Massachusetts Green Jobs

MassHire JobQuest Logo

Job Information

The MITRE Corporation Associate General Counsel and Chief Privacy Official in Bedford, Massachusetts

Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges—and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day—working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities, and a culture of innovation that embraces diversity, inclusion, flexibility, collaboration, and career growth. If this sounds like the choice you want to make, then choose MITRE—and make a difference with us.

The Associate General Counsel and Chief Privacy Official will shape and drive the company’s overall privacy and data protection posture. This role will increase MITRE’s expertise in privacy and security, by inaugurating and growing the Center for Data Privacy and Protection, organizing our current privacy and data protection efforts into a world class program, and reducing MITRE’s overall enterprise risk. The Associate General Counsel and Chief Privacy Official will collaborate across the organization to ensure the successful development and maintenance of privacy policies and procedures, motivate program compliance across the corporation, investigate and track privacy-related incidents, and will monitor and respond to the evolving privacy landscape. This position is a key leader and legal adviser within the company and will serve as the central resource for managing MITRE’s data privacy and protection efforts, including GDPR compliance and alignment to state, federal, and international frameworks, regulations, and laws.

Essential Job Functions:

  • Help the organization manage data use while maintaining compliance with privacy and data security laws, regulations, and contractual agreements

  • Manage the organization’s overall data privacy program, develop an approach to ensure transparent awareness for internal leaders and executives about MITRE’s risk posture related to privacy and security

  • Collaborate with stakeholders across all business sectors (national security, civilian, corporate) in the review of projects and related data to ensure data protection and privacy compliance and oversight of periodic information privacy risk assessment/analysis, mitigation and remediation efforts

  • Design and execute a plan to help pursue and attain GDPR compliance

  • Design and execute a plan to attain data and privacy compliance in areas where the organization plans to do work

  • Provide expertise o n privacy and data security topics, including: a.) the evolving landscape of applicable federal and state privacy laws, and accepted and best practices, b.) the use of Personally Identifiable Information (PII) and Protected Health Information (PHI), c.) managing the related risks of 3rd party outsourcing, and d.) technology topics related to employee privacy and ethics in the workplace

  • Help instill and maintain a cultural focus on continuous improvement regarding privacy and data protection, including: a.) oversight of ongoing privacy training for the workforce, b.) refining and communicating policies and guidance on the privacy implications of MITRE activities, programs, and initiatives, c.) managing privacy-related inquiries in the organization, and d.) administering a process for investigating privacy complaints

  • Collaborate with the information technology and infosec organization to ensure privacy-related technology and controls are defined and addressed, and to implement an ongoing process to track, investigate and report inappropriate access and/or disclosure of personal information

  • Monitor, track, and report on overall privacy and data protection program progress; streamline and improve processes as needed

  • Prepare and negotiate commercial, partnership and teaming agreements on a range of corporate topics

  • Identify, track, mitigate, and resolve risk issues

  • Exercise independent judgment and discretion in solving complex legal- and business-related issues.

Key Responsibilities:

  • MITRE’s Good Growth Strategy, Vision and Mission: Effectively executes the strategy, vision, and mission

  • Strategic Outcomes: Establishes the formulation and management of the sponsor strategy or corporate/functional strategy

  • Define the Right Work: Develops and provides oversight of the work or corporate program

  • Develop Our People: Acquires, develops, coaches, leads, and enables an inclusive and diverse workforce

  • Strategic Relationships: Develops close working relationships with sponsors and stakeholders, becoming a trusted advisor in the sponsor organization and/or across the MITRE enterprise on major initiatives, policies, challenges, and priorities

  • The MITRE Brand: Ensures product or program quality and is aligned to MITRE Brand

  • Good Steward of Resources: Effectively manages the operations of a division (revenue, costs, people, etc.)

Key Accountabilities:

  • Doing the right work aligned with sponsor or enterprise strategic priorities and outcomes

  • Senior sponsor relationships or senior internal relationships across MITRE

  • High technical quality of products or programs

  • People have clear expectations and goals that contribute to important sponsor or enterprise strategic outcomes as well as project level outcomes

  • Development of future MITRE leaders

Key Cultural/Behavior Attributes:

  • Speed

  • Risk-taking

  • Adaptability

  • Grace and respect

  • Collaboration

Key Leadership Effectiveness Attributes:

  • Innovative

  • Strategic

  • Persuasive

  • Excitement

  • Communication

  • Delegation

  • Feedback

  • Management focus

Key Organizational Criteria:

  • Leads a division or a mission-centric function that has significant impact for sponsors, partners, and/or MITRE enterprise

  • Division or a mission-centric function provides multiple services or highly complex products/solutions

  • Has multiple direct reports, including multiple department managers or leads a mission-centric function

Education, Experience, Knowledge, and Skills Requirements:

  • Juris Doctor degree required and licensed to practice law in at least one jurisdiction

  • Bachelor’s or Master’s degree in related field (or equivalent in combined education and experience), and/or privacy certifications preferred

  • Practicing attorney with 15+ years of related experience, including significant experience with data security and privacy

  • Significant experience drafting and negotiating commercial transactions and other legal agreements

  • Strong knowledge of GDPR, CCPA, Privacy Act, FOIA and the e-Government Act and other major privacy frameworks, security laws, rules, and regulations worldwide, plus awareness of the related policy landscape

  • Experience with incorporating state and federal information privacy laws, including HIPAA, into corporate programs

  • Experience with privacy-related technologies and emerging technologies which may impact privacy

  • Strong risk management orientation, ability to effectively steer the organization toward compliance while driving mission and business impact

  • Strong organization, planning, and prioritization skills

  • Demonstrated skills in collaboration, teamwork, communication, and problem-solving to achieve goals

  • Knowledge of or experience with FFRDCs, research nonprofits, or government contractors preferred

  • Experience in InfoSec/cybersecurity and corporate privacy programs preferred

  • Management experience preferred

This requisition requires the following clearance(s):

None

MITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of race, religion, color, national origin, gender, gender expression, sexual identity, disability, age, veteran status, and other protected status.

MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE’s employment process, please contact MITRE’s Recruiting Help Line at 703-983-8226 or email at recruitinghelp@mitre.org.

Copyright © 1997-2021, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.

At MITRE, we solve problems for a safer world. Through our federally funded R&D centers and public-private partnerships, we work across government to tackle challenges to the safety, stability, and well-being of our nation. As a not-for-profit organization, MITRE works in the public interest across federal, state and local governments, as well as industry and academia. We bring innovative ideas into existence in areas as varied as artificial intelligence, intuitive data science, quantum information science, health informatics, space security, policy and economic expertise, trustworthy autonomy, cyber threat sharing, and cyber resilience.

DirectEmployers