Coca-Cola Company
Senior Legal Counsel, Data Privacy & Cybersecurity (EMEA Region) at Coca-Cola Company. Please make sure you read the job requirements before applying for this position.
The Coca-Cola Company (NYSE: KO) is the world’s largest beverage company, refreshing consumers with more than 500 sparkling and still brands.
At The Coca-Cola Company you can cultivate your career in a challenging and dynamic environment. We are the largest manufacturer and distributor of nonalcoholic drinks in the world-selling more than 1 billion drinks a day. Unlock your full potential with a future-focused company that is known and respected throughout the world.
We are recruiting to fill the position of:
Job Title: Senior Legal Counsel, Data Privacy & Cybersecurity ( EMEA Region)
Requisition ID: R-65601
Location: Lagos, Nigeria
Employment Type: Full Time
Travel: 00% – 25%
Position Overview
- You will be part of a global privacy and cybersecurity legal team in a dynamic global business.
- The position is located in Africa, Turkey or Dubai, and you will work with a privacy team located across Europe and the U.S. led by our Global Chief Privacy Officer.
- The role would suit a candidate that has an international outlook and ability to interact with legal and business colleagues around the globe on a variety of privacy and cybersecurity matters.
About the Role
The successful candidate will:
- Work on a wide range of data privacy and cybersecurity matters in connection with the company’s business and its compliance requirements
- Manage the EMEA privacy and legal cyber strategy and provide high quality legal advice to members of the global law department and business teams
- Maintain current knowledge of relevant areas of data privacy and cybersecurity laws; manage and lead multi-stakeholder, incident investigative teams
- Provide proactive advice in a creative and business-centric way.
Job Responsibilities
What you will do:
- Assist with defining a global legal privacy and data strategy that enables the use of data to accelerate growth.
- Provide sound, clear and succinct recommendations and analysis to senior stakeholders and business teams around data use and management that enables innovation to move forward and break new ground.
- Provide oversight & guidance over all EMEA legal matters relating to privacy, with a focus on ensuring the Enterprise receives strategic and solution-oriented privacy solutions in an optimized and networked fashion.
- Support our businesses with legal advice relating to data privacy and other relevant areas of law, including cybersecurity, with a focus on the EMEA region.
- Advise, draft, and negotiate data privacy and security clauses in contracts and prepare data processing agreements, as part of external contract review or internal templates and modifying data privacy template clauses with third parties such as marketing partners, suppliers, and others.
- Advise our businesses on privacy and cybersecurity matters related to new and existing products, projects and business initiatives.
- Develop and implement data privacy policies and terms of use, as well as policies and procedures to mitigate privacy and security risks.
- Manage investigations, law enforcement and data subject rights requests that may arise from time to time.
- Instruct external law firms and external counsel as required.
- Collaborate with our legal teams across the region as well as globally, including, EU, Singapore, and Atlanta, Georgia, USA HQ, to ensure standardization and alignment on data privacy matters.
- Manage privacy compliance strategy by designing, implementing and managing compliance efforts relating to EMEA data privacy and data security laws.
- Conduct gap analysis between EMEA data privacy and data security laws and the GDPR, CCPA. LGPD, and other laws.
- Refine, improve and manage the company’s EMEA privacy program, including privacy policies, internal privacy protocols, compliance plans, a privacy review process, and privacy training.
- Keep current on existing and proposed privacy legislation and communicate implications for the company and lead the region’s strategic response and activities to adapt to privacy legislation in alignment with the Chief Privacy Officer.
- Proactively enable utilization of data in a manner that will allow the Company to maximize value and minimize risk.
- Perform and or oversee initial and periodic information privacy risk assessment/analysis, mitigation and remediation.
- Conduct related ongoing compliance monitoring activities in coordination with the organization’s other compliance and operational assessment functions.
- Work with senior leaders, security and corporate compliance officer to embed governance for the privacy program in the business.
- Foster strong, networked collaboration among Practice Group, business clients and Legal professionals in the EMEA Organizational Units to ensure legal services are provided in the most efficient and effective manner globally.
- Works closely with EMEA Operating Units legal teams and other Practice Circles ensuring they collaborate for seamless delivery of legal support.
- Identify work that should not be done, as well as work which can be addressed through digitization, standardization and simplification.
Education Requirements
- Qualified as an Attorney in EMEA;
- A Degree or relevant experience in the Computer Science, Engineering or Software and/or Digital Forensic fields is an added advantage
- Excellent oral and written communication skills in English.
Experience & Knowledge Requirement:
- 5-8+ years of professional experience as with deep knowledge of privacy and data protection laws in the EMEA region, including but not limited to Bahrain, Egypt, Kenya, So. Africa, Turkey; and experience with a wider range of global data privacy and cybersecurity laws, including EU GDPR, US (e.g. CPRA), Brazil LGPD, Canada PIPEDA
- Requires a strong understanding of existing and emerging legal and regulatory developments in the EMEA region impacting data privacy and cybersecurity, including identifying regulatory trends and evaluating the potential business impact, and the ability to manage incident investigation teams composed of various stakeholders
- Requires a knowledge of relevant European laws and international laws is an advantage
- Prior experience with large, complex and multi-disciplinary projects.
- Expertise in pseudonymization, anonymization and de-identification methodologies;
- Expertise with O2O/digital commerce industry;
- Experience in handling investigations, including communication with authorities and other external parties would be an advantage
- Knowledge of various EMEA antitrust and data transfer tax laws.
Functional Skills:
- Strong analytic capabilities, and written and oral communication skills. Attention to detail is a must.
- Imperative to have excellent communications skills to communicate clearly with senior leadership and senior managers..
- Cybersecurity, Privacy and other investigation handling requires ability to communicate with judges, authorities, opposing counsel and outside counsel.
- Proven ability to work as part of diverse and multi-cultural teams of both legal and business colleagues
- Demonstrated business judgment and ability to prioritize in fast-paced environment
- Commercial-minded, solutions-oriented with a pragmatic and creative approach.
- Exceptional interpersonal skills with proven experience in relationship building and partnering with both legal and business colleagues. Must work well in both team and individual settings.
- Excellent organizational skills, including the ability to handle high volume of work efficiently, recognize priorities, manage time effectively and meet deadlines.
Application Closing Date
6th January, 2024.
Method of Application
Interested and qualified candidates should:
Click here to apply online