General Counsel, Cyber
Apply NowCompany: Honeywell
Location: Charlotte, NC 28269
Description:
Job Overview:
We are seeking an experienced and highly skilled DataPrivacy, Cybersecurity, and AI Governance Attorney to join our legal team. Thisattorney will play a crucial role in advising the organization on privacy laws,data protection regulations, cybersecurity requirements, and governance issuessurrounding artificial intelligence (AI). The ideal candidate will bewell-versed in data privacy laws (such as GDPR, CCPA), cybersecuritycompliance, and the evolving landscape of AI regulations. This position offersthe opportunity to work in a dynamic and fast-paced environment with aforward-thinking company committed to ensuring its data and AI practices remaincompliant, secure, and responsible.
KEY RESPONSIBILITIES
Data Privacy:
-Develop and maintain Global Privacy Program.
-Advise and guide the company on compliance with data privacy laws, including GDPR, CCPA, CAN-SPAM, PIPL, and other regional and international regulations.
-Monitor and assess business implications of regulatory developments across global data privacy regimes.
-Develop, implement and update privacy policies, procedures, and strategies for data collection, processing, storage, and sharing.
-Oversee continued compliance with data privacy registration requirements.
-Conduct privacy assessments, including Data Protection Impact Assessments (DPIAs), Privacy Risk Assessments, Request For Proposal (RFP) questionnaires and vendor assessments.
-Create a program to address and respond to Data Subject Access Requests.
-Provide counsel on cross-border data transfers and contractual obligations related to data privacy.
-Handle privacy-related incidents and breaches, ensuring the company's response complies with applicable laws and regulations.
-Ensure Digital Marketing efforts are compliant, including providing guidance on email and marketing campaigns and website compliance.
-Support M&A activities - due diligence and integrations.
-Serve as legal advisor to Human Resources and support consultation/co-determination activities with the Works Councils to address privacy concerns.
-Serve as DPO where it may be required, cooperate with and act as a contact point for data protection supervisory authorities on issues relating to data processing and consult with supervisory authorities with regard to any other matter where appropriate.
Cybersecurity:
-Advise on legal issues related to cybersecurity laws and regulations (e.g., CMMC, NIST, SOC 2).
-Collaborate with the IT, risk, and security teams to ensure compliance with industry standards and best practices for protecting sensitive data and systems.
-Support the development of cybersecurity policies, protocols, and training programs.
-Provide legal counsel for investigations and respond to security incidents, ensuring the company's legal obligations and reporting requirements are met.
-Monitor regulatory changes and developments related to cybersecurity and ensure the company remains compliant.
-Support cyber M & A including due diligence and integrations.
AI Governance:
-Counsel on the legal, ethical, and regulatory implications of AI technologies, including data usage, algorithm transparency, accuracy testing, bias prevention, and accountability.
-Help establish a company-wide AI governance framework that ensures responsible AI deployment in alignment with ethical standards and legal requirements.
-Advise on the evolving landscape of AI regulations and contribute to shaping company strategies for responsible AI innovation.
-Work closely with internal teams (e.g., IT, product, R&D, engineering) to ensure AI projects comply with privacy, security, and ethical standards.
-Help establish a program designed at reviewing and approving external AI Marketing Claims.
Cross-functional Collaboration:
-Partner with internal stakeholders, including HR, LER, IT, Engineering, Marketing, Risk Management, Compliance, Audit, and business units, to develop comprehensive risk management strategies.
-Draft templates for data privacy, cybersecurity, and AI-related contract language, including vendor agreements, service contracts, and NDAs; support contract negotiations involving data privacy.
-Stay informed on emerging legal trends, policy discussions, and regulatory changes affecting data privacy, cybersecurity, and AI governance.
Training and Awareness:
-Provide training to internal teams on data privacy, cybersecurity, and AI governance best practices.
-Promote a culture of compliance and responsibility across the organization.
Qualifications:
-Education: J.D. (Juris Doctor) from an accredited law school (or equivalent).
-Licensing: Active bar membership in a U.S. jurisdiction (or equivalent).
Experience:
-At least 5-7 years of experience in data privacy, cybersecurity, and/or AI governance at a law firm and/or multinational corporation
-Strong knowledge of data privacy laws and regulations (GDPR, CCPA, etc.).
-Experience advising on cybersecurity frameworks, data protection standards, and AI ethics and regulations.
-Familiarity with industry standards and frameworks (e.g., NIST, ISO, SOC 2, CMMC, etc.).
-Experience managing or advising on legal aspects of AI technologies and governance.
Skills:
-Exceptional legal research and writing skills.
-Strong communication skills, with the ability to communicate complex legal concepts to non-legal stakeholders.
-Ability to collaborate effectively across various departments and with external legal experts or regulators.
-Proactive, solutions-oriented mindset with a focus on minimizing risks and ensuring compliance.
Preferred Qualifications:
-At least one certification in privacy, cybersecurity, or AI ethics (e.g., CIPP, CISM, CISSP, AIGP etc.).
We are seeking an experienced and highly skilled DataPrivacy, Cybersecurity, and AI Governance Attorney to join our legal team. Thisattorney will play a crucial role in advising the organization on privacy laws,data protection regulations, cybersecurity requirements, and governance issuessurrounding artificial intelligence (AI). The ideal candidate will bewell-versed in data privacy laws (such as GDPR, CCPA), cybersecuritycompliance, and the evolving landscape of AI regulations. This position offersthe opportunity to work in a dynamic and fast-paced environment with aforward-thinking company committed to ensuring its data and AI practices remaincompliant, secure, and responsible.
KEY RESPONSIBILITIES
Data Privacy:
-Develop and maintain Global Privacy Program.
-Advise and guide the company on compliance with data privacy laws, including GDPR, CCPA, CAN-SPAM, PIPL, and other regional and international regulations.
-Monitor and assess business implications of regulatory developments across global data privacy regimes.
-Develop, implement and update privacy policies, procedures, and strategies for data collection, processing, storage, and sharing.
-Oversee continued compliance with data privacy registration requirements.
-Conduct privacy assessments, including Data Protection Impact Assessments (DPIAs), Privacy Risk Assessments, Request For Proposal (RFP) questionnaires and vendor assessments.
-Create a program to address and respond to Data Subject Access Requests.
-Provide counsel on cross-border data transfers and contractual obligations related to data privacy.
-Handle privacy-related incidents and breaches, ensuring the company's response complies with applicable laws and regulations.
-Ensure Digital Marketing efforts are compliant, including providing guidance on email and marketing campaigns and website compliance.
-Support M&A activities - due diligence and integrations.
-Serve as legal advisor to Human Resources and support consultation/co-determination activities with the Works Councils to address privacy concerns.
-Serve as DPO where it may be required, cooperate with and act as a contact point for data protection supervisory authorities on issues relating to data processing and consult with supervisory authorities with regard to any other matter where appropriate.
Cybersecurity:
-Advise on legal issues related to cybersecurity laws and regulations (e.g., CMMC, NIST, SOC 2).
-Collaborate with the IT, risk, and security teams to ensure compliance with industry standards and best practices for protecting sensitive data and systems.
-Support the development of cybersecurity policies, protocols, and training programs.
-Provide legal counsel for investigations and respond to security incidents, ensuring the company's legal obligations and reporting requirements are met.
-Monitor regulatory changes and developments related to cybersecurity and ensure the company remains compliant.
-Support cyber M & A including due diligence and integrations.
AI Governance:
-Counsel on the legal, ethical, and regulatory implications of AI technologies, including data usage, algorithm transparency, accuracy testing, bias prevention, and accountability.
-Help establish a company-wide AI governance framework that ensures responsible AI deployment in alignment with ethical standards and legal requirements.
-Advise on the evolving landscape of AI regulations and contribute to shaping company strategies for responsible AI innovation.
-Work closely with internal teams (e.g., IT, product, R&D, engineering) to ensure AI projects comply with privacy, security, and ethical standards.
-Help establish a program designed at reviewing and approving external AI Marketing Claims.
Cross-functional Collaboration:
-Partner with internal stakeholders, including HR, LER, IT, Engineering, Marketing, Risk Management, Compliance, Audit, and business units, to develop comprehensive risk management strategies.
-Draft templates for data privacy, cybersecurity, and AI-related contract language, including vendor agreements, service contracts, and NDAs; support contract negotiations involving data privacy.
-Stay informed on emerging legal trends, policy discussions, and regulatory changes affecting data privacy, cybersecurity, and AI governance.
Training and Awareness:
-Provide training to internal teams on data privacy, cybersecurity, and AI governance best practices.
-Promote a culture of compliance and responsibility across the organization.
Qualifications:
-Education: J.D. (Juris Doctor) from an accredited law school (or equivalent).
-Licensing: Active bar membership in a U.S. jurisdiction (or equivalent).
Experience:
-At least 5-7 years of experience in data privacy, cybersecurity, and/or AI governance at a law firm and/or multinational corporation
-Strong knowledge of data privacy laws and regulations (GDPR, CCPA, etc.).
-Experience advising on cybersecurity frameworks, data protection standards, and AI ethics and regulations.
-Familiarity with industry standards and frameworks (e.g., NIST, ISO, SOC 2, CMMC, etc.).
-Experience managing or advising on legal aspects of AI technologies and governance.
Skills:
-Exceptional legal research and writing skills.
-Strong communication skills, with the ability to communicate complex legal concepts to non-legal stakeholders.
-Ability to collaborate effectively across various departments and with external legal experts or regulators.
-Proactive, solutions-oriented mindset with a focus on minimizing risks and ensuring compliance.
Preferred Qualifications:
-At least one certification in privacy, cybersecurity, or AI ethics (e.g., CIPP, CISM, CISSP, AIGP etc.).