Overview:

Founded in 1898 and headquartered in Chicago, IL, GATX Corporation (NYSE:GATX) strives to be recognized as the finest railcar leasing company worldwide. Our competitive advantage is our full-service leasing business model, including a world-class railcar maintenance network. The key to our long-term growth and success is attracting and retaining top talent.

GATX is seeking a driven, experienced, results-oriented professional who is passionate about data privacy law and able to assist on a wide array of information technology and commercial transactions. The Senior Counsel - Privacy & Transactions will be responsible for acting as the day-to-day legal advisor for all of GATX's data privacy and IT matters, while also drafting and negotiating a wide range of IT and commercial agreements. The position will involve direct interaction with personnel at all levels of the organization and a high degree of responsibility and autonomy.

Responsibilities:

• Counseling and supporting business lines on all issues relating to privacy (US state and federal familiarity, as well as EU (GDPR), China (PIPL) and Canadian federal and provincial regulations), cyber security/risk, data breach response, IP infringement and other IT related matters;
• Responding to privacy-related regulatory inquiries and investigations in coordination with cross-functional partners;
• Developing, implementing and maintaining privacy notices, consents and disclosures to ensure compliance with applicable privacy and cybersecurity laws;
• Designing and scaling a privacy program, including documentation, employee training, policy drafting, policy enforcement, monitoring and auditing, and incident response;
• Working with cross-functional partners to scope and perform periodic data privacy risk assessments, mitigation and remediation;
• Negotiating complex agreements for IT-related products and services;
• Counseling and advising commercial and business teams on privacy and data protection-related provisions of complex commercial contracts, including due diligence for M&A activities;
• Review, draft and negotiate commercial agreements, including procurement agreements, services agreements and other industry-specific agreements; and
• Assist and support the Law Department in a very fast-paced but collegial corporate legal environment.

Qualifications:

Required Education, Experience and Skills:

• J.D. from top law school and admitted to and in good standing with IL bar.
• Minimum of 5 years of hands-on data privacy and IT experience in a law firm or corporate law department; prior in-house experience preferred.
• Experience negotiating a wide variety of complex IT and commercial contracts.
• Outstanding technical legal skills (e.g., drafting, negotiation and advice) equal to that of an accomplished transactional mid-level to senior associate, with a high degree of initiative.
• Deep knowledge of data privacy law.
• Privacy certifications, such as CIPP/E and CIPP/US, a plus, but not required.
• Outstanding leadership skills, including ability to assert legal views and influence.
• Comfortable working with a wide range of internal clients, including executives and directors.
• Ability to handle multiple projects simultaneously and to prioritize them under multiple deadlines.