About Restaurant Brands International: Restaurant Brands International Inc. is one of the world\'s largest quick service restaurant companies with more than $35 billion in annual system-wide sales and over 28,000 restaurants in more than 100 countries. RBI owns four of the world\'s most prominent and iconic quick service restaurant brands \xe2\x80\x93 TIM HORTONS\xc2\xae, BURGER KING\xc2\xae, POPEYES\xc2\xae and FIREHOUSE SUBS\xc2\xae. These independently operated brands have been serving their respective guests, franchisees and communities for decades. Through its Restaurant Brands for Good framework, RBI working towards its goal of improving sustainable outcomes related to its food, the planet, and people and communities. Regional Privacy Lead / Legal Director \xe2\x80\x93 EMEA & APAC Our opportunity for you: RBI is one of the world\'s largest quick service restaurant companies with over 27,000 restaurants in more than 120 countries. RBI owns three of the world\'s most prominent and iconic quick service restaurant brands \xe2\x80\x93 Tim Hortons\xc2\xae, Burger King\xc2\xae, Firehouse Subs\xc2\xae, and Popeyes\xc2\xae. RBI\'s Global Privacy Program continues to mature in response to enhanced regulatory and enforcement risks, increased expectations around data ethics from society and key stakeholders, and innovative and evolving business models. We\'re quickly growing the team and need a Regional Privacy Lead / Legal Director \xe2\x80\x93 EMEA & APAC in our Zug, Switzerland office. This role will be reporting to the Global VP, Privacy Officer at RBI. It will be responsible for leading RBI\'s Global Privacy Program in EMEA & APAC, and for driving RBI\'s handling of legal and compliance issues related to privacy, security, and data protection matters in these regions. The candidate who fills this role will be an instrumental legal advisor and business partner to the cross-functional teams at RBI. The candidate will also have deep experience in collaborating with data protection supervisory authorities and have established relationships with one or more of these authorities in the regions. Join us and help build the next generation of digital experiences for some of the world\'s most-loved brands! Primary responsibilities - What you\'ll do:

• Lead the development and implementation in the regions of RBI\'s Global Privacy & Data Protection Program
• Design, propose and implement privacy processes, protocols, and controls that are the foundation of a modern and proactive privacy function
• Be the go-to person for all privacy matters and steer external counsel/DPO as needed

• Develop and implement policies, protocols, and controls for the Program

• Oversee the legal and regulatory compliance for privacy, security, and data matters

• Serve as the primary expert and resource on these matters for the teams on the ground. Provide legal advice and day-to-day support to legal colleagues and business stakeholders on privacy, security, and data related matters.
• Document, prioritize, and communicate clear privacy requirements for product initiatives and releases
• Educate and advise the business team on new data, privacy, and ethical uses, and provide strategies to address privacy and data governance considerations

• Evaluate the impact of privacy laws, regulatory guidance, and enforcement actions
• Lead responses to regulatory inquiries and investigations, incident/breach response, and intensified data subject requests
• Draft, negotiate, structure, and advise on a variety of complex, multifaceted agreements involving partnerships, technology transactions, and data protection-related legal issues
• Ensure our commercial relationships comply with applicable law and our internal privacy, security, and compliance policies
• Provide strategic legal and business advice to facilitate and develop long-term relationships with clients and partners

What you\'ll bring: Experience

• D. from an accredited law school + active and in good standing Bar license
• 10+ years of post-Bar admission experience, preferably a combination of law firm and in-house experience (experience advising tech and/or hospitality companies is preferred)
• At least 8+ years of relevant privacy, data protection, and compliance experience
  • Sophisticated, in-depth knowledge of global data privacy laws, in the EU and APAC
  • Experience implementing privacy management programs
  • Broad understanding of changing priorities, trends, legislative and regulatory requirements and/or other internal and external emerging issues and their potential impacts on goals, priorities and activities within a privacy program and across the organization
  • Experience with incidents and data breaches
  • Experience with regulatory investigations
• Strong background in technology transactions, commercial law, privacy, data protection
• Skilled negotiator with deep transactional expertise
• Experience working closely with clients and successfully managing client relationships
• Demonstrated ability to issue spot and "connect the dots" across business units on data privacy, security, and compliance matters, and escalate accordingly

Skills

• Excellent English language skills that include the ability to draft complex legal briefs.
• Comfortable working with a legal and business mindset simultaneously
• Outstanding analytical and negotiation skills, with strong attention to detail
• Sound business and legal judgement
• Able to make smart decisions and balance risk, often in ambiguous situations and with imperfect information
• Willing and eager to dive into new areas of law and unfamiliar issues
• Solid project management skills
• Able to manage own schedule, work efficiently, prioritize workflow, meet demanding deadlines, and manage multi-faceted projects in a fast-paced environment
• Ability to understand key business issues while managing the day-to-day execution of key privacy program activities and supporting projects
• Able to operate autonomously while contributing successfully to cross-functional teams
• Excellent communication skills, with an ability to gain support and reach consensus from multiple stakeholders
• Strong sense of ownership

Nice-to-haves

• Fluency in other European / APAC languages
• Privacy or cybersecurity credentials (CIPP/E, CIPP/US, ISACA\xe2\x80\xa6)
• Business and work experience outside the legal context, including internationally

Restaurant Brands International and all of its affiliated companies (collectively, RBI) are equal opportunity and affirmative action employers that do not discriminate on the basis of race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or veteran status, or any other characteristic protected by local, state, provincial or federal laws, rules, or regulations. RBI\'s policy applies to all terms and conditions of employment. Accommodation is available for applicants with disabilities upon request.