Join our talent network

Director of Data Privacy

Job ID: 7296

Updated: Sep 15, 2023

Location: New York, NY, United States

Category: Risk Management


About Kirkland & Ellis

At Kirkland & Ellis, we are united in our ambition and drive to move forward. We share core values that help us achieve excellence: collaboration, talent empowerment, service, inclusion, respect and gratitude. Our people are our greatest asset, and we invest in the brightest talent and encourage a diversity of perspectives and strengths to create dynamic teams that operate at the pinnacle of their field. Our talented professionals show up every day knowing they will engage in meaningful work, continuous learning and professional development.
As one of the world’s leading law firms, we serve a broad range of clients with market-leading practices in private equity, M&A and other complex corporate transactions; investment fund formation and management; restructurings; high-stakes litigation and trials; and government, regulatory and internal investigations. We handle the most complicated and sophisticated legal matters because we don’t just meet industry standards, we create them. We bring innovation and entrepreneurialism to every engagement and, as a result, have long-standing client relationships with leading global corporations and financial sponsors. With 6,500 employees (including 3,500+ lawyers) operating from 19 offices across the United States, Europe and Asia, we are one of the largest law firms in the world and a top financial performer.

Essential Job Functions

The Director of Data Privacy is responsible for shaping the vision, strategy, and sustainable growth of the Firm’s data privacy program, and oversees the operational execution of privacy compliance initiatives. In collaboration with Information Governance (IG) and other Risk Management Leadership, Information Security (SecGov) and Technology (IT) teams, and under the direction of the Office of General Counsel, this position is responsible for a function that will continuously evolve to comply with a global regulatory landscape in which Firm lawyers practice and its clients do business.  This individual leads a trusted team of Privacy professionals charged with protecting client and Firm data through compliance program and policy refinement, client requirement compliance reviews, training and awareness programming, vendor and third-party assessment and compliance, and fostering a culture of data privacy and security across the firm.

Essential Job Functions:

  • Serves as a data privacy advisor for Risk Management senior leadership and the Office of the General Counsel.
  • Articulates strategic vision for comprehensive data privacy program that will proactively support growth of the Firm and its practices aligned with an evolving global legal and regulatory landscape.
  • Advocates for data privacy within the Firm, communicating the importance of data protection to all personnel through a variety of forums (1:1, administrative meetings, practice group meetings, partner meetings, etc.).
  • Ensures the Firm complies with relevant data protection laws and regulations, such as HIPAA, GDPR, PIPL, CPRA and the CCPA.
  • Accountable for ensuring written documentation of all processes associated with managing data privacy compliance up-to-date, factually accurate, and organized in an audit-ready state.
  • In collaboration with SecGov, IT, and IG, designs mechanisms and methodologies for securing personally identifiable information (PII) including, but not limited to, protected health information (PHI), to ensure adequate controls are in place.
  • Oversees the privacy impact assessments program for new projects, initiatives, and technologies, to identify and mitigate potential privacy risks effectively.
  • Responsible for privacy evaluation and compliance review program for client and vendor/third-party agreements.
  • Works directly with administrative staff and legal practitioners to document business requirements and automate privacy processes.
  • Coaches and mentors IG and other Firm personnel on the continual improvement of their knowledge relating to data privacy compliance.

Qualifications & Requirements

  • An advanced degree in information management or law is required, and a J. D. is preferred.
  • 15+ years of experience in privacy compliance is required, with preference given to candidates with CIPP/US, CIPP/E, and/or CIPM certification.
  • Prior success leading the strategic direction and operational initiatives of a data privacy compliance program at a global law firm, multi-national corporation, or professional services firm.
  • Demonstrated understanding of evolving global data privacy laws and regulations and practical, balanced application of knowledge in a law firm.
  • Ability to plan, manage and execute multiple cross-office and cross-functional projects relating to data privacy and information governance.
  • 10+ years of experience in personnel management and team leadership with an aptitude and interest in personnel development.
  • Exemplary communication skills; executive presence and proven track record of performing with tact and diplomacy in personal interactions; this individual confers with the Office of General Counsel and other partners, as well as client contacts and third-party vendors.
  • Tech savvy with a capacity for deep understanding of data-related operational practices and technologies across the organization.
  • Demonstrated ability lead high visibility, high impact change management initiatives.
  • Strong commitment to collaborative work in a matrixed environment is key.
  • Advanced knowledge of risk management principles and practices.
  • Proficiency in Microsoft applications, (e.g., Word, Excel, PowerPoint, Teams, Visio).

How to Apply

Thank you for your interest in Kirkland & Ellis LLP.  To complete an application and submit your resume, please click "Apply Now."

For applicants who are based in New York City, visit the following link for pay range information:

Equal Employment Opportunity

All employment decisions, including the recruiting, hiring, placement, training availability, promotion, compensation, evaluation, disciplinary actions, and termination of employment (if necessary) are made without regard to the employee’s race, color, creed, religion, sex, pregnancy or childbirth, personal appearance, family responsibilities, sexual orientation or preference, gender identity, political affiliation, source of income, place of residence, national or ethnic origin, ancestry, age, marital status, military veteran status, unfavorable discharge from military service, physical or mental disability, or on any other basis prohibited by applicable law.

Closing Statement

The job postings and recruiting mailbox are for candidates only. If you are a recruiter, search firm or employment agency, and do not have a signed contract with Kirkland & Ellis LLP ("K&E") and have not been asked specifically to submit candidates, you will not be compensated in any way for your referral of a candidate even if K&E hires the candidate. Direct contact with K&E employees in an attempt to present candidates is inappropriate and will be a factor in determining any future professional relationship with the Firm. #LI-Hybrid #LI-DR1