SAS Institute Inc. Corporate Counsel, Ethics and Compliance in Tervuren, Belgium

Corporate Legal Counsel, Ethics and Compliance

This individual will support and enhance the privacy, anti-corruption, and trade law compliance program for SAS Institute Inc.’s global operations focusing primarily on SAS’ operations in Europe, Middle East, Africa, and Turkey (EMEAT). This individual will report to SAS’ headquarters-based Vice President and General Counsel – Ethics and Compliance, and will collaborate with and receive guidance from SAS’ Chief Privacy Officer and Senior Compliance Counsel, and SAS’ EMEAT-based Chief Privacy Strategist and Regional General Counsels. This person will serve primarily as the regional privacy and data protection subject matter expert and will provide oversight of privacy and data protection compliance for EMEAT operations. This person will also work to assist the Ethics and Compliance headquarters team and local counsel and other SAS staff in ensuring anti-corruption law compliance risks are addressed in SAS’ EMEAT region in line with SAS’ global strategy and anti-corruption program. Additionally, this person will act as a liaison between the Ethics and Compliance team at headquarters and regional counsel and business unit leaders on export and import law compliance matters such as trade sanctions and anti-boycott law compliance. The individual should be able to consider compliance efforts in the broader organizational compliance context, and will work in a cross-functional capacity, consulting and advising various groups within the organization. The individual should be able to manage and prioritize among multiple projects.

Job Responsibilities:

  • Develop, execute and maintain regional privacy and data protection compliance policies and processes, including internal processes to assess and address privacy and security-related implications of new initiatives and offerings, all in coordination with global privacy strategies and applicable international, national, and local privacy laws and requirements.

  • Draft, maintain and manage the execution and submission of documentation to ensure compliance with applicable privacy and data protection laws.

  • Assist government affairs personnel with the review of proposed privacy and data protection legislation and regulations impacting the organization’s global operations.

  • Provide guidance and training through the EMEAT organization on privacy and data protection matters.

  • Support self-assessments and audits to detect and remediate privacy and data protection gaps.

  • Support development and implementation of policies and action plans to ensure readiness for and proper reporting of privacy and information security incidents.

  • Assist multiple business functions in continuous review and improvement of incorporation of “privacy by design” in their regular business processes.

  • Coordinate with Chief Privacy Officer, Chief Privacy Strategist, and local legal counsel on investigation of and response to privacy inquiries from local data protection authorities.

  • Other duties as assigned and necessary within the company to ensure compliance policies are maintained corporate wide and to promote the company’s ethics and compliance program, including:

  • assisting with the administration of the corporate wide anti-corruption and trade law programs,

  • overseeing compliance investigations, audits and assessments as necessary

  • benchmarking compliance program components and

  • providing in-person training across the EMEAT region.


  • JD or equivalent degree from an accredited law school

  • 5+ years PQE

  • Licensed to practice law by an authorizing entity of an EMEAT jurisdiction at a level similar to being admitted to and a member in good standing of at least one U.S. state bar / equivalent

  • Understanding of data privacy and protection laws and regulations, including in particular the EU General Data Protection Regulation (GDPR) and the EU ePrivacy Regulation

  • Native or nearly native speaking and writing proficiency in English


  • Certified Information Privacy Professional (CIPP) Certification

  • Prior experience managing privacy and information security-related compliance initiatives

  • Working knowledge of local and international anti-corruption law compliance and regulatory requirements and compliance best practices

  • Previous experience in legal and regulatory compliance and corporate investigations

  • Education or experience in the field of cryptography

  • Experience with software development and distribution processes

  • Experience in the software, cloud computing and information technology services sectors

  • Previous in-house corporate counsel and regulatory compliance experience

  • Excellent verbal and written skills; proficiency in one or more EMEAT languages in addition to English; strong personal computer skills

  • Proactive team player that garners respect on and off the job

Equivalent combination of education, training, and relevant experience may be considered in place of the education requirement stated above.

Location and Travel:

This position will be based in Brussels, Belgium or one of SAS’ other main European offices with a requirement to travel occasionally throughout Europe, the Middle East, Africa, and Turkey.

About SAS:

SAS believes in the whole employee experience. Meaningful work. Empowerment to make a difference that changes people’s lives. Dynamic work environments that foster innovation. And an award-winning culture that makes it all possible. We believe great ideas can come from anywhere. Whether you're a university recruit, or an experienced professional ready for the next big challenge, SAS brings perks, passion, and the potential to grow. No limits.


Want to stay up to date on SAS culture, products and jobs? Follow us on LinkedIn

Requisition ID: 20019265

Travel Requirements: 25%