Assistant General Counsel - Regulatory, Privacy and Information Security
Overview:
About American Credit Acceptance
A national leader in the auto finance industry, American Credit Acceptance (ACA) partners with car dealerships across the country to empower the emerging credit consumer to purchase reliable, affordable transportation. We are a fast-paced, entrepreneurial company that has delivered profitable growth while maintaining a strong culture of compliance and risk management since our inception in 2007.
About the Team
Our Legal Department provides guidance and support to the organization on a broad range of issues, including federal and state consumer protection laws, litigation, employment law, and transactional matters. The Assistant General Counsel (Regulatory, Privacy and Information Security) is responsible for providing expert legal counsel and strategic guidance on matters related to business development, privacy and data protection laws, as well as other federal and state laws and regulations related to auto financing industry.This role provides transactional support, as well as develops, and implements privacy policies, and collaborates with cross-functional teams to safeguard the organization's data assets.
Your Role
Reporting directly to the General Counsel, you will:
- Draft and negotiate complex commercial agreements with dealers, technology companies, service providers, and strategic relationships, to support the existing and emerging auto finance business.
- Advise cross functional departments in a clear, pragmatic, and approachable manner on a wide array of issues related to finance, data sharing, RFP’s, governance, conflict resolution, IP, contract interpretations and business and legal risks.
- Oversee and monitor compliance with consumer financial laws, privacy and information security laws and regulations; interpret and apply laws to the organization's operations and initiatives.
- Provide guidance to internal business partners on consumer financial, including, but not limited to, privacy, data protection, and information security matters with significant impact on business initiatives, strategy, and performance; collaborate and manage outside counsel as needed.
- Develop, review, and update internal privacy and information security policies, ensuring policies align with legal requirements and industry best practices.
- Conduct regular audits and assessments to identify and mitigate risks. Lead the legal response to data breaches and security incidents.
- Coordinate with information technology and information security teams to manage notifications and regulatory reporting.
- Ensure third-party contracts comply with privacy, information security and data protection standards.
- Keep abreast of relevant changes in laws and regulations that may impact the company, proactively identifying potential legal risks, advising on mitigation plans, and providing oversight.
- Develop deep subject matter expertise in the auto industry and laws applicable to auto finance.
- Interface with regulatory bodies as needed.
- In-depth knowledge of global privacy and information security laws and regulations, including GDPR, CCPA, NY DFS Cybersecurity, GLBA, FFIEC CAT, CSBS R-SAT, ISO, SOC, NIST, CISA, OneTrust, and emerging privacy and information security frameworks and technology solutions.
- Strong analytical, communication, and negotiation skills with the ability to manage complex legal issues and provide clear, actionable advice.
- Ability to anticipate legal issues and develop preventive strategies.
- Demonstrated leadership capabilities, with the ability to influence and drive initiatives across the organization.
- Experience leading a team of direct reports along with a coaching mentality to identify team strengths and to drive business results.
- High level of professionalism. Able to communicate with all levels of staff.
- Able to simultaneously manage workload, multiple clients’ demands, and shifting priorities within a fast-paced, unpredictable, and rapidly evolving environment.
- Juris Doctor from an accredited law school.
- Admitted to practice law in South Carolina or another U.S. jurisdiction.
- 10+ years of experience in regulatory, privacy, data protection and information security law in a law firm or in-house corporate environment.
- 3-5 years of leadership experience.
- Experience in managing litigation and/ or regulatory matters and close interactions with outside counsel preferred
- Financial services experience a plus
Full-time position
100% Onsite in Spartanburg, SC.
Must be open to relocate / able and willing to commute to office 5 days/week.
EEO Statment
ACA provides equal employment opportunities (EEO) to all applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws.ACA complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.
California Privacy Notice
"As an employer of California residents, we are dedicated to protecting your privacy rights. Any personal information you provide during the application process will be used solely for permitted internal purposes and will be handled in accordance with applicable privacy laws.By applying to this position, you consent to the collection, use, and disclosure of your personal information as described in our Employee Privacy Notice."
Please note this job description is not designed to cover or contain a comprehensive listing of all activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
You are not officially considered an applicant unless you have completed an employment application in ACA’s online applicant tracking system, iCIMS.
#LI-JJ1