Experience
8 yrs required
Location
Washington, DC, United States
Posted on
Nov 27, 2022
Profile
Senior Corporate Counsel - Cybersecurity and Data Lifespan
The candidate will partner closely with the Security Operations team and other cybersecurity and anti-fraud professionals across the Company in their day-to-day efforts to secure the firm's systems and our customers' data. Report to the Director, Deputy General Counsel—Cybersecurity and Data Lifespan, this lawyer will make a meaningful contribution to strategic priorities related to cyberthreat preparedness, and to projects related to data lifecycle management across all of the firm's products and services. Lead attorney for day-to-day cybersecurity and fraud incident management, leveraging a privacy mindset to assess and advise on legal risk, and manage engagement with internal and external stakeholders as necessary and appropriate. Assist in the Company's response to litigation and/or external investigations related to cybersecurity or privacy topics. Assist with ongoing strategic assessment and improvement of the firm's cyberthreat preparedness, and implementation of systems monitoring that both safeguards the Company’s resources and respects individuals’ privacy rights. Assist with the maturation and development of Data Governance at the firm, including specifically supporting efforts to mature programs relating to data retention and deletion across the Enterprise. Should have 8+ years of experience working at a combination of major law firm, public technology/financial services company or division of federal or state government, with significant experience related to cybersecurity and data management—e.g., incident response and prevention, cybersecurity investigations and litigation, forensic review, data mapping, retention and lifecycle management. Experience advising on US and EU privacy notification and data protection frameworks is required. Experience advising clients on and working with leading cybersecurity and data management frameworks CIS Framework, PCI DSS, SOC 2, NIST CSF and NIST SP 800-82, ISF SOGP 2020, ISO 27001, NCSC CAF (UK) is preferred. Information security or other relevant technology background is preferred. CIPP or CIPT certifications considered an asset.
Company info
Sign Up Now - EmploymentCrossing.com