The LCO provides support to the company by providing sound legal advice to craft and maintain an effective compliance management system to cover compliance to applicable laws, and by ensuring that the contracts entered into by the company are reviewed.
By reporting to the VP of Operations, the LCO helps to manage and improve the regulatory and privacy risk framework of the company to avoid regulatory, legal, financial, and reputation/brand risks.
The LCO is expected to provide support to the company primarily in drafting company policies and performing other actions necessary to meet legal and regula requirements, address audit findings and management instructions. The LCO is also expected to propose other policies necessary to be established, and monitor the implementation of company policies addressed to company clients, employees, and stakeholders. The LCO is further expected to advise the stakeholders on its obligations in performing its duties in privacy, security, and operations in contracts to be entered into. In case of conflict, the LCO shall serve as the primary contact person with respect to compliance to policies.
Roles and Responsibilities:
- Serve as primary point person for providing advice on legal matters and concerns of the company, including corporate, HR, and regulatory affairs.
- Craft and propose external communication materials including policies, press statements, and public advisories in relation to the company’s legal and compliance compliance.
- Ensure that any outsourced process for legal and compliance is performed by the outsourced contractors.
- Lead in proposing and drafting timely and relevant policies for the protection of company clients, employees, teams, and operations.
- Review company policies as may be required and reporting findings and recommendations to the stakeholders
- Create plans and workflows for maintenance and management of continuous business operations.
- Work with HR, Sales, Marketing, Product, Research, and Engineering teams in planning action plans to avoid recurrence of issues and process improvement
- Lead in promoting compliance culture in the company by conducting training and awareness campaigns
- Ensure complete and accurate records of audit, breaches, and closure of items
- Lead in research of other legal and compliance matters as assigned by the company
- Conduct other tasks as may be required from time to time to support the company
- Support internal and external clients on privacy, legal, and compliance queries
- Review contracts, including data sharing and outsourcing agreements
- Prepare reports and act as liaison for legal matters with government and supervising agencies for legal and compliance matters.
- Support the Data Protection Officer in performing core functions as per the Data Privacy Act of 2012, including upholding data privacy rights and management of breaches.
GRC and Audit
- Advise the management in implementing a sound corporate governance framework in the company
- Assess and determine risks in company operations by conducting risk assessment, business impact analysis, gap analysis, and identify other risks, and propose action plans.
- Collaborate with stakeholders to avoid the occurrence, mitigate, or close security, privacy, and operational risks
- Serve as internal audit of the company in conducting spot or scheduled audit of company operations and records.
- Prepare reports to the management on legal and compliance matters
- Cascade legal and compliance issues to the stakeholders and expected actions from them.
- Keep abreast with and cascade laws, relevant news, and regulatory issuances from supervising agencies, and industry standards or best practices.
- Ensure timely and accurate submission of compliance reports (issue description, risk rating, and resolutions) to the DPO and VP of Operations
- Report to Heads of Departments on regular status updates and able to call for special meetings if needed
- Ability to exemplify integrity and leadership skills
- Keen on details
- Contract review
- Policy drafting
- Excellent organizational skills
- Ability to keep confidential information
- Excellent oral and verbal communication skills
- Establishment of legal and compliance program
- Security incident and data breach management
- Documentation and timely reporting of action plans
- Effective record-keeping of contracts, policies, and reports to address audits,
- International laws on employment, security, privacy, and corporate licenses
- Ability to work in a fast-paced environment and with different teams to maintain the company's compliance culture
- Basic knowledge in IT systems and databases
- Corporate governance
- Labor and employment laws and regulations, labor management
- Data Privacy Act of 2012 (Republic Act No. 10173), privacy and data protection
- Cybercrime prevention act of 2012 (Republic Act No. 10175)
- Corporate restructure, merger, and acquisition
- Foreign laws on business establishment and licenses
- Business continuity
- Compliance and operational best practices in the local and global market, including due diligence, anti-fraud, anti-bribery and corruption
- Social media and marketing practices
- Issuances and regulations from local supervision authorities such as the Securities and Exchange Commission (SEC), Department of Labor and Employment (DOLE), National Privacy Commission (NPC), Philippine Competition Commission (PCC).
- Finished any four-year course
- Preferably with experience in working as a paralegal
- Has completed at least a legal program (Juris Doctor).
- At least 2 years experience in privacy and information security.
- The candidate is expected to be engaging and manifest confidence and reliability in acting as subject matter expert in legal and compliance matters during meetings.
Perks and Benefits
- Paid Holidays
- Paid Vacation Leave
- Paid Sick Leave
- Paid Bereavement/Family Leave
- Maternity & Paternity Leave
- Medical / Health Insurance
- Free Lunch or Snacks
Feel secure when applying: look for the verified icon and always do your research on a company. Avoid and report situations when employers require payment or work without compensation as part of their application process.