Privacy Attorney

Position Summary:

Monster Energy is seeking an experienced and talented attorney to join its Legal Department. In this role, you will provide counseling on a broad range of privacy related requirements and restrictions worldwide, as well as cybersecurity best practices. You will counsel multiple internal client groups and support various privacy initiatives, with a focus both on U.S. and global compliance.

Essential Job Functions:

• Counseling and providing strategic advice regarding processing of personal information under US State and international privacy and data protection laws.
• Update and maintain compliance of Monster’s internal and external privacy policies with general best privacy practices.
• Crafting solutions that contribute to the company’s global business goals while ensuring appropriate management of legal risks.

• Reviewing business activities that collect, use, share, or dispose of data for compliance with law, policy, and best practices.
• Advise on collection, use, sharing, and disposal of personally identifiable information (“PII”) in connection with consumer promotions and customer relationship management.
• Drafting of privacy related consumer notices, as well as drafting and negotiation of intra-company agreements, and vendor/business partner data agreements.
• Maintaining expertise in privacy and data law, including monitoring developments and emerging legislation around the world.
• Managing periodic audits of and updates to the company’s vendor contracts, websites, digital marketing tools, and policies and procedures for compliance with current best practices.
• Strategize with the company’s cross-functional teams with respect to data classification, data retention, and information governance.
• Drafting and updating periodic corporate disclosures in connection with cybersecurity.
• Maintaining familiarity with data governance and leveraging the company’s data to inform, work with, and further strategic compliance initiatives.
• Overseeing individual data subject access requests from intake to fulfillment in multiple jurisdictions, including verification, analysis, and processing of consumer requests (e.g., opt-out requests, deletion requests).
• Advising and working in close collaboration with the company’s compliance, privacy and regulatory specialists, both legal and non-lawyer professionals.
• Providing day-to-day legal guidance and support for all aspects of digital marketing concerning the use and collection of personal identifiable information.
• Counseling on marketing campaigns, programs, and initiatives to ensure compliance with applicable privacy laws, program terms, and best privacy practices.
• Working with non-legal stakeholders to conduct data protection assessment and evaluation in connection with new initiatives.

Collaboration with Information Technology:

• Managing the content of Monster’s consumer privacy policies, terms of use and cookie compliance to ensure consistency with business practices and compliance with applicable privacy laws.
• Assessing cybersecurity posture and controls, both internally and in connection with partner and vendor relationships.
• Collaborating and advising on incident response management.
• Ensuring the organization maintains appropriate privacy consent notices, data processing agreements, and data transfers, in compliance with both domestic and international privacy laws.
• Developing, delivering and implementing privacy and cybersecurity training modules.
• Managing consumer data subject requests, breach determination, and notification processes under applicable rules and requirements.
• Participation in and understanding of data mapping exercises and analysis.

Plusses:

• Beverage industry knowledge.
• Solid technical understanding of information technology and data security (records retention, data deletion, and data storage would also be useful).
• Experience with complex contract negotiations at a major law firm and/or in-house legal department.
• Privacy certifications, e.g. International Association of Privacy Professionals certifications.

Position Requirements:

• Juris Doctor from an ABA accredited law school with strong academic performance.
• Member in good standing of a bar of at least one state.
• Five to fifteen years of experience as a practicing attorney. Minimum five years of experience at a firm, in-house or regulatory agency focused on issues related to privacy, data protection, and information management.
• Expert knowledge of privacy and data protection laws and practices, including U.S. privacy laws - e.g., the California Consumer Privacy Act (“CCPA”) as amended by the California Privacy Rights Act (“CPRA”) – and international privacy laws - e.g., General Data Protection Regulation (“GDPR”).
• Comfortable working with non-legal business professionals in a collaborative manner.
• Team player with strong interpersonal, written, and verbal communication skills with the ability to navigate cross-functionally. Ability to translate complex data and legal issues into essentials, and convey explanations and advice in a straightforward, practical fashion to non-legal professionals.
• Breadth of knowledge and insight on the business and the ability to identify future trends.
• Ability to analyze and devise solutions to legal issues under tight deadlines and with limited supervision.

BASE PAY RANGE: $157,000 - $185,000

Salary : $157,000 - $185,000