-ethic, exceptional project management and organizational skills, and the ability to adapt, multi-task and prioritize effectively to meet deadlines or business goals in a fast paced continually changing business and work environment, and who can work effectively both independently and collaboratively.
Impeccable oral and written communication skills in communicating with cross functional teams to understand business goals, identify and address business needs; explain complex legal concepts in a clear and simple way that fosters trust and respect, and provide practical legal advice in novel situations that help leadership and staff evaluate and mitigate risk effectively.
Flexibility of style and willingness to engage as a member of multi-disciplinary team while willing to try something new to raise the bar continually and improve experiences with teammates and stakeholders.
Any IAPP certifications, such as CIPP/E, CIPP/US, CIPP/G, CIPM, or CIPT, will be considered a plus; and other certifications in the cybersecurity, risk management, and fraud prevention areas are also a plus. Some proficiency in Spanish and French a plus.
A good sense of humor and an interest in having fun at work are a plus.
Working at ICF
Working at ICF means applying a passion for meaningful work with intellectual rigor to help solve the leading issues of our day. Smart, compassionate, innovative, committed, ICF employees tackle unprecedented challenges to benefit people, businesses, and governments around the globe. We believe in collaboration, mutual respect, open communication, and opportunity for growth. If you’re seeking to make a difference in the world, visit www.icf.com/careers to find your next career. ICF—together for tomorrow.
ICF is an equal opportunity employer that values diversity at all levels. (EOE – Minorities/Females/ Protected Veterans Status/Disability Status/Sexual Orientation/Gender Identity)
Reasonable Accommodations are available for disabled veterans and applicants with disabilities in all phases of the application and employment process. To request an accommodation please email email@example.com and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Read more about non-discrimination: EEO is the law and Pay Transparency Statement.
Fairfax, VA (VA01)