A multinational food and food brands company is seeking to engage a Privacy & Compliance attorney to assist the company on an interim basis (20 hours per week for an initial 6 month term).
Scope of Work
Title: Senior Privacy and Compliance Counsel (contract)
Experience: 8+ Years
Location: Remote (Singapore)
Hours: 20 Hours / Week
Technology: OneTrust Privacy Management
Duration: 6 Months (From 5/4/2026 until 11/28/2026)
Pay Rate: $130 - $160 / hr
Job description:
We seek a pragmatic, senior privacy counsel who can combine deep regulatory and security expertise with strong stakeholder management skills across APAC. If you are experienced, flexible, and ready to lead cross‑border privacy and cyber compliance matters, we welcome your application for this part-time contract role (approximately 20 hours per week) for 6 months.
This is a remote engagement with a primary focus on supporting privacy and compliance work across the Asia region, with particular emphasis on security and cyber matters. Asia expertise is mandatory; candidates should be based in or able to cover Singapore or Hong Kong time zones.
Strong preference for senior‑level counsel (Senior Counsel / AGC‑level) with hands‑on privacy, regulatory and compliance experience rather than a pure technology‑transaction focus.
Experience advising or operating within a large global law firm and a US‑based multinational corporation is highly desirable. Familiarity with OneTrust is a plus.
Responsibilities
- Provide pragmatic, senior‑level legal advice on privacy, data protection, security and cyber‑incident matters across multiple APAC jurisdictions, with primary coverage of Singapore (and Hong Kong where required).
- Lead and support cross‑border privacy compliance projects, including data mapping, data transfer mechanisms (SCCs, BCRs, local adequacy/derogations), and cross‑jurisdictional risk assessments.
- Advise on regulatory requirements and engagement strategies for APAC privacy regulators (e.g., PDPC, HK PCPD) and coordinate with US/EU counsel and global stakeholders as needed.
- Develop, review and implement privacy and security policies, playbooks and incident response procedures; respond to and coordinate breach/cyber incident investigations and regulator notifications.
- Conduct Data Protection Impact Assessments (DPIAs), security risk assessments and vendor/provider due diligence; advise on contractual terms, security SLAs and standard contractual clauses for vendors and customers.
- Support privacy‑by‑design initiatives with product, engineering and security teams; advise on lawful bases for processing, retention, anonymisation/pseudonymisation and consumer rights management.
- Manage privacy compliance tooling and processes; OneTrust experience or similar privacy management platform administration/support is a plus.
- Provide training, create templates and run awareness sessions for business stakeholders on privacy, security and compliance obligations.
- Coordinate compliance audits, respond to regulator inquiries, and manage remediation plans with internal stakeholders (legal, security, IT, HR, product, sales).
- Work independently and collaboratively across multiple jurisdictions and time zones; escalate and manage complex issues to senior management and external counsel when necessary.
Qualifications
- Qualified lawyer admitted to practice in a common law jurisdiction; admission to a Singapore bar is desirable but not mandatory if candidate can demonstrate equivalent APAC experience.
- Senior‑level experience (Senior Counsel, Associate General Counsel or equivalent) with 8+ years of hands‑on privacy, regulatory, security or compliance practice; experience in both large global law firms and in‑house at a multinational (US HQ preferred) is highly advantageous.
- Substantive experience handling APAC privacy regimes (PDPA, Hong Kong privacy law, and familiarity with regional regulatory trends) and cross‑border data transfer issues; working knowledge of GDPR and US privacy laws (e.g., CCPA/CPRA) a plus.
- Demonstrated experience with cyber incident response and advising on security controls, breach notifications and remediation measures.
- Strong drafting and negotiation skills for privacy provisions, security annexes, data processing agreements, vendor contracts and internal policies.
- Pragmatic, business‑oriented approach with the ability to manage competing priorities, diverse stakeholders and multiple jurisdictions under tight timelines.
- Excellent communication skills — able to translate complex legal and technical issues for non‑legal audiences, senior executives and regulators.
- Familiarity with privacy management platforms (OneTrust preferred) and with data inventory/mapping tools is a plus.
- Ability to work independently on a part‑time, remote contract basis while coordinating effectively with US and APAC teams; availability to cover Singapore/Hong Kong business hours is required.
