The MITRE Corporation Associate General Counsel and Chief Privacy Official in Bedford, Massachusetts
Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges—and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day—working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities, and a culture of innovation that embraces diversity, inclusion, flexibility, collaboration, and career growth. If this sounds like the choice you want to make, then choose MITRE—and make a difference with us.
The Associate General Counsel and Chief Privacy Official will shape and drive the company’s overall privacy and data protection posture. This role will increase MITRE’s expertise in privacy and security, by inaugurating and growing the Center for Data Privacy and Protection, organizing our current privacy and data protection efforts into a world class program, and reducing MITRE’s overall enterprise risk. The Associate General Counsel and Chief Privacy Official will collaborate across the organization to ensure the successful development and maintenance of privacy policies and procedures, motivate program compliance across the corporation, investigate and track privacy-related incidents, and will monitor and respond to the evolving privacy landscape. This position is a key leader and legal adviser within the company and will serve as the central resource for managing MITRE’s data privacy and protection efforts, including GDPR compliance and alignment to state, federal, and international frameworks, regulations, and laws.
Essential Job Functions:
Help the organization manage data use while maintaining compliance with privacy and data security laws, regulations, and contractual agreements
Manage the organization’s overall data privacy program, develop an approach to ensure transparent awareness for internal leaders and executives about MITRE’s risk posture related to privacy and security
Collaborate with stakeholders across all business sectors (national security, civilian, corporate) in the review of projects and related data to ensure data protection and privacy compliance and oversight of periodic information privacy risk assessment/analysis, mitigation and remediation efforts
Design and execute a plan to help pursue and attain GDPR compliance
Design and execute a plan to attain data and privacy compliance in areas where the organization plans to do work
Provide expertise o n privacy and data security topics, including: a.) the evolving landscape of applicable federal and state privacy laws, and accepted and best practices, b.) the use of Personally Identifiable Information (PII) and Protected Health Information (PHI), c.) managing the related risks of 3rd party outsourcing, and d.) technology topics related to employee privacy and ethics in the workplace
Help instill and maintain a cultural focus on continuous improvement regarding privacy and data protection, including: a.) oversight of ongoing privacy training for the workforce, b.) refining and communicating policies and guidance on the privacy implications of MITRE activities, programs, and initiatives, c.) managing privacy-related inquiries in the organization, and d.) administering a process for investigating privacy complaints
Collaborate with the information technology and infosec organization to ensure privacy-related technology and controls are defined and addressed, and to implement an ongoing process to track, investigate and report inappropriate access and/or disclosure of personal information
Monitor, track, and report on overall privacy and data protection program progress; streamline and improve processes as needed
Prepare and negotiate commercial, partnership and teaming agreements on a range of corporate topics
Identify, track, mitigate, and resolve risk issues
Exercise independent judgment and discretion in solving complex legal- and business-related issues.
MITRE’s Good Growth Strategy, Vision and Mission: Effectively executes the strategy, vision, and mission
Strategic Outcomes: Establishes the formulation and management of the sponsor strategy or corporate/functional strategy
Define the Right Work: Develops and provides oversight of the work or corporate program
Develop Our People: Acquires, develops, coaches, leads, and enables an inclusive and diverse workforce
Strategic Relationships: Develops close working relationships with sponsors and stakeholders, becoming a trusted advisor in the sponsor organization and/or across the MITRE enterprise on major initiatives, policies, challenges, and priorities
The MITRE Brand: Ensures product or program quality and is aligned to MITRE Brand
Good Steward of Resources: Effectively manages the operations of a division (revenue, costs, people, etc.)
Doing the right work aligned with sponsor or enterprise strategic priorities and outcomes
Senior sponsor relationships or senior internal relationships across MITRE
High technical quality of products or programs
People have clear expectations and goals that contribute to important sponsor or enterprise strategic outcomes as well as project level outcomes
Development of future MITRE leaders
Key Cultural/Behavior Attributes:
Grace and respect
Key Leadership Effectiveness Attributes:
Key Organizational Criteria:
Leads a division or a mission-centric function that has significant impact for sponsors, partners, and/or MITRE enterprise
Division or a mission-centric function provides multiple services or highly complex products/solutions
Has multiple direct reports, including multiple department managers or leads a mission-centric function
Education, Experience, Knowledge, and Skills Requirements:
Juris Doctor degree required and licensed to practice law in at least one jurisdiction
Bachelor’s or Master’s degree in related field (or equivalent in combined education and experience), and/or privacy certifications preferred
Practicing attorney with 15+ years of related experience, including significant experience with data security and privacy
Significant experience drafting and negotiating commercial transactions and other legal agreements
Strong knowledge of GDPR, CCPA, Privacy Act, FOIA and the e-Government Act and other major privacy frameworks, security laws, rules, and regulations worldwide, plus awareness of the related policy landscape
Experience with incorporating state and federal information privacy laws, including HIPAA, into corporate programs
Experience with privacy-related technologies and emerging technologies which may impact privacy
Strong risk management orientation, ability to effectively steer the organization toward compliance while driving mission and business impact
Strong organization, planning, and prioritization skills
Demonstrated skills in collaboration, teamwork, communication, and problem-solving to achieve goals
Knowledge of or experience with FFRDCs, research nonprofits, or government contractors preferred
Experience in InfoSec/cybersecurity and corporate privacy programs preferred
Management experience preferred
This requisition requires the following clearance(s):
MITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of race, religion, color, national origin, gender, gender expression, sexual identity, disability, age, veteran status, and other protected status.
MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE’s employment process, please contact MITRE’s Recruiting Help Line at 703-983-8226 or email at email@example.com.
Copyright © 1997-2021, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.
At MITRE, we solve problems for a safer world. Through our federally funded R&D centers and public-private partnerships, we work across government to tackle challenges to the safety, stability, and well-being of our nation. As a not-for-profit organization, MITRE works in the public interest across federal, state and local governments, as well as industry and academia. We bring innovative ideas into existence in areas as varied as artificial intelligence, intuitive data science, quantum information science, health informatics, space security, policy and economic expertise, trustworthy autonomy, cyber threat sharing, and cyber resilience.
The MITRE Corporation
- The MITRE Corporation Jobs