facebook linkedin

Senior Counsel, Data Privacy, APAC (Associate Director)

Mainland China

Ref#: 20016918

Date published: 31-Jul-2020

Share with: Facebook LinkedIn Twitter Send to a friend

At CBRE, you are empowered to take your career in your own hands. Our people enjoy workplace flexibility in a global organisation with tremendous scale providing world-class commercial real estate services and outsourcing.

We currently have an exciting opportunity for an experienced Legal Counsel to join our team. Based in Shanghai, this individual will assist CBRE’s Asia and Pacific (“APAC”) Data Privacy Director improve, sustain and facilitate a robust, interdisciplinary global program to address and mitigate data privacy risk and execute the CBRE Group’s global data privacy and protection strategy in APAC with a focus on China. 

  • Assist in building, improving and maturing CBRE’s data privacy and protection program in APAC with a focus on China’s Cybersecurity Law. 
  • Act as the point of contact for local regulatory authorities on issues relating to personal information, including providing required assistance to local regulatory authorities, and reporting and leading response to incidents. 
  • Oversee CBRE China's data protection management and ensuring CBRE’s regulatory compliance with personal information and broader data protection obligations. 
  • Advise internal clients on compliance with legal requirements and CBRE’s privacy policies, notices, standards and procedures. 
  • Liaise with and supporting the Information Security leads as regards personal information and data aspects of CBRE’s cybersecurity compliance programme, including MLPS and incident management. 
  • Draft, publish, update and implement data privacy and protection policies, cybersecurity policies, other relevant regulations and solutions to ensure compliance and security in collection, transfer, storage, process, exchange, and destruction of data. 
  • Conduct security and privacy impact assessments, including in relation to overseas data transfers, appointment of data processors and launch of new products, services and technology. Support on due diligence of new vendors. 
  • Conduct compliance audits. 
  • Provide second-line support and advice to CBRE Legal on local data privacy matters including how to review data privacy clauses and data processing agreements 

The ideal candidate must be fluent in Mandarin and English and has the qualification to practice law in China. You will have the ability to communicate and influence at all levels within the organisation with excellent presentation skills

To be successful in this role you will ideally have:
  • Minimum five (5) years’ data privacy experience preferred
  • Expertise in Chinese Cybersecurity Laws, including the Personal Information Security Specifications and Guidelines for Data Cross-Border Transfer Security Assessment
  • Recognised industry certifications preferred (e.g. CIPP/A, CIPM, CIPT, PMP)
  • Familiarity with IT/data security systems
  • Ability to solve advanced problems and deal with a variety of options in complex situations

If working with the best in an exciting and rewarding team environment appeals to you then we want to hear from you. Please attach your CV to your application.