Description:

Overview:
Do you love spending time outside – paddling, cycling, hiking, or just being in nature? Are you excited about an opportunity to use your legal expertise to enable a life outside for everyone. REI Co-op, a growing, purpose-driven specialty retailer and leader in outdoor recreation, is looking for a Sr. Counsel – Privacy and Cybersecurity.

At REI, we believe time outside is fundamental to a life well lived. We exist to inspire and enable a life outside for everyone. To deliver on that promise, we are working with our 15,000 employees, 20M members and the broader outdoor community toward a reality where everyone has the opportunity to be themselves and find their place in the outdoors. For us, that means:

Investing in work that removes the barriers people and communities face to getting outside
Delivering relevant products, experiences, and expertise to equip and inspire a new generation of outdoor stewards
Cultivating a workforce that reflects the demographics of the markets we serve
Leading the industry's efforts to welcome people and communities historically underrepresented into outdoor media and culture

REI's Legal team is a key partner to achieving our vision. The Sr. Counsel – Privacy and Cybersecurity will provide advice and leadership on legal issues relating to the Co-op's approach to its consumers and members. This person advises on legal issues relating to the organization's strategies and tactics with respect to privacy, personalization, cybersecurity, and technology – all in service to enabling a life outside for everyone. Reporting to the General Counsel, this person will serve as a trusted business partner to leaders across our organization, including counseling executive leadership like REI's Chief Technology Officer and Chief Information Security Officer (CISO).

Responsibilities and Qualifications:
Responsibilities:

Monitor, stay up-to-date, and advise on legal and regulatory requirements related to data privacy, consumer protection, and cybersecurity issues, and support associated compliance efforts, including with respect to U.S. state privacy laws (e.g., CCPA/CPRA, VCDPA, CPA, CTDPA, UCPA, ICDPA, BIPA, etc.), GDPR, CAN-SPAM, TCPA, breach notification laws, incident response, AdTech, and new developments
Serves as legal advisor and thought-partner to the technology, ecommerce and cybersecurity teams
Drafts, reviews, and negotiates agreements for digital/technology products and services, including appropriate commercial, cybersecurity, and privacy-related terms (e.g., data processing agreements) and advises on transactions relating to the technology function
Support the operation, maintenance and improvement of our privacy program, including concisely and clearly articulating legal requirements and supporting compliance efforts; reviewing privacy assessments; developing and implementing data privacy documentation, resources, tools, and standard methodologies across the enterprise; drafting and updating policies and notices; supporting enterprise-wide data mapping initiatives; crafting and implementing program forms and templates; evaluating program performance; and collaborating with our cybersecurity team, other cross-divisional partners, and outside counsel
Build and maintain expertise in, and proactively track, existing and emerging data privacy, cybersecurity, technology, and consumer protection laws, industry trends around areas like loyalty and artificial intelligence (AI), and developments; participate in industry groups/forums
Provide legal support for a wide variety of contracts that relate to technology services or impact personal data.
Manage disputes relating to privacy, cybersecurity, and technology.
Develop and conduct compliance trainings relating to privacy and related topics (live and online).
Proactively partner with other legal team members and business partners to identify and discuss legal and compliance related issues.
Provide thought-leadership and set direction on legal issues impacting REI's strategic goals and objectives.

Qualifications:

At least 10 years of experience at a highly respected law firm or in-house corporate environment.
CIPP/US or other privacy certification from the International Association of Privacy Professionals is preferred
Client counseling experience required, and litigation experience preferred.
J.D. required.
Registered and in good standing with at least one State Bar and eligible to practice law in their state of residence.

Essential Leadership Attributes

Demonstrated ability to think strategically while acting pragmatically to handle multiple projects at the same time effectively and efficiently.
High level of character and personal integrity.
Ability to build open, trusting, and honest relationships, effectively influencing a wide range of people.
Willingness to lead projects independently, with initiative and ownership.
Ability to communicate complex information in a clear manner, and drive direction for the organization.
Team player with a positive attitude, self-confidence, enthusiasm, and resilience.
Brings a creative, problem-solving perspective to challenging issues.
Intellectual curiosity and desire to learn and develop new skills.
Contributes to the success of company by leading or assisting with other projects as needed.
Interest in leveraging technology for efficiency in legal operations.
Experience in retail, consumer, or experiential/hospitality business preferred, but not required.