We are working with a Global Leading Insurer, who are looking for a Privacy Counsel to join their team on a permanent basis. They are offering hybrid working, competitive salary, bonus and benefits.
They are seeking an experienced Privacy Lawyer to join the Privacy Team and support the Privacy Director in ensuring compliance with privacy and data protection laws. The team provides advice and guidance on a broad range of privacy and data protection issues as they relate to both their (re)insurance business and to their corporate functions.
Key Responsibilities
- Provide commercially focused, pragmatic advice on compliance with international privacy laws, including UK and EU GDPR.
- Draft, review, and negotiate privacy contracts and documentation.
- Advise on privacy-related due diligence for third parties (onboarding, monitoring, offboarding).
- Collaborate with business teams and build strong internal relationships.
- Assist the Privacy Director in managing privacy risks and maintaining controls.
- Promote and embed Privacy by Design and Privacy by Default principles.
- Act as a subject matter expert for key privacy initiatives and projects.
- Advise on data protection impact assessments (DPIAs).
- Draft privacy notices and consent language for processing activities where needed.
- Support investigations and incident management related to data breaches or suspected privacy violations.
- Handle subject access requests and other data protection rights requests within required timeframes.
- Assist with managing complaints or communications related to data protection and privacy.
- Monitor and advise on changes in privacy laws, regulations, and case law, assessing their impact.
- Maintain up-to-date knowledge of emerging technologies and industry trends.
- Network with privacy, data protection, and information security professionals to share and gain insights.
- Assist with management reporting and provide updates to Boards and Committees across the UK, EU, DIFC, and Bermuda on privacy matters.
- Ensure internal policies are regularly updated.
- Deliver in-house privacy training and awareness sessions.
- Identify opportunities for continuous improvement in privacy operations.
- Comply with all relevant regulatory requirements, including the Senior Managers and Certification Regime, Solvency II, fair treatment of customers, Financial Crime, Data Protection, Conflicts of Interest, and Whistleblowing policies, while adhering to the businesses core values of integrity and customer focus.
Skills and Experience
- Lawyer qualified in England and Wales, or other international jurisdiction and able to practise in-house in London.
- 5+ PQE preferred, but we will consider applications from all candidates with the relevant experience.
- Expert knowledge of EU/UK data protection laws, regulations and practice.
- Good knowledge of other international privacy laws, regulations (e.g. U.S., Switzerland, Bermuda, DIFC, other global laws and regulations).
- (Re)insurance sector experience and understanding of Lloyd's/London Market highly desirable.
- Understanding of issues relating to use of personal data as part of advanced analytics/emerging and complex technologies (e.g. Generative A.I.)
- Experience of working with Information Security, third-party risk management, and Data Governance teams.
- Experience of working on a multinational data protection programme.
For more information, please apply.
Please note our advertisements use PQE/salary levels purely as a guide. However we are happy to consider applications from all candidates who are able to demonstrate the skills necessary to fulfil the role.
Please note that your personal information will be treated in accordance with our Privacy Policy.