Job: Legal Counsel, Data Privacy Manager and Information Security Officer

POSITION SUMMARY The Legal Counsel, Data Privacy Manager and Information Security Officer will be an integral part of the North American Legal, Compliance and Information Security team. The Legal Counsel, Data Privacy Manager and Information Security Officer responsibility on the one hand is to preview, negotiate and draft commercial contracts. On the other hand, data privacy and information security is a relevant part of the responsibility. The Legal Counsel, Data Privacy Manager and Information Security Officer will also provide day-to-day advice and guidance to help each business unit meets its objectives by developing a deep understanding of the laws and regulations applicable to data privacy. In addition, the Legal Counsel, Data Privacy Manager and Information Security Officer, will also be responsible for implementation and support of data protection activities (Data Privacy Management System) as part of the business, as well as Information Security activities (Information Security Management System). RESPONSIBILITIES include the following. Other duties may be assigned. •Draft, review and negotiate broad range of commercial agreements with our customers and suppliers, including but not limited to, Non-Disclosure Agreements, OEM terms and conditions, Master Services Agreements, subcontractor agreements, Full and Final Releases, licensing agreements etc. •Provide support in defending the organization in lawsuits/legal claims as well as in the prosecution of lawsuits on behalf of the organization against others. •Conduct, research and provide interpretations, opinions and recommendations on business operations issues and on legislation and regulations that may affect the organization. •Enforce adherence to legal guidelines and in-house policies to maintain the company’s legality and business ethics. •Support legal entities in the United States and Mexico complying with applicable laws and following Rheinmetall’s international requirements related to compliance, especially anti-corruption. •Assess local data protection requirements and activities, e.g. advice all levels of management and employees on data privacy matters and evaluate and advise as to data privacy risk. Maintain and further develop the Data Privacy Management System in close alignment with the Divisional responsible and business. •Data breach management. Attends to general inquiries from supervisory data protection authorities as a first responder. •Provide data protection-related advice and support of business departments. This includes the introduction of new or change of existing processes and/or assets (especially IT solutions). •Develop and enforce the organization’s information security policies, standards, and procedures. •Conduct risk assessments to identify and mitigate information security vulnerabilities. •Oversee the implementation of security technologies, including firewalls, intrusion detection systems, and encryption tools. •Lead the response to information security incidents, including investigations and post-incident reviews. •Primary contact with the corresponding legal entity for Rheinmetall’s data privacy organization. Primary data protection counterpart for the management and employees within the legal entity. •Nominated as the Data Privacy Regional Manager and Information Security Officer. •Perform other duties that may be assigned.

EDUCATION and/or EXPERIENCE The candidate must be a graduate of an accredited law school with three (3) to six (6) years of related experience and be admitted to the state bar. The candidate should also possess the following: •In-depth knowledge of global data protection regulations and frameworks (e.g. GDPR, CCPA). •Strong understanding of information security principles, practices, and technologies. •Excellent analytical and problem-solving skills. •Certifications such as CIPP/E, CIPM, CISSP, CISM, or equivalent are highly desirable. •Strong communication and interpersonal skills to interact with all levels of the organization. •Ability to manage multiple projects and priorities simultaneously. •High level of integrity and strong commitment to maintaining confidentiality.