Location: New York, NY
Experience: 7+ years
Bar Admission: Must be admitted to the US Bar
Language: English as working language; Mandarin proficiency highly desired
Luckin Coffee International Legal team is seeking an experienced and motivated attorney with 7+ years of data privacy experience. The role will be responsible for handling a variety of privacy and data security matters across business units and jurisdictions, with a primary focus on U.S. data privacy and cyber security matters.This position will report to the Legal Director of International Legal team. This is an excellent opportunity to join Luckin’s expanding international legal team and work in a fast-paced, dynamic environment.
What you get to do in this role
●Lead global data privacy matters, with a primary focus on U.S. market, including structuring and establishing internal compliance mechisam and precedures, handling government inquires, regulatory investigations, litigation etc.
●Provide day-to-day legal support to the development and launch of new products and services, ensuring alignment with privacy-by-design and regulatory compliance principles, and advice on agreement terms related to privacy and consumer disclosures
●Collaborate with engineering, product, growth and marketing teams to design practical, scalable solutions that mitigate risk while enabling growth
●Conduct and advise on compliance and accountability documentation including data protection impact assessments, legitimate interest assessments, and legal assessments relating to international data transfers
●Develop and maintain internal policies, playbooks, and training to promote privacy and data protection awareness across the offices and jurisdictions
●Advise on information security risk management, including data breach analysis and response, third party risk management and external communications
●Draft and review privacy notice, consent, and contract templates, both globally and regionally
●Monitor evolving global privacy laws, regulations, and enforcements assessing and advising on impact to the business
Qualifications
In order to be successful in this role, we need someone who has:
●A law degree from a prestige law school and qualification to practice law in at least one state
●Minimum 7 years of experience at a top-tier law firm and/or in-house, experience working in tech companies preferred
●Strong understanding of privacy, data protection and data security laws in U.S. and globally
●Demonstrated ability to lead / manage data privacy efforts globally / regionally including experience in privacy by design reviews and projects, doing data protection impact assessments (DPIA), drafting template data processing agreements and data transfer agreements, developing internal processes, compliance and auditing frameworks
●Experienced in handling privacy inquiries, complaints and incidents, as well as dealing with regulators in US regarding privacy matters;
●Experience dealing with geo-tension associated privacy matters
●Experience working with and across the full corporate structure in a matrixed corporate environment
●IAPP Certifications, such as CIPP/US or CIPP/E, a plus
●Proven ability and commitment to work both independently and collaboratively with numerous people at all levels throughout the company
●Strong sense of problem-solving, proactive and pragmatic work ethic
●Sound commercial sense and business judgment and capability to manage multiple wide-ranging matters
●Determination to face tough challenges in a fast-paced environment.
●Strategic thinker with integrity and spirit of entrepreneurship
