Nokia’s Legal and Compliance organization (L&C) has approximately 300 lawyers, contract managers, compliance specialists and other professionals worldwide. We provide best in class legal advice and support and achieve Nokia’s business objectives in a manner that complies with applicable legal and ethical standards and company policies.

Legal practice areas include supporting commercially Nokia’s four business groups (Mobile Networks, Network Infrastructure, Cloud and Network Services, and Nokia Technologies),Ethics & Compliance, Litigation, Corporate Legal, Procurement, Labor & Employment, Intellectual Property, and Mergers and Acquisition.

Qualifications

• Qualified and practicing legal counsel with expertise in Middle East and Africa.
• 5+ years of experience in a similar role, ideally in the technology sector.
• Proven track record of providing expert legal advice on privacy, data, and cybersecurity laws.
• Strong understanding of the GDPR and other key privacy frameworks in the regions which will be supported.
• Experience with privacy by design principles and their implementation in product development.
• Experience with the OneTrust privacy platform and relevant privacy certifications (CIPP/E, CIPT) are highly desirable.
• Excellent written and spoken communication skills in English, with the ability to communicate complex legal issues clearly and concisely. Arabic would be beneficial.
• Strong interpersonal skills, with the ability to build relationships and work collaboratively in a diverse team environment.

Responsibilities

Privacy, Data and Cyber Regulatory Counsel - MEA

This role reports to the Global Head of Privacy, Cyber and Regulatory Office and is part of a team of legal counsel providing expert legal advice to the Nokia Group on all aspects of privacy, data, and cybersecurity regulation, ensuring compliance with evolving global regulations and contributing to Nokia's overall business strategy.

How You Will Contribute and What You Will Learn

In this role, you will:

• Support Regulatory Compliance: Provide expert legal advice on global privacy, data, and cybersecurity laws, ensuring compliance with evolving regulations. Proactively track regulatory updates and industry trends, assess their impact on the organization, inform stakeholders of necessary changes, and evaluate policy and procedure adjustments.
• Champion Privacy by Design: Collaborate with product teams to integrate privacy principles into product development lifecycles, fostering a culture of data protection from the design stage. This includes reviewing product specifications, conducting privacy impact assessments, and providing training on data protection best practices.
• Advise on Cybersecurity Law: Advise on global cybersecurity laws and regulations, including data breach notification requirements and incident response planning.
• Support Incident Response: Provide legal guidance during data breach incidents, coordinating with relevant teams to minimize impact and ensure compliance with notification obligations.
• Draft and Review Contracts: Draft appropriate contract templates to address privacy, data, and cyber regulatory requirements. Review complex privacy-related contracts, including data processing agreements, vendor contracts, privacy/security due diligence questionnaires, privacy technical requirements, and other commercial agreements.
• Conduct M&A Due Diligence: Conduct privacy, cyber, and data due diligence for mergers and acquisitions.
• Ensure Policy Compliance: Review policies, procedures, and guidelines to ensure ongoing compliance with evolving regulatory requirements.
• Build Strong Stakeholder Relationships: Build strong relationships with key stakeholders across the organization, including business units, IT, and security teams, to effectively address privacy and data protection issues.
• Review High-Risk Issues: Review high-risk Privacy, Data and Cyber compliance issues, such as high-risk DPIAs, DSARs or Privacy Risk Incidents, including communications.