Legal Counsel, Cybersecurity (Hybrid)

Description:

Description:
About Us:
At An Insurance Company, we are a team of entrepreneurs. We believe in protecting and supporting the aspirations of individuals, families, and businesses. We help our clients evaluate their risks and develop solutions tailored to their needs. We believe in empowering our employees to learn, grow, and make a difference. Our structure enables our teams to maintain their own unique, regional culture while leveraging support and resources from our corporate centers of excellence.

An Insurance Company is one of the largest global insurance and employee benefits broker, providing a boundaryless array of business insurance, employee benefits, risk services, personal insurance, retirement, and private wealth management products and services. With over $5 billion in revenue and almost 20,000 employees in 600 offices throughout North America, An Insurance Company has grown substantially, in part due to our industry leading success in mergers and acquisitions.

About the role:
An Insurance Company is looking for a Legal Counsel, Cybersecurity, who will be responsible for providing expert legal advice on cybersecurity matters. This attorney will work in close cooperation with An Insurance Company's Information Security function, ensuring compliance with relevant regulations and industry standards, supporting cyber incident management, and security terms contract negotiation.

Responsibilities:

• Monitor, analyze, and provide legal advice on existing and emerging cybersecurity laws and industry frameworks, including GLBA, NYDFS, and HIPAA
• Prepare SEC-required cyber disclosures.
• Support incident management and collaborate closely with information security function and Senior Privacy Counsel, including advising on legal risk and data breach notification requirements.
• Contribute to the ongoing improvement of cybersecurity-related legal templates & playbooks and incident response paybooks; assist with Incident Response tabletop exercises.
• Review and support the negotiation of cybersecurity terms in contractual documents .
• Manage regulatory reporting and registration requirements under cybersecurity laws.
• Work with engineering and product teams to translate legal obligations into technical requirements.
• Assist with risk assessments and provide guidance on mitigating cybersecurity risks.
• Provide awareness and compliance training to legal colleagues and business clients on cybersecurity matters, including incident response.

Requirements:

• Juris Doctorate (JD) degree is required, as well as being a member of a State Bar in good standing.
• Minimum of five (5) years' relevant experience in-house or at a law firm.
• Cybersecurity subject matter expertise and experience interacting with data privacy authorities and/or regulatory agencies.
• Strong research, writing, and analytical abilities.
• Ability to work with complex legal documents.
• Experience working effectively within a team-oriented collaborative organization with an eagerness to learn the insurance brokerage industry, if needed.
• Experience or strong interest in the insurance brokerage industry, financial services, or other related regulated industry is a plus.
• Proficient in the use of Microsoft Word and Teams, required; PowerPoint, Excel and SharePoint competence is preferred.
• Demonstrated record of providing substantive/technical legal advice and support to clients.
• Strong project management skills, including ability to manage multiple projects simultaneously and effectively to completion.
• Positive client-service attitude.
• Detail-oriented, with excellent organizational skills.
• Exercises good judgment.
• Ability to issue-spot and summarize key points succinctly.
• Ability to be flexible and adaptive.
• Intellectual curiosity and a high degree of integrity.
  

---