Company: Mastercard
Location: São Paulo, SP, Brazil
Career Level: Associate
Industries: Banking, Insurance, Financial Services
Description
Our Purpose
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Title and Summary
Counsel, Privacy, AI & Data Responsibility • The Counsel, Privacy, AI & Data Responsibility (PAIR) will support both the strategy and the daily operations of the PAIR Team in the Latin America and Caribbean (LAC) region in compliance with global privacy and data-related laws.• Serve as a strategic advisor to business leaders, driving the integration of Privacy by Design principles into Mastercard products and services, including artificial intelligence and advanced technology products, and enabling responsible innovation across Mastercard's global operation.
• The position will report to the Senior Counsel, PAIR and will be a member of both the Global PAIR team and the broader Legal team in LAC.
• Demonstrate an ability to build trust and credibility with stakeholders, communicate and collaborate with cross-functional and cross-geographic partners to ensure compliance and governance, and champion industry-leading practices in data responsibility.
Role:
• Support the PAIR team to ensure privacy compliance is built into Mastercard data-driven products and services in the LAC region, including Mastercard's operationalization of compliance with all regional and local privacy and data related laws in LAC.
• Identify requirements and controls to enable privacy compliance adopting the Privacy by Design process; work with legal, regulatory, business, and technical teams to assist implementation.
• Assist the team to record data protection impact assessments where required, and to identify and implement privacy and AI controls and safeguards to mitigate risks.
• Draft privacy notices and review consumer-facing material, including marketing and communications campaigns, for compliance with applicable privacy and data protection requirements.
• Work closely with main stakeholders, business units and support teams to raise awareness on privacy and AI matters, prepare and lead trainings, meetings and other supporting materials.
• Maintain records of processing or database registrations for all relevant and applicable personal data processing activities as required under applicable data protection laws, regulations, and standards.
• Support Mastercard's processes for handling privacy rights and government data requests in LAC, including access and other rights under applicable laws.
• Draft appropriate privacy terms and agreements in accordance with Mastercard's standards, review contracts and manage complex negotiations with customers, partners, and vendors.
• Triage and escalate information incidents as needed, analyzing facts in light of applicable privacy and data protection laws, regulations and standards, and making recommendations to drive incidents through to resolution, involving correct stakeholders and team members.
• Monitor for emerging regulatory developments and translate legal terms into business requirements, partnering with relevant teams to do so.
All About You:
• Holds a law degree and OAB membership. Any additional qualifications (e.g., Master of Laws degree) considered an asset.
• Solid experience in privacy, data protection laws, AI and cybersecurity regulations throughout the LATAM region: especially in Brazil, Mexico, Colombia, Argentina and Chile is required.
• IAPP certifications (e.g. CIPP/E; CIPM, CIPT, etc.) are an asset and Familiarity with the EU GDPR is a plus.
• Demonstrated experience supporting product teams through product review and privacy‑by‑design integration, ensuring compliance with privacy, AI, and data protection regulations across LATAM.
• Ability to collaborate closely with Product Attorneys and business stakeholders, providing strategic guidance on data‑driven and high‑tech initiatives.
• Oral and written fluency, including legal drafting and presentation skills, in English and Portuguese is required; advanced conversational in Spanish required.
• Relationships and or experience dealing with data protection regulators in LATAM is considered an asset.
• Availability to work in a hybrid model, being in office 3x per week.
• Superior time management, planning, and organizational skills.
• Strong analytic capabilities and written and oral communication skills. Attention to detail is a must.
• Exceptional interpersonal skills with proven experience in relationship building and partnering. Must work well in both team and individual settings, including across global jurisdictions.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
Abide by Mastercard's security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.
Apply on company website
Find Connections via Linkedin
