Our client, Arthur J. Gallagher & Co. (Gallagher) is a global FORTUNE 500 company, traded on the New York Stock Exchange under the symbol AJG. Gallagher and its subsidiaries are engaged in providing insurance brokerage, consulting services and third-party claims settlement and administration services to both domestic and international entities.
Gallagher plans, designs, and administers customized and cost-effective property/casualty insurance and risk management programs. Gallagher also furnishes a broad range of risk management services including claims and information management, risk control consulting and appraisals to help corporations and institutions reduce their cost of risk. In addition, Gallagher assists clients in all areas of their employee health/welfare and retirement plans, including plan design, funding and administration.
Since its founding in 1927, Gallagher has grown from a one-man agency to the world’s fourth largest insurance broker based on revenues, as well as the world’s largest third-party property/casualty claims administrator. As of November 2020, Gallagher has nearly 33,000 employees, and a market capitalization of over $20BB. Gallagher has operations in 49 countries and, through a network of correspondent brokers and consultants, offers client service capabilities in more than 150 countries around the world.
Gallagher believes that its major strength is its ability to deliver comprehensively structured insurance and risk management services to its clients. Gallagher’s brokers, agents and administrators act as intermediaries between insurers and their customers and Gallagher does not assume underwriting risks. Gallagher’s growth has been driven by its team’s ability to adapt to changing market conditions, identify and pursue emerging business opportunities, forge strong relationships with clients and insurance markets, and acquire other insurance brokers with similar cultures and complementary products and services. Gallagher considers itself a sales and marketing organization dedicated to providing excellence in risk management services to its clients.
Gallagher has been ranked by the Ethisphere Institute as one of the World’s Most Ethical Companies for 9 consecutive years, and has won numerous awards for its global business practices. In addition, Gallagher has been named to Forbes’ 2020 list of the World’s Best Employers for Women. Gallagher’s unwavering commitment to ethics and compliance is contained in its Global Standards of Business Conduct, which embodies the shared values expressed in the Gallagher Way, the bedrock principles on which the company has operated since its inception.
Located at Gallagher’s corporate headquarters in Rolling Meadows, Illinois, and reporting to the Global Chief Compliance Officer, the Global Chief Privacy Officer (“CPO”) will be responsible for providing strategic leadership on global privacy and cybersecurity issues, and maintaining and continually enhancing a robust global program in these areas.
The CPO will work closely with partners in legal, compliance, IT and the global business units to proactively address data privacy and cybersecurity risks, recommend solutions, and ensure compliance with all applicable privacy and cybersecurity laws and regulations, including, but not limited to, HIPAA, CCPA, and GDPR. Together with the Global Chief Compliance Officer, the CPO also will assist in implementing and monitoring other aspects of the corporate compliance program across the globe.
The CPO will possess the executive presence to exercise influence and effectuate results and will be a proven leader who is comfortable building relationships globally throughout the organization, including the senior management team, CEO and Board of Directors, and global business unit leaders.
Continually develop, enhance and manage Gallagher’s global privacy and cybersecurity program to ensure compliance with all applicable requirements and best practices. Work collaboratively with global leadership to identify and minimize data privacy and cybersecurity risks and drive implementation of initiatives across the company.
Maintain overall responsibility for Gallagher’s data privacy and cybersecurity incident and breach management policies, and develop and maintain effective and appropriate policies, procedures, and supporting documentation to demonstrate compliance with all applicable privacy laws and regulations, including HIPAA, CCPA, GDPR, and other state and international privacy laws.
Partner and coordinate with internal and external resources to ensure divisional and enterprise compliance with privacy and cybersecurity laws and regulations on a global basis. This will include the development of business associate and data sharing strategies, policies, and documents, as necessary. Engage with data protection authorities and policymakers to maintain sustainable, scalable, and global approaches to complex data privacy protection needs.
Working closely with Gallagher’s Chief Information Security Officer and other stakeholders, continually assess and refine Gallagher’s incident response plan to identify and address any weaknesses.
Assume a key role in directing and managing any activity that may arise relating to data privacy or cybersecurity events. Retain and direct outside counsel and other experts as required and conduct an investigation of the event(s) to determine causes and or/weaknesses in the system or company policies. Working with Gallagher’s Chief Security Information Officer and other relevant parties, develop, implement, and communicate a corrective action plan. Provide reports to senior management, and work with colleagues to ensure compliance with any SEC reporting requirements.
Ensure that all employees, and third parties as needed, receive any additional privacy and cybersecurity training to assure compliance with all applicable laws, regulations, and internal company policies. Ensure appropriate levels of data privacy awareness and accountability across the organization
Serve as a subject matter expert on privacy and security related developments, industry activities and emerging trends relating to Gallagher’s global business.
Assist the Global Chief Compliance Officer with implementation and monitoring of Gallagher’s global compliance program.
A JD from a leading law school, with proven academic success.
At least ten years relevant experience representing a global company in privacy, cybersecurity and compliance matters, preferably in the financial services industry. Prior experience practicing commercial law in both a law firm and a corporation is preferred.
Proven success in developing and continuously implementing a privacy and cybersecurity program with a global company, including prior experience developing, implementing and monitoring data privacy and cybersecurity related processes. Detailed knowledge of state, federal and international privacy and cybersecurity laws.
Prior experience successfully managing other professionals on a global basis. Demonstrated ability to work successfully with and influence dotted-line reports.
Strong project management capability and demonstrated ability to lead, motivate, and utilize excellent judgment. Exceptional interpersonal skills, with proven capability to influence cross-functional and multi-cultural teams.
Excellent written and verbal communication skills, including the ability to clearly and concisely articulate complex legal concepts to a lay audience.
Ability to cost-effectively and proactively engage and manage outside counsel and other service providers on a global basis, as well as travel internationally to support global initiatives.
License to practice law and in good standing under the Bar of any state that enables admission to practice as in-house counsel in Illinois.
About Insight Executive Search Partners, Inc.
Insight Executive Search Partners is a woman-owned boutique retained executive search firm. Insight was formed in 2006 by two veteran search professionals with over thirty years’ experience. We understand that top talent distinguishes top companies and we partner with our clients to help them gain the competitive edge. We are passionate about providing focus, responsiveness and high quality service to our clients to assist them in reaching their potential. Because of our boutique nature, we work with a select group of clients and are able to effectively recruit with minimal blocking. Our disciplined approach to the recruiting process, experience and sustained focus allows us to successfully execute our searches. We are rigorous about selecting leaders who will be a good cultural fit and who will positively impact our client’s organization.