Company Overview: Blackstone is the world’s largest alternative asset manager. We seek to create positive economic impact and long-term value for our investors, the companies we invest in, and the communities in which we work. We do this by using extraordinary people and flexible capital to help companies solve problems. Our $1.1 trillion in assets under management include investment vehicles focused on private equity, real estate, public debt and equity, infrastructure, life sciences, growth equity, opportunistic, non-investment grade credit, real assets and secondary funds, all on a global basis. Further information is available at www.blackstone.com. Follow @blackstone on LinkedIn, Twitter, and Instagram.
The candidate will join the Data Policy and Strategy Office in Blackstone’s Legal & Compliance department to support its cybersecurity, privacy and data protection programs, and to address regulatory and legal issues arising from Blackstone’s processing of personal and confidential data. As experienced Privacy, Cybersecurity, & Data Protection Counsel for Blackstone, you will be responsible for providing advice and driving compliance efforts with respect to global privacy, cybersecurity, and data protection laws in all global jurisdictions. You will be a part of a team tasked with ensuring compliance with privacy, cybersecurity, and data protection regulations, leading initiatives, providing consultative advice, and acting as a point of escalation for privacy and data protection matters.
Primary job responsibilities include:
- Provide guidance on and drive compliance efforts relating to global privacy and data security regulations and standards.
- Track and research global regulatory developments relating to new and pending laws that impact Blackstone's privacy, cybersecurity and data protection program; translate that into practical, effective advice; work with business leaders to address regulatory changes and lead compliance efforts.
- Implement and update privacy, cybersecurity, and data protection related policies, procedures, best practices, and guidelines.
- Administer and resolve privacy and data protection questions and issues that arise in business operations and commercial relationships.
- Review and negotiate privacy and data protection requirements in contracts and licenses, including the review, negotiation and management of Standard Contractual Clauses and Intracompany Data Transfer agreements.
- Counsel on information technology development, acquisition and implementation and data architecture to ensure compliance with global privacy and data protection laws.
- Counsel on regulated and complex uses of personal data including for digital marketing and algorithmic decision making.
- Advise on privacy by design initiatives and privacy governance and strategy decision-making around protecting personal and confidential data.
- Oversee legal and compliance aspects of insider risk and Red Flag programs.
- Counsel on privacy and security incident preparedness and management.
- Provide legal and compliance support and advice regarding data models, data repositories, transfer and distribution of data products.
- Assist with and support other day-to-day legal and compliance matters and processes associated with the privacy and data protection programs as needed.
- Prepare, coordinate, and deliver legal and compliance training regarding privacy, data protection, and information risk management.
- Work collaboratively with intra-team and cross-functional partners to develop creative solutions to complex challenges related to data privacy and security.
- Closely collaborate and align about compliance or related issues with relevant functions.
Qualifications:
- Knowledge of global data privacy regimes including U.S. State Privacy laws, HIPAA, GLBA, FCRA, GDPR, and others.
- Knowledge of incident and breach management laws and techniques.
- Understanding of cloud technology and legal aspects associated with automated decision-making.
- Ability to work in a dynamic environment related to a growing and global business.
- Critical attention to detail and analytical skills.
- Strong drafting and organizational skills.
- Ability to communicate confidently and effectively.
- Ability to manage a team and drive strategic priorities.
- Minimum of eight (8) years of legal experience in a high-quality law firm or in-house environment.
- Minimum of three (3) years of experience within privacy and/or cybersecurity law.
- J.D and license to practice law in at least one U.S. state.
Salary and Benefits:
Expected annual base salary range: $200,000 - $250,000. Actual base salary will be determined by several components including experience, skills, qualifications, and job location. Additional compensation details will be provided as applicable.
Blackstone is committed to providing equal employment opportunities to all employees and applicants for employment. This policy applies to all terms and conditions of employment. If you need a reasonable accommodation to complete your application, please email Human Resources at HR-Recruiting-Americas@Blackstone.com.
To submit your application please complete the form below. Fields marked with a red asterisk * must be completed to be considered for employment.
#J-18808-Ljbffr