Share this Job

Senior Legal Advisor, Office of the General Counsel of KPMG

Date: Oct 6, 2021

Location: London, United Kingdom

Company: KPMG UK


The increasing importance of technology in KPMG’s business has resulted in a need to continually assess how we manage risk across the Global Organization in pursuit of our Collective Strategy, including our ability to operate within our risk profile in the areas of information privacy, confidentiality and information security. This role will play an important part in addressing information protection risks inherent in supplier and global alliance relationships.


- Negotiating, drafting, reviewing, interpreting, amending and updating a range of data protection and security agreements (e.g., Data Protection Agreements (DPAs), Information Security Addendums (ISAs), and contractual terms relating to third-party suppliers of technology solutions and services

- Analyzing a broad range of privacy and data protection laws (e.g., GDPR, the Data Protection Act (UK) 2018, the US CLOUD Act, the California Consumer Privacy Act, the New York Privacy Act, the Hong Kong Personal Data (Privacy) Ordinance, the Singapore Personal Data Protection Act, and other relevant national laws and regulations) to determine how such laws and regulations impact our contracting templates, negotiating guidelines, and risk profiles (and modifying such templates, negotiating guidelines and risk profiles accordingly)

- Providing support to Global Procurement, IOGC, and Global Alliance colleagues in relation to drafting, reviewing, interpreting, and negotiation of complex commercial provisions relating to data privacy and protection laws and regulations

- Maintaining and tracking status of negotiations to keep stakeholders up to date

- Supporting the drafting and negotiation of privacy provisions in our member firm arrangements

- Being a key privacy legal resource for Global Procurement, IOGC, and Global Alliance teams in relation to data protection contractual language

- Training and educating Global Procurement, IOGC, and Global Alliance professionals on various contract related privacy and security requirement maintaining, developing, implementing, and improving processes and procedures to drive consistency, compliance, and efficient contracting.

- Maintaining, developing, implementing, and improving processes and procedures to drive consistency, compliance, and efficient contracting.

Technical Skills

A candidate should have the following technical skills:

• Strong negotiating, reviewing, and drafting skills, focused on data privacy and information security, across a wide variety of commercial supplier and alliance agreements (e.g., DPAs, ISAs).
• Demonstrable technical legal skills in the areas of data privacy and information protection, with a focus on providing legal advice on a range of global privacy laws, regulatory guidance and enforcement actions (as they relate to commercial contracts).
• Must be able to translate complex legal and regulatory contractual issues, within the context of complex technical and business issues, into easily understandable, pragmatic and commercial advice.

Qualifications & Licenses

A candidate must be a qualified lawyer with approximately 4+ years PQE (or equivalent, if not qualified in the UK), although all candidates with demonstrable ability to fulfil the role will be considered.

One or more certifications from the International Association of Privacy Professionals (IAPP) and/or International Information Systems Security Certifications Consortium (or similar equivalent) preferred.

Experience and Background

A candidate should have the following experience and knowledge:

• Minimum 4 years PQE (i) negotiating, drafting, interpreting, and reviewing data privacy and security related documents, and (ii) solid experience modifying templates to address changes to data privacy and information protection laws and regulations and how they impact commercial contracts.
• Solid understanding of the types of data privacy and protection issues and challenges faced by a large global organization, along with an understanding as to how to balance the needs, demands and requirements of a global business with legal risks and protections afforded in contracts.
• Knowledge of the core concepts of information security and the ability to quickly understand how these relate to the data privacy aspects of KPMG’s supplier and alliance templates.
• Experience working as part of a legal team (either at a top tier law firm or at an equivalent position in-house) on complex cross-border commercial privacy and information security matters.
• Ability to advise on, and drive forward the implementation of, template revisions with an international/cross-border dimension.
• Ability to work flexibly and collaboratively as part of a supportive legal team while taking responsibility for their own work.
• Must be self-motivated and able to thrive in a fast-paced, high-volume legal department with many different stakeholders worldwide.
• Understands how to foster a collaborative and inclusive environment amongst other KPMG professionals.
• Ability to build and maintain relationships with business and senior stakeholders.
• Cultural sensitivity required to engage with people at all levels and with diverse backgrounds.
• Experience in instructing and managing external counsel on matters, as appropriate (other than the most significant matters, on which the individual in this role will work alongside a Partner or Director level lawyer within IOGC).
• An affinity for technology and privacy issues related thereto, with a natural interest in cloud-based technology solutions and enthusiasm for technical innovation.
• Awareness of own strengths and areas for development.

Additional Notes

• This role offers a comprehensive compensation and benefits package.
• Some domestic and international travel may be required (once countries open up their borders and it is safer to do so).

Job Segment: General Counsel, Law, Information Systems, Compliance, Procurement, Legal, Technology, Operations