Mandatory Skills/Experience:
- At least 12 (twelve) years of legal experience, including experience in NYC government and intergovernmental affairs or implementing and supporting an enterprise privacy program.
- Bar Admission:
- Admission to the New York State Bar and in good standing.
- Demonstrated Experience in Key Privacy Legal Tasks: Verifiable experience within the specialized privacy law experience must include substantial, hands-on proficiency in:
- Providing legal advice on a range of complex U.S. privacy and data security laws and regulations (e.g., NYC Identifying Information Law, GDPR implications for US entities, CCPA/CPRA, HIPAA, state breach notification laws, and other relevant federal, state, and local statutes).
- Drafting, reviewing, and negotiating a variety of privacy-related legal documents and commercial agreements (e.g., MOUs, NDAs, data sharing/processing agreements, terms of service, master service agreements with privacy implications).
- Developing and drafting organizational privacy policies, internal/external legal guidance, compliance materials, and templates.
- Conducting or providing significant legal support for privacy impact assessments, data protection impact assessments, or similar privacy risk analyses.
- Advising on the privacy and data security implications of new or emerging technologies, digital services, or data use initiatives.
- Supporting the implementation or operation of components of an enterprise-level or significant organizational privacy program.
- Monitoring, analyzing, and advising on privacy-related legislative and regulatory developments and their impact.
- Communication, Advisory & Collaboration Skills:
- Demonstrated experience in providing strategic legal counsel and clear advice on complex privacy matters to senior leadership, government officials, or equivalent executive-level stakeholders.
- Proven ability to communicate complex legal and policy concepts clearly, concisely, and effectively (both written and verbal) to diverse audiences, including non-legal and technical stakeholders.
- Verifiable experience collaborating effectively within interdisciplinary teams (e.g., with IT, policy, operations, other legal counsel) to develop and implement privacy solutions.
- Possession of at least one active IAPP (International Association of Privacy Professionals) certification (e.g., CIPP/US, CIPP/E, CIPM, CIPT, AIGP).
Spruce Technology, Inc. is a mid-size, award-winning (Inc 5000, SmartCEO, Entrepreneur of the Year) technology services firm with a steadily growing portfolio of commercial and government clients. Spruce provides innovative technology solutions, specialized IT staff, and IT strategy consulting nationwide. Spruce maintains partnerships with major technology vendors and continually develops leading-edge offerings in service areas such as digital experience, data services, application development, infrastructure, cyber security, and IT staffing.
Spruce Technology, Inc. is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information. Consistent with the Americans with Disabilities Act, it is the policy of Spruce Technology, Inc. to provide reasonable accommodation when requested by a qualified applicant or employee with a disability, unless such accommodation would cause an undue hardship. The policy regarding requests for reasonable accommodation applies to all aspects of employment, including the application process.
Never miss an opportunity! Create an alert based on the job you applied for.
