Gallagher
Join to apply for the
Corporate Privacy Counsel
role at
Gallagher .
Base Pay Range $135,500.00/yr - $264,000.00/yr
Introduction Indulge your passion for problem‑solving and embrace the thrill of addressing risk head‑on at Gallagher's global brokerage team. Join a family of diverse minds, united by a relentless pursuit of excellence. As part of our team, you'll be the architect of protection, safeguarding businesses and empowering their ambitions. Together, we'll build a legacy of trust and triumph in the dynamic world of risk management. We believe that every candidate brings something special to the table, including you! So, even if you feel that you’re close but not an exact match, we encourage you to apply.
Overview As Corporate Privacy Counsel, you will play a crucial role in ensuring the protection and privacy of data within Gallagher Global Brokerage (GGB), focusing primarily on the U.S. business segment. You will develop and implement data protection strategies, policies, standards, procedures, and training materials to achieve efficiencies in our privacy practices and ensure compliance with relevant privacy laws and regulations across GGB, with a particular focus on the U.S. You will also occasionally support other business units under the GGB umbrella (Caribbean, Canada, etc.). You will collaborate with the Global Privacy Office (GPO), local privacy, security, IT, AI, Legal and compliance teams, senior business stakeholders, and third parties to deliver Gallagher's data privacy strategy within the established risk appetite, adhering to company and regulatory requirements while meeting the needs of customers, regulators, colleagues, and stakeholders.
How You'll Make an Impact
Collaborate with the GPO, GGB Division Privacy and IT Leads, GGB-US General Counsel, and local GGB business leaders to develop and execute a comprehensive data protection strategy for GGB that aligns with business objectives and regulatory requirements.
Create and maintain data protection policies, standards, guidelines, and playbooks that reflect best practices and ensure compliance with applicable laws and regulations.
Identify and assess privacy risks (including conducting privacy risk assessments and data transfer impact assessments) across jurisdictions and provide guidance to business units on risk mitigation strategies.
Provide expert advice and guidance to GGB, the GPO, and other stakeholders on privacy‑related matters, including data sharing, international transfers of personal data, consent management, data subject rights, data incidents, vendor risk management, due diligence, responses to client privacy queries, data minimization, privacy complaints, and the legal requirements to appoint a Data Protection Officer.
Develop and deliver privacy training programs (including HIPAA) to raise awareness and ensure understanding of data protection obligations among employees.
Conduct privacy impact assessments and data transfer impact assessments for new projects, systems, and processes.
Lead and coordinate the containment and response to data privacy incidents, including investigations, corrective actions, and reporting to relevant authorities.
Assess privacy risks in the supply chain and collaborate with security, IT, the GPO, legal, and procurement.
Review and negotiate privacy‑related contractual terms with vendors, clients, and markets.
Monitor compliance with data protection, HIPAA, and AI laws, regulations, and internal policies, and implement controls.
Advise on records retention, de‑identification, and destruction guidelines.
Engage stakeholders across the organization to align and cooperate in data privacy initiatives.
Stay up‑to‑date with emerging trends, technologies, and regulatory developments in privacy, AI, and cybersecurity.
About You Minimum Requirements
3+ years practicing attorney in the privacy space.
Juris Doctor (J.D.) from an accredited U.S. law school.
Experience in data protection and privacy management.
Experience practicing as an attorney in a law firm.
Preferred Skills and Qualifications
Experience conducting privacy gap analyses and implementing remediation plans.
Certifications such as CIPP/US, CIPM, HCISPP, CISSP, or similar.
Previous insurance industry experience.
Deep understanding of HIPAA, CCPA, GDPR, and GLBA.
Strong understanding of privacy risk management principles and practices.
Knowledge of IT security or experience with IT development and security teams.
Excellent communication, analytical, stakeholder management, and collaboration skills.
Problem‑solving, outcome‑focused, multitasking abilities.
Experience working closely with Legal, Compliance, Information Security, HR, Data, Digital, Privacy, Marketing, and Operations.
Practical privacy operations experience, including incident handling and risk assessments.
Willingness to travel as required.
Compensation and Benefits We offer a competitive and comprehensive compensation package. The base salary range represents the anticipated low end and high end of the range for this position. The actual compensation will be influenced by factors such as experience, education, market/geography, scope, and specialized skill set. On top of a competitive salary, we also offer a wide range of benefits.
Medical/dental/vision plans, starting from day one.
Life and accident insurance.
401(k) and Roth options.
Tax‑advantaged accounts (HSA, FSA).
Educational expense reimbursement.
Paid parental leave.
Digital mental health services (Talkspace).
Flexible work hours (availability varies by office and job function).
Training programs.
Gallagher Thrive program – elevating your health through workshops and digital fitness programs.
Charitable matching gift program.
And more…
We Value Inclusion and Diversity Click here to review our U.S. Eligibility Requirements. Inclusion and diversity (I&D) is a core part of our business. Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination. Equal employment opportunity will be extended in all aspects of the employer‑employee relationship, including recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination.
#J-18808-Ljbffr
Corporate Privacy Counsel
role at
Gallagher .
Base Pay Range $135,500.00/yr - $264,000.00/yr
Introduction Indulge your passion for problem‑solving and embrace the thrill of addressing risk head‑on at Gallagher's global brokerage team. Join a family of diverse minds, united by a relentless pursuit of excellence. As part of our team, you'll be the architect of protection, safeguarding businesses and empowering their ambitions. Together, we'll build a legacy of trust and triumph in the dynamic world of risk management. We believe that every candidate brings something special to the table, including you! So, even if you feel that you’re close but not an exact match, we encourage you to apply.
Overview As Corporate Privacy Counsel, you will play a crucial role in ensuring the protection and privacy of data within Gallagher Global Brokerage (GGB), focusing primarily on the U.S. business segment. You will develop and implement data protection strategies, policies, standards, procedures, and training materials to achieve efficiencies in our privacy practices and ensure compliance with relevant privacy laws and regulations across GGB, with a particular focus on the U.S. You will also occasionally support other business units under the GGB umbrella (Caribbean, Canada, etc.). You will collaborate with the Global Privacy Office (GPO), local privacy, security, IT, AI, Legal and compliance teams, senior business stakeholders, and third parties to deliver Gallagher's data privacy strategy within the established risk appetite, adhering to company and regulatory requirements while meeting the needs of customers, regulators, colleagues, and stakeholders.
How You'll Make an Impact
Collaborate with the GPO, GGB Division Privacy and IT Leads, GGB-US General Counsel, and local GGB business leaders to develop and execute a comprehensive data protection strategy for GGB that aligns with business objectives and regulatory requirements.
Create and maintain data protection policies, standards, guidelines, and playbooks that reflect best practices and ensure compliance with applicable laws and regulations.
Identify and assess privacy risks (including conducting privacy risk assessments and data transfer impact assessments) across jurisdictions and provide guidance to business units on risk mitigation strategies.
Provide expert advice and guidance to GGB, the GPO, and other stakeholders on privacy‑related matters, including data sharing, international transfers of personal data, consent management, data subject rights, data incidents, vendor risk management, due diligence, responses to client privacy queries, data minimization, privacy complaints, and the legal requirements to appoint a Data Protection Officer.
Develop and deliver privacy training programs (including HIPAA) to raise awareness and ensure understanding of data protection obligations among employees.
Conduct privacy impact assessments and data transfer impact assessments for new projects, systems, and processes.
Lead and coordinate the containment and response to data privacy incidents, including investigations, corrective actions, and reporting to relevant authorities.
Assess privacy risks in the supply chain and collaborate with security, IT, the GPO, legal, and procurement.
Review and negotiate privacy‑related contractual terms with vendors, clients, and markets.
Monitor compliance with data protection, HIPAA, and AI laws, regulations, and internal policies, and implement controls.
Advise on records retention, de‑identification, and destruction guidelines.
Engage stakeholders across the organization to align and cooperate in data privacy initiatives.
Stay up‑to‑date with emerging trends, technologies, and regulatory developments in privacy, AI, and cybersecurity.
About You Minimum Requirements
3+ years practicing attorney in the privacy space.
Juris Doctor (J.D.) from an accredited U.S. law school.
Experience in data protection and privacy management.
Experience practicing as an attorney in a law firm.
Preferred Skills and Qualifications
Experience conducting privacy gap analyses and implementing remediation plans.
Certifications such as CIPP/US, CIPM, HCISPP, CISSP, or similar.
Previous insurance industry experience.
Deep understanding of HIPAA, CCPA, GDPR, and GLBA.
Strong understanding of privacy risk management principles and practices.
Knowledge of IT security or experience with IT development and security teams.
Excellent communication, analytical, stakeholder management, and collaboration skills.
Problem‑solving, outcome‑focused, multitasking abilities.
Experience working closely with Legal, Compliance, Information Security, HR, Data, Digital, Privacy, Marketing, and Operations.
Practical privacy operations experience, including incident handling and risk assessments.
Willingness to travel as required.
Compensation and Benefits We offer a competitive and comprehensive compensation package. The base salary range represents the anticipated low end and high end of the range for this position. The actual compensation will be influenced by factors such as experience, education, market/geography, scope, and specialized skill set. On top of a competitive salary, we also offer a wide range of benefits.
Medical/dental/vision plans, starting from day one.
Life and accident insurance.
401(k) and Roth options.
Tax‑advantaged accounts (HSA, FSA).
Educational expense reimbursement.
Paid parental leave.
Digital mental health services (Talkspace).
Flexible work hours (availability varies by office and job function).
Training programs.
Gallagher Thrive program – elevating your health through workshops and digital fitness programs.
Charitable matching gift program.
And more…
We Value Inclusion and Diversity Click here to review our U.S. Eligibility Requirements. Inclusion and diversity (I&D) is a core part of our business. Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination. Equal employment opportunity will be extended in all aspects of the employer‑employee relationship, including recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination.
#J-18808-Ljbffr