Gallagher Logo

Privacy Counsel

Gallagher

Rolling Meadows IL 60008 US

Apply Now

Job Type : Full Time

Date Posted : January 13, 2026

Job Category : Legal Occupations

Industry : Legal

Posted : posted 3 days ago

Introduction

Welcome to Gallagher - a global community of people who bring bold ideas, deep expertise, and a shared commitment to doing what’s right. We help clients navigate complexity with confidence by empowering businesses, communities, and individuals to thrive. At Gallagher, you’ll find more than a job; you’ll find a culture built on trust, driven by collaboration, and sustained by the belief that we’re better together. Whether you join us in a client-facing role or as part of our brokerage division, our benefits and HR consulting division, or our corporate team, you’ll have the opportunity to grow your career, make an impact, and be part of something bigger. Experience a workplace where you’re encouraged to be yourself, supported to succeed, and inspired to keep learning. That’s what it means to live The Gallagher Way.

Overview

As Privacy Counsel, you will play a crucial role in ensuring the protection and privacy of data within Gallagher Global Brokerage (“GGB”), focusing primarily on the US business segment, including privacy support for recently acquired companies.  You will be responsible for developing and implementing data protection strategies, polices, standards, procedures, and training materials to both gain efficiencies in our privacy practices and to ensure compliance with relevant privacy laws and regulations across GGB, with a particular focus on the US.  As the need arises, the Privacy Counsel will also occasionally support other business units under the GGB umbrella to include non-US operations (Caribbean, Canada, etc.).

 

You will collaborate the Global Privacy Office (“GPO”), local privacy, security, IT, AI, Legal and compliance teams, senior business stakeholders and third parties to ensure the delivery of Gallagher's data privacy strategy within the established risk appetite.  This involves adhering to company and regulatory requirements while meeting the needs of customers, regulators, colleagues and stakeholders.

 

You will provide advice and support to the business to identify, articulate and guide them in the implementation and management of their privacy risks in support of their business strategies.

 

You will monitor compliance with data privacy, AI and cybersecurity laws, as well as internal policies and procedures.


How you'll make an impact

  • Data Protection Strategy: Collaborate with the GPO, GGB Division Privacy and IT Leads, the GGB-US General Counsel and local GGB business leaders to develop and execute a comprehensive data protection strategy for GGB that aligns with business objectives and regulatory requirements. Assist the Global Chief Privacy Officer to implement the Global Data Privacy Framework (Tier 1) within GGB and develop and implement any required GGB local Data Privacy Frameworks (Tier 2) to minimize privacy risks and drive risk reduction initiatives.
  • Policy Development: Create and maintain data protection policies, standards, guidelines and playbooks that reflect best practices and ensure compliance with applicable laws and regulations.
  • Risk Management: Identify and assess privacy risks (including conducting privacy risk assessments and data transfer impact assessments) across jurisdictions and provide guidance to business units on risk mitigation strategies. Complete and maintain GGB Privacy Risk Registers, with specific focus on inherent and residual risk.
  • Privacy Advice and Support: Provide expert advice and guidance to GGB, the GPO and other stakeholders on privacy-related matters, including data sharing, international transfers of personal data, consent management, data subject rights, data incidents, vendor risk management, due diligence and integration relating to merger and acquisition activities, responses to client privacy queries, data minimization, privacy complaints, determinations of requirements to have a Data Protection Officer (or equivalent) in an entity, data analytics and artificial intelligence. Handle internal and third-party requests for access to GGB data.
  • Training and Awareness: Develop and deliver privacy training programs to raise awareness and ensure understanding of data protection obligations among employees, including high risk users.
  • Privacy Impact Assessments and Data Transfer Impact Assessments: Conduct assessments for new projects, systems, and processes to identify and address potential privacy risks, and for data transfers where required by law.
  • Incident Response: Lead and coordinate the containment and response to data privacy incidents, including conducting investigations, implementing corrective actions, responding to client, carrier and data subject queries, and reporting to relevant authorities, companies and involved data subjects.
  • Supplier Risk: Assess privacy risks in relation to GGB’s supply chain, working closely with colleagues in security, IT, the GPO, legal and procurement.
  • Contractual Risk: Provide review and negotiation of privacy-related contractual terms with individuals, vendors, clients and insurance markets.
  • Compliance Monitoring: Monitor and report on compliance with data protection, HIPAA and AI laws, regulations, and internal policies, and implement controls to ensure ongoing adherence.
  • Records Retention: Advise business units on privacy requirements and best practices related to records retention and de-identification/destruction and work closely with IT and business units to implement new retention and de-identification/destruction guidelines and capabilities.
  • Stakeholder Engagement: Collaborate and build effective working relationships with internal and external stakeholders, including the GPO, Legal, Security, Insurance, IT, AI, Data, HR, Marketing, Digital and third-party vendors, to ensure alignment and cooperation in data privacy initiatives.
  • Industry Knowledge: Stay up-to-date with emerging trends, technologies, and legal and regulatory developments in the field of data protection, privacy, AI and cybersecurity.

About You

Qualifications

  • 1+ year practicing attorney in the privacy space.
  • Experience in carrying out privacy gap analysis, creation and implementation of remediation plans as well as designing and implementing privacy projects preferable.
  • Privacy qualifications / certificates e.g. CIPP/US, CIPM preferred.
  • Previous insurance experience preferred.

 

Experience and Skills

  • Experience and expertise in data protection and privacy management, preferably in a multinational organization.
  • In-depth knowledge of data protection laws and regulations, such as HIPAA, CCPA, and other regional privacy frameworks.
  • Strong understanding of privacy risk management principles and practices.

#LI-TW2


Compensation and benefits

We offer a competitive and comprehensive compensation package. The base salary range represents the anticipated low end and high end of the range for this position. The actual compensation will be influenced by a wide range of factors including, but not limited to previous experience, education, pay market/geography, complexity or scope, specialized skill set, lines of business/practice area, supply/demand, and scheduled hours. On top of a competitive salary, great teams and exciting career opportunities, we also offer a wide range of benefits. 

Below are the minimum core benefits you’ll get, depending on your job level these benefits may improve:

  • Medical/dental/vision plans, which start from day one!
  • Life and accident insurance
  • 401(K) and Roth options
  • Tax-advantaged accounts (HSA, FSA)
  • Educational expense reimbursement
  • Paid parental leave

Other benefits include:

  • Digital mental health services (Talkspace)
  • Flexible work hours (availability varies by office and job function)
  • Training programs
  • Gallagher Thrive program – elevating your health through challenges, workshops and digital fitness programs for your overall wellbeing
  • Charitable matching gift program
  • And more...

**The benefits summary above applies to fulltime positions. If you are not applying for a fulltime position, details about benefits will be provided during the selection process.

 

We value inclusion and diversity

Click Here to review our U.S. Eligibility Requirements

Inclusion and diversity (I&D) is a core part of our business, and it’s embedded into the fabric of our organization. For more than 95 years, Gallagher has led with a commitment to sustainability and to support the communities where we live and work.

Gallagher embraces our employees’ diverse identities, experiences and talents, allowing us to better serve our clients and communities. We see inclusion as a conscious commitment and diversity as a vital strength. By embracing diversity in all its forms, we live out The Gallagher Way to its fullest.

Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination by its managers, employees, vendors or customers based on race, color, religion, creed, gender (including pregnancy status), sexual orientation, gender identity (which includes transgender and other gender non-conforming individuals), gender expression, hair expression, marital status, parental status, age, national origin, ancestry, disability, medical condition, genetic information, veteran or military status, citizenship status, or any other characteristic protected (herein referred to as “protected characteristics”) by applicable federal, state, or local laws.

Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Gallagher will make reasonable accommodations to known physical or mental limitations of an otherwise qualified person with a disability, unless the accommodation would impose an undue hardship on the operation of our business.

Apply Now