Counsel Privacy And Data Protection

Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title And Summary

Counsel Privacy and Data Protection

Job Description Summary

Counsel - Privacy and Data Protection Services

The Global Business Solutions Center’s (GBSC) mission is to be the partner of choice with stakeholders across Mastercard, enabling business operations efficiency, productivity, and growth. With over 1,100 professionals delivering more than 200 solutions across 10 locations, the GBSC is a powerhouse of innovation and strategic partnerships that combines operational excellence with a vision of what’s next.

The Counsel- Privacy and Data Protection Services will be part of a team of privacy legal specialists within the broader GBSC Legal Services organization. The position plays a critical role in enabling compliant, customer focused, and efficient business outcomes while supporting Mastercard’s data driven products and services.

This role supports Mastercard’s integrated, global approach to privacy and data protection laws, risk standards and will play a critical role in enabling compliant, customer focused, and efficient business outcomes while supporting Mastercard’s data driven products and services.

This is a client-facing role and will require regular interaction with product managers, product engineers, business and sales teams, customer delivery personnel, regional leadership, and other internal stakeholders. The ideal candidate should be comfortable communicating with internal and external clients and establishing strong business rapport.

The position will be based in Mastercard’s office in Pune, Maharashtra.

Are You Someone Who

• Strives for excellence in everything you do?
• Is deeply committed to customer service and stakeholder partnership?
• Enjoys solving complex legal and business problems?
• Is passionate about identifying and implementing process improvements?
  
  
  

If so, this role may be an excellent fit, and you can continue reading.

Role & Responsibilities

In This Role, You Will

• Develop and apply a strong understanding of global privacy and data protection laws, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), translating legal requirements into practical business and data solutions.
• Structure, draft, review and negotiate data privacy terms in client related agreements (including reseller agreement, partner agreement, pilot agreements, statements of work, proof of concept agreements) relating to the deployment and use of cybersecurity and threat intelligence products.
• Review, negotiate, and advise on data protection and data provider terms in services agreements and standalone data protection agreements with vendors, and other third parties to enable business operations and continuity.
• Support transition process from product privacy counsel ensuring product requirement, risk mitigation and data privacy regulatory consideration are properly implemented as advised by product privacy counsel.
• Ensure all data protection agreements are prepared, revised, and executed in close collaboration with business, product privacy counsel and in accordance with approved Mastercard policies, standards, and negotiation playbooks.
• Identify and escalate privacy risks, deviations, or non standard positions in line with established escalation paths.
• Document negotiation outcomes, rationale, and approvals to support audit and governance requirements.
• Deliver exceptional customer service in line with GBSC standards, including quality, responsiveness, resolution timelines, and adherence to defined Service Level Objectives (SLOs).
• Contribute to continuous improvement initiatives by identifying opportunities to enhance efficiency, consistency, and scalability in privacy legal support.
  
  
  

All About You

Education & Certifications

• Must possess a 3 year LL.B. (after completing a bachelor’s degree), or 5 year integrated LL.B. from a recognized University in India be admitted to practice in the hiring location.
• CIPP/E, CIPP/US, or other IAPP certifications are strongly preferred.
  
  
  

Experience & Knowledge

• Prior experience in global privacy and data protection law is a must have.
• Familiarity with U.S., European, Middle East, Africa, and/or Asia Pacific privacy laws is highly desirable.
• Knowledge of the financial services, payment processing industry or technology, product development, cybersecurity, identity, or fraud-related domains is an advantage.
• Experience of minimum 9-10 years in contract review and negotiation, project management, and managing complex stakeholder interactions.
  
  
  

Skills & Competencies

Strong interest and demonstrated capability in privacy and data protection law, with the ability to quickly develop expertise in global regulatory frameworks.

Experience and ability to independently review and negotiate complex commercial contracts with data protection implications with sound judgment on when to escalate issues versus exercising independent discretion

Ability to balance legal risk management with business enablement, delivering practical and solution-oriented advice.

Able to manage competing priorities in a fast-paced environment with short turnaround times and shifting market needs.

Strong communication skills, with comfort engaging cross functionally and explaining complex privacy concepts in a clear manner.

A mindset focused on continuous improvement, operational excellence, and stakeholder partnership.

Experience working across multiple jurisdictions and time zones.

Positive, flexible team player committed to Mastercard’s values of decency, inclusion, and innovation and willing to take on responsibilities that support the privacy team, region, and Company.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard’s security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

---