Description:

Job Overview:
The ideal candidate will have experience in the legal and practical components of cybersecurity and fraud incident response as a result of at a major law firm, public company or relevant unit of government, and a demonstrable history of solving complex, time-sensitive problems in close partnership with a variety of cross-functional stakeholders. The selected candidate will be a part of the Data Privacy team within An American Business and Financial Software Company's world-class Legal & Compliance Organization.

We believe diversity and inclusion among our teammates produces better results and is critical to our success as a global company. We are committed to recruiting, developing, and retaining the most talented people from a diverse candidate pool.

This role is hybrid with current on-site expectations of 2-3 days per week.

Qualifications:

Eligible to practice law where located and to obtain any multi-jurisdictional license required to support in-house practice in California or state where role is ultimately located.
5+ years of experience working at a major law firm, public technology/financial services company or division of federal or state government (or some combination of those), with experience related to cybersecurity and data management—e.g., incident response and prevention, cybersecurity investigations and litigation, forensic review, data mapping, retention and lifecycle management.
Familiarity with US and EU privacy notification and data protection frameworks.
Demonstrable ability to work across teams to solve complex problems, to communicate for impact, and a drive to learn and grow in the role.
Team mentality; high availability; able to respond quickly to urgent matters in a dynamic and complex environment.

Preferred Qualifications:

Information security or other relevant technology background.
CIPP or CIPT certifications are considered an asset.
Familiarity with leading cybersecurity and data management frameworks including but not limited to CIS Framework, PCI DSS, SOC 2, NIST CSF and NIST SP 800-82, ISF SOGP 2020, ISO 27001, NCSC CAF (UK).

Responsibilities:
Working as a member of the Cybersecurity and Data Lifespan team, you will:

Partner with senior attorneys to provide legal counsel for day-to-day cybersecurity and fraud incident management, leveraging a privacy mindset to assess and advise on legal risk, and manage engagement with internal and external stakeholders.
Assist with the enhancement and automation of An American Business and Financial Software Company's processes to track, report on and develop insights from security incidents.
Assist with the maturation and development of Data Governance at An American Business and Financial Software Company, including specifically supporting efforts to mature programs relating to data retention and deletion across the Enterprise.