Legal Counsel, Data Privacy Manager and Information Security Officer

Position Summary

The Legal Counsel, Data Privacy Manager and Information Security Officer will be an integral part of the North American Legal, Compliance and Information Security team. The role involves previewing, negotiating and drafting commercial contracts, while also handling data privacy and information security responsibilities. The officer will provide day‑to‑day advice and guidance to help each business unit meet its objectives by developing a deep understanding of applicable laws and regulations.

Additionally, the officer will implement and support the Data Privacy Management System and the Information Security Management System.

• Draft, review and negotiate a broad range of commercial agreements, including NDA's, OEM terms, Master Services Agreements, subcontractor agreements, full and final releases, licensing agreements, and more.
• Provide support in defending the organization in lawsuits/legal claims and prosecute lawsuits on behalf of the organization.
• Conduct research and provide interpretations, opinions and recommendations on business operations, legislation and regulations that may affect the organization.
• Enforce adherence to legal guidelines and in‑house policies to maintain the company’s legality and business ethics.
• Support legal entities in the United States and Mexico in complying with applicable laws and Rheinmetall’s international requirements related to compliance, especially anti‑corruption.
• Assess local data protection requirements; advise all levels of management and employees on data privacy matters; evaluate data privacy risk.
• Maintain and further develop the Data Privacy Management System in close alignment with relevant business units.
• Manage data breaches and act as the first responder to supervisory data protection authorities.
• Provide data protection‑related advice and support to business departments when introducing or changing processes or IT solutions.
• Develop and enforce the organization’s information security policies, standards and procedures.
• Conduct risk assessments to identify and mitigate information security vulnerabilities.
• Oversee the implementation of security technologies, including firewalls, intrusion detection systems and encryption tools.
• Lead the response to information security incidents, including investigations and post‑incident reviews.
• Serve as the primary contact with the corresponding legal entity for Rheinmetall’s data privacy organization and as the primary data protection counterpart for the management and employees within that entity.
• Act as the Data Privacy Regional Manager and Information Security Officer.
• Perform any other duties that may be assigned.

Education and/or experience:
The candidate must be a graduate of an accredited law school with three (3) to six (6) years of related experience and be admitted to the state bar. The candidate should also possess the following:

• In‑depth knowledge of global data protection regulations and frameworks (e.g., GDPR, CCPA).
• Strong understanding of information security principles, practices and technologies.
• Excellent analytical and problem‑solving skills.
• Certifications such as CIPP/E, CIPM, CISSP, CISM or equivalent are highly desirable.
• Strong communication and interpersonal skills to interact with all levels of the organization.
• Ability to manage multiple projects and priorities simultaneously.
• High level of integrity and strong commitment to maintaining confidentiality.