Global Privacy Counsel (Incident Response EMEA) Dublin, London or Paris

Responsibilities

The Team
Our Global Privacy and Regulatory Affairs team provides key support for all of TikTok's innovative initiatives, state-of-the-art products, and integrated platforms servicing our global video market. We help our technological and business teams enable their vision by providing integrated guidance and compliance support for global privacy and regulatory affairs matters including information security and data privacy.

The Role
The TikTok Information Security & Incident Response Legal team is growing fast and is seeking a highly experienced, bright and capable legal professional to join the team. One of the critical challenges is the need for our team to provide exceptional support for privacy and information security matters involving TikTok and its parent company, ByteDance. The following describes the responsibilities and requirements for the role.

Responsibilities
- The primary focus of this role is to work with the information security team and the EU privacy team on reviewing and responding to potential data privacy incidents to ensure a consistent and effective approach across jurisdictions.
- Development and implementation of incident response and data governance processes and policies.
- Ensure compliance with global and EU privacy and security standards and regulations.
- Work with legal and product teams globally to review products, features, new applications and initiatives to provide legal risk mitigation strategies to ensure legal compliance for products from a privacy and information security perspective.
- Support data governance with respect to data acquisition, including all policies and matters related to the use of data with respect to artificial intelligence.
- Coordinate with legal, information security, data privacy, and other cross-functional colleagues on communication, policy development, and enforcement decisions.

Qualifications

Minimum Qualifications:
- Senior Lawyer qualified to practice in the UK, Ireland and/or at least one EU jurisdiction.
- Proven background in data privacy incident response, including investigations, notification determinations, and assisting with remediation action items.
- Extensive experience at a law firm and/or in-house counseling at an enterprise technology or leading consumer-facing digital application, ideally including user-generated content.
- Experience with EU and UK GDPR and NIS2.
- Experience with working with international teams in various time zones in a cross-functional environment.
- Strong documentation, presentation, and communication skills in a cross-functional and global role.

Preferred Qualifications
- Comfortable with technology and distributed architecture a plus.