Assistant General Counsel, Privacy & Data Protection

Assistant General Counsel, Privacy & Data Protection
Grade 12

The Business: In April 2025, S&P Global announced its intent to separate S&P Global Mobility ("Mobility") from S&P Global to drive long-term value creation. The planned separation is expected to result in Mobility becoming a standalone public company.

• For more information, visit www.spglobal.com/mobility.

Mobility is a leading provider of solutions serving the full automotive value chain, including vehicle manufacturers (OEMs), automotive suppliers, mobility service providers, retailers, consumers, and finance and insurance companies. Mobility enables customers to anticipate change, optimize their businesses, reach the right consumers, and shape the future of mobility.  Leveraging technology and data science, Mobility provides unique insights, forecasts, and advisory services spanning every major market and the entire automotive value chain—from product planning to marketing, sales, and the aftermarket. With a legacy dating back to the 1920s when R. L. Polk published the first vehicle registration reports, and trusted, market-leading brands such as CARFAX, automotiveMastermind, Polk Automotive Solutions and Market Scan, unique data sets and demonstrated resilience through business cycles, Mobility is well positioned to meet customer demand in a fast-moving, global environment.

A separation will allow Mobility more flexibility to pursue near- and long-term growth opportunities, including in used car offerings and expanding both geographically and into adjacent markets. In fiscal year 2024, the Mobility segment generated $1.6 billion in revenue, a year-over-year increase of approximately 8%.

Join a best-in-class global legal and compliance team committed to delivering timely, practical and actionable advice to advance our business and safeguard our reputation, people, and assets.  This position reports directly to the Associate General Counsel, Head of Privacy, Data and AI who reports to the Chief Compliance, Privacy and Risk Officer.   

Location: Open (Virginia preferred)

Responsibilities and Impact: The Assistant General Counsel, Privacy & Data Protection is responsible for supporting a business of approximately $1.8 billion in revenue and ~3,500 employees world-wide, providing legal, strategic and risk management advice on a wide variety of global privacy, AI and data protection matters. This leader will provide guidance, subject matter expertise and support across the organization on cyber and data incident response and commercial and vendor contracting. The ideal candidate brings deep knowledge of global privacy and data laws, strong business judgment, and the ability to translate legal and regulatory requirements into practical, scalable solutions that enable innovation while managing risk.

What's in it for you: 

• Work in a dynamic, fast-paced, client-facing environment

• Partner closely with colleagues across the business, including security, compliance, procurement, product, and commercial teams, advising on contracting, initiatives, new products and features, incident response and enterprise-wide privacy and data strategy.

• Design and translate legal and regulatory requirements into practical, scalable solutions that enable innovation while managing risk.

• Serve as a business-oriented, senior legal advisor and core member of the team, counseling on issues of significant importance to the company.

Responsibilities:

Privacy, Data & AI Advice

• Act as a subject matter expert on privacy and data protection, providing practical, timely, and strategic legal advice across the business.

• Proactively monitor and assess emerging privacy, cybersecurity, and AI regulations (horizon scanning), advising on their potential business impact and readiness planning.

• Influence the strategic implementation of privacy and data protection requirements across products, services, and internal operations.

• Identify problems and support solutions-based practices by using existing precedents or procedures, including creating legal gap analysis of new data protection laws and regulations. 

Data Protection & Incident Response

• Support and drive incident response efforts, including on breach notification, investigations, eDiscovery and regulatory exposure.

• Provide guidance to the IT and InfoSec team on data protection matters.

Negotiation of Data Protection Addendums & Similar Contractual Terms

• Maintain and draft contract template language related to data privacy, data protection, and information governance across the enterprise, including vendor, commercial, and M&A contracts. 

• Provide privacy guidance and support to commercial, corporate and procurement attorneys on the negotiation of commercial and vendor DPAs.

• Work with various stakeholders across the company to ensure controls, such as vendor due diligence controls, are compliant with applicable law. 

Global Privacy Program & Compliance Partnership

• Lead or support global privacy program initiatives, including the development, implementation, and improvement of policies, procedures, standards, templates, and playbooks.

• Draft, review, and maintain internal privacy policies and procedures, as well as external privacy notices, consent language, and disclosures, collaborating and advising the Compliance team where applicable.

Regulatory & External Engagement

Training & Enablement

• Support the Compliance team on delivering effective privacy training and communications for legal and non-legal audiences across regions, functions, and levels.

• Promote a strong culture of privacy awareness and accountability throughout the organization.

What We’re Looking For:

Basic Required Qualifications:

• 5+ years of relevant experience (i.e., with a primary focus on privacy and data protection) gained at law firm and in-house (at a publicly traded company).

• Active bar membership in good standing in at least one U.S. jurisdiction (or equivalent foreign qualification), with ability to practice in the role’s location as required.

• Deep expertise in global privacy and data protection laws and frameworks, including GDPR/UK GDPR, U.S. state privacy laws (e.g., CCPA/CPRA), and other international regimes.

• Proven capability to manage high-volume, complex environments with sound judgment and adaptability. 

• Fosters inclusivity and manages emotions to achieve optimal business outcomes. Able to effectively pivot direction and collaborate across teams to meet strategic initiatives.

• Exceptional business judgment and legal issue identification skills, coupled with strong problem-solving abilities. Adept at articulating business needs and defining actionable strategies. Actively seeks input from diverse sources to ensure engagement and influence stakeholder buy-in at all levels.

• Excellent communication and interpersonal skills, with a demonstrated a passion for the business. Provides clear, concise advice, and creative solutions where necessary, on established timelines to meet business needs that appropriately manage risk.

• Operates autonomously while also being a collaborative team player who brings a positive, “can do” attitude to the workplace. Works effectively with other members of the legal and compliance team, internal clients, and cross-functional organizations to influence and develop strategic initiatives.

Additional Preferred Qualifications:

• Privacy or AI certifications a plus.

• Experience supporting data-intensive environments, data/technology-driven products, digital platforms, or AI-enabled services.

• Experience with change management.

• Experience leading or supporting transformation initiatives or high-growth environments

Compensation/Benefits Information (US Applicants Only): Final base salary for this role will be based on the individual’s geographic location, as well as experience level, skill set, training, licenses, and certifications. In addition to base compensation, this role is eligible for an annual incentive plan.  This role is eligible to receive additional S&P Global benefits. For more information on the benefits that we provide to our employees, please click here.

About S&P Global Mobility

At S&P Global Mobility, we provide invaluable insights derived from unmatched automotive data, enabling our customers to anticipate change and make decisions with conviction. Our expertise helps them to optimize their businesses, reach the right consumers, and shape the future of mobility. We open the door to automotive innovation, revealing the buying patterns of today and helping customers plan for the emerging technologies of tomorrow.

For more information, visit www.spglobal.com/mobility.

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

It is the policy of Mobility to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Mobility will provide reasonable accommodations for qualified individuals with disabilities.