Privacy Legal Analyst

The Global Privacy & IT Legal team is seeking a Legal Analyst to track and analyze developments in the data privacy and technology space. Privacy is an exciting and rapidly changing area of law impacting all of Vanguard's business lines, and this role will provide the rare opportunity to engage with partners in all divisions across our global enterprise. Working closely with Global Privacy's Program Team, , the Regulatory Program Office, Compliance, Human Resources and Global Public Policy. , the successful candidate will lead efforts to build awareness of regulatory developments impacting Vanguard's enterprise-wide privacy program and related policies, procedures and standards. This role will also play a key role in supporting Vanguard's adoption of emerging technologies, including Generative AI, and contributing to governance frameworks that address legal compliance, ethical considerations, special projects driven by these regulatory changes will provide the opportunity to foster a trusted advisor relationship with impacted business partners, and to learn about the technology solutions that enable us to deliver best-in-class service to all Vanguard clients. We are seeking candidates with experience or a demonstrated interest in navigating Vanguard's compliance obligations, identifying opportunities to improve efficiency by recognizing common requirements across compliance frameworks, and delivering clear and practical guidance to partners with differing levels of subject matter awareness. In addition, this role will play a key role in organizing meetings, providing first level project management support, and assisting with document formatting to ensure clarity and compliance with internal and external requirements. The role will also involve supporting fact-finding exercises by liaising with business teams to gather information and ensure that the team's guidance aligns with business needs. The ideal candidate will have a strong understanding of privacy-related documentation, such as policies or Data Protection Impact Assessments (DPIAs), and a proactive approach to regulatory developments.,

• Provides support related to global data privacy and protection regulations, including but not limited to GDPR, PECR, e-Privacy Directive, DPA 2018, and the evolving EU AI Act, with a focus on legal compliance, risk management, and cybersecurity.
as well as fraud prevention measures.
• Assist in preparing and organizing meetings, including managing agendas, minutes, and follow-up actions related to privacy, AI, and cyber regulations.
• Leads the review of incident reports to identify, investigate, and dispose of potential privacy incidents.
• Assist in preparing GDPR-related documentation, such as DPIAs, and ensuring alignment with global standards and internal policies. Supports the development of privacy policies, standards, and procedures for the enterprise-wide privacy program.
• Participates in projects to provide expertise on applicable regulatory and reporting requirements specific to global data privacy laws and regulations.
• Support the development and maintenance of privacy, AI, and cyber governance policies, procedures, and standards across Vanguard's enterprise-wide programs.
• Liaise with business teams to gather information for fact-finding exercises, ensuring the support provided by the team is aligned with business needs and compliance requirements.
• Develop and leads delivery of privacy/cyber/AI-related trainings to internal partners across the enterprise to increase internal awareness as well as to ensure adherence to relevant laws and regulations.
• Participates in special projects and performs other duties as assigned.
  
  Minimum of three years related work experience, privacy and regulatory experience in the financial services industry preferred.
• Demonstrated knowledge of GDPR, UK GDPR, PECR, DPA 2018, and basic knowledge of the EU AI Act.
• Undergraduate degree or equivalent combination of training and experience.
• Technology expertise/exp. working with and conversing with IT.
• Prior Data Privacy/Security/Governance/Policy drafting experience.
• CIPP helpful.
• Excellent attention to detail, particularly in document formatting and preparation of legal or regulatory materials.
• Strong analytical and communication skills, with the ability to deliver clear and concise information to a variety of stakeholders.
• Willingness to learn and develop expertise in AI, data privacy, and cybersecurity regulations.
  
  Vanguard's continued commitment to diversity and inclusion is firmly rooted in our culture. Every decision we make to best serve our clients, crew (internally employees are referred to as crew), and communities is guided by one simple statement: "Do the right thing."
We believe that a critical aspect of doing the right thing requires building diverse, inclusive, and highly effective teams of individuals who are as unique as the clients they serve. We empower our crew to contribute their distinct strengths to achieving Vanguard's core purpose through our values. When all crew members feel valued and included, our ability to collaborate and innovate is amplified, and we are united in delivering on Vanguard's core purpose. Our core purpose: To take a stand for all investors, to treat them fairly, and to give them the best chance for investment success How We Work Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.