Assistant General Counsel, Privacy & Data Protection

Grade 12

In April 2025, S&P Global announced its intent to separate S&P Global Mobility ("Mobility") from S&P Global to drive long‑term value creation. The planned separation is expected to result in Mobility becoming a standalone public company.

Mobility is a leading provider of solutions serving the full automotive value chain, including vehicle manufacturers (OEMs), suppliers, mobility service providers, retailers, consumers and finance and insurance companies. Leveraging technology and data science, Mobility provides unique insights, forecasts and advisory services spanning every major market and the entire automotive value chain—from product planning to marketing, sales and the aftermarket.

Open (Virginia preferred)

The Assistant General Counsel, Privacy & Data Protection supports a business of approximately $1.8 billion in revenue and ~3,500 employees world‑wide, providing legal, strategic and risk‑management advice on a wide variety of global privacy, AI and data protection matters. The role offers guidance, subject‑matter expertise and support across the organization on cyber and data incident response and commercial and vendor contracting.

• Work in a dynamic, fast‑paced, client‑facing environment
• Partner closely with colleagues across the business, including security, compliance, procurement, product and commercial teams, advising on contracting, initiatives, new products and features, incident response and enterprise‑wide privacy and data strategy.
• Design and translate legal and regulatory requirements into practical, scalable solutions that enable innovation while managing risk.
• Serve as a business‑oriented, senior legal advisor and core member of the team, counseling on issues of significant importance.

• Act as a subject‑matter expert on privacy and data protection, providing practical, timely and strategic legal advice across the business.
• Proactively monitor and assess emerging privacy, cybersecurity and AI regulations, advising on their potential business impact and readiness planning.
• Influence the strategic implementation of privacy and data protection requirements across products, services and internal operations.
• Identify problems and support solutions‑based practices by using existing precedents or procedures, including creating legal gap analysis of new data protection laws and regulations.

• Support and drive incident response efforts, including breach notification, investigations, eDiscovery and regulatory exposure.
• Provide guidance to the IT and Info Sec team on data protection matters.

• Maintain and draft contract template language related to data privacy, data protection and information governance across the enterprise, including vendor, commercial and M&A contracts.
• Provide privacy guidance and support to commercial, corporate and procurement attorneys on the negotiation of commercial and vendor DPAs.
• Work with stakeholders across the company to ensure controls, such as vendor due diligence controls, are compliant with applicable law.

• Lead or support global privacy program initiatives, including the development, implementation and improvement of policies, procedures, standards, templates and playbooks.
• Draft, review and maintain internal privacy policies and procedures, as well as external privacy notices, consent language and disclosures, collaborating and advising the Compliance team where applicable.

Provide liaison with regulators and external stakeholders, ensuring compliance with privacy and data protection requirements.

• Support the Compliance team in delivering effective privacy training and communications for legal and non‑legal audiences across regions, functions and levels.
• Promote a strong culture of privacy awareness and accountability throughout the organization.

• 5+ years of relevant experience, primarily focused on privacy and data protection, gained at a law firm…