Marsh Risk

About the Company

We help our clients and colleagues grow — and our communities thrive — by protecting and promoting possibility. We seek better ways to manage risk and define more effective paths to the right outcome. We go beyond risk to rewards for our clients, our company, our colleagues, and the communities in which we serve.

Marsh Risk is a part of Marsh. Together with Mercer, Guy Carpenter, and Oliver Wyman, we help organizations build resilience and competitive advantages from every angle. With annual revenue over $24 billion and more than 90,000 colleagues in 130 countries, Marsh helps build the confidence to thrive through the power of perspective.

Listed Jobs

Company Name

Marsh Risk

Job Title

Privacy Counsel (NQ – 3 years PQE) - UK & EU

Job Description

**Job Title** Privacy Counsel – UK & EU (NQ – 3 years PQE) **Role Summary** Provide strategic privacy and data protection advice to a global enterprise. Lead contract negotiation, incident response, data subject rights management, and privacy risk assessments, while ensuring compliance with UK and EU data protection laws and supporting cross‑functional teams across multiple geographies. **Expectations** - Deliver accurate, timely legal guidance that protects business interests. - Maintain a high level of compliance and risk mitigation in all data‑related activities. - Engage stakeholders effectively within a matrix organization, balancing functional priorities with regulatory requirements. **Key Responsibilities** - Advise business leaders on UK and EU data protection best practices and policy implementation. - Draft, review, and negotiate data‑protected clauses in commercial contracts, including third‑party agreements and international data transfer provisions (SCCs, BCRs). - Manage the full lifecycle of data subject rights requests, ensuring timely and compliant responses. - Serve as Incident Response Leader for data breaches: provide legal counsel, coordinate notifications, and handle communication. - Conduct privacy risk assessments and DPA/ DPIA for new projects and initiatives. - Monitor, interpret, and disseminate evolving legal and regulatory developments to internal stakeholders. - Contribute to internal privacy publications and play a role in the organization’s privacy education initiatives. **Required Skills** - Proven expertise in UK and EU data protection legislation and the broader data‑law environment. - Strong drafting and negotiation skills for commercial contracts focused on privacy. - Experience managing data subject rights requests and handling incident response. - Ability to conduct legal research, produce clear guidance, and present findings to varied audiences. - Excellent written and verbal communication; strong planning and organizational abilities. - Capability to work under pressure in a fast‑paced, matrix‑structured setting. **Required Education & Certifications** - Qualified Solicitor or Barrister with at least 3 years post‑qualification experience (PQE) in a corporate or law‑firm setting focused on privacy and data protection. - Bachelor’s degree in Law, or equivalent, with relevant professional qualifications (e.g., CIPP, CIPP/E). - Knowledge of international data transfer frameworks and contractual clauses. - Preferred: Business proficiency in a European language (French, Spanish, German) and familiarity with AI/privacy‑enhancing technologies.

Belfast, United kingdom

Hybrid

Junior

11-03-2026