Senior Privacy & Product Counsel

About Milliman:

Independent for over 70 years, Milliman delivers market-leading services and solutions to clients worldwide. Today, we are helping companies take on some of the world’s most critical and complex issues, including retirement funding and healthcare financing, risk management and regulatory compliance, data analytics and business transformation. 

Through a team of professionals ranging from actuaries to clinicians, technology specialists to plan administrators, we offer unparalleled expertise in employee benefits, investment consulting, healthcare, life insurance, and financial services, and property and casualty insurance. 

Job Summary

You will be a member of the Global Data Privacy Team, which is part of Milliman’s Legal and Compliance General Corporate Services, led by the Chief Compliance Officer. You will focus on international data privacy and product counseling. You will collaborate with Data Privacy Counsels in charge of regional privacy matters.

Primary Duties & Responsibilities

• Develop internal guidelines for product data privacy compliance, including privacy-by-design checklists and best practices.
• Lead privacy reviews for new and existing products and product features, focusing on data collection, storage, processing, and sharing.
• Serve as the primary compliance advisor for privacy matters in product development.
• Review AI-driven data processing within the product for ethical and compliance implications.
• Partner with product, engineering, and security teams to embed privacy-by-design principles into the development of products.
• Conduct data protection impact assessments (DPIAs) for new products or new product features, where required.
• Advise on product data flows, third-party integrations, cross-border data transfer compliance, and data sovereignty requirements.
• Develop privacy compliance frameworks for products, including privacy notices, consent forms, retention policies, and user rights management, in collaboration with data privacy counsels where appropriate.
• Guide the implementation of privacy-enhancing technologies (PETs) such as encryption, pseudonymization, and differential privacy.
• Monitor regulatory updates and their impact on products, ensuring continuous compliance.
• Conduct training sessions for product managers and developers on privacy best practices.
• Proactively identify privacy risks in processes and propose mitigations.
• Monitor the implementation of data privacy recommendations, including collaboration with internal data privacy and contract counsels for associated product contract management.
• Maintain a database of products with documentation about Privacy-by-Design processes.
• Advise on cookie-less tracking, federated learning, and other privacy strategies.
• Train product managers and engineers on privacy-by-design principles.

 Education

• Strong IT security knowledge, with an IT Degree, or relevant IT Certification (such as CISSP)
• Good knowledge of HITRUST, ISO 27001, and equivalent standards.
• Ideally, a law Degree or Bar Exam.
• Deep knowledge of international data privacy laws, including GPPR, HIPAA, and CCPA.
• CIPP/E, CIPP/US or CIPT certification.

Required Knowledge and/or Experience

• 7+ years of experience in privacy compliance and product counseling
• Strong analytical skills
• Global mindset with experience working in international environments
• Ability to deal with various laws and standards across several countries
• Ability to simplify complex issues for technical and non-technical stakeholders
• Ability to process, progress and complete matters independently, seeking guidance when needed.
• High level of organization and planning skills, with the ability to create plans and diligence to follow through and monitor plans through execution and completion.
• Collaborative workstyle
• Strong written and oral communication skills
• Adaptability to embrace a dynamic and fast-paced environment
• Good interpersonal skills
• Ideally: good contract drafting and negotiating experience, with experience in drafting data privacy clauses.
• This role will be located in India, with Gurugram being the preferred location.

You will be supervised by the Global Data Privacy Director and be part of a supportive Legal & Compliance team led by the Chief Compliance Officer.

This role is an opportunity for a Data Privacy Advisor/Counsel to develop, with evolution perspective to evolve as the International Product Privacy Lead.