Support PDF,DOC,DOCX,TXT,XLS,WPD,HTM,HTML fils up to 5MB
Years of Experience
Date Last Verified
ProfileData Protection Attorney, Vice President The candidate will have strong focus and proven track record on data protection. Analyze and apply, federal, state, and international laws and corporate policies related to data protection, applicable to the bank’s operations. Advise on and help assess information-security risks associated with technology products, systems, networks, and operations in diversified financial services. Identify business requirements resulting from existing, new and evolving laws, regulations, and government and industry standards and guidelines that directly or indirectly apply to information security and data protection, in the U.S. and globally; e.g., GLBA, NIST, FFIEC, PCI DSS. Advise on data breach response and notification; consistent with applicable federal, state and international laws; work closely with the regulatory affairs office in managing communications, coordination, and technical assistance with federal, state, and non-U.S. officials and law enforcement. Advise and work closely with information security, risk and compliance managers (including the bank’s privacy office and the incident response team) and other corporate support functions and attorneys in the above areas, and support them in the identification of risks, development of strategies and practical operational processes towards data protection (including defense, preparedness and response). Assist in connection with responses to government requests for data and follow corporate policies and the bank’s interests for such responses, ensuring compliance with laws and regulations. Manage conflict of laws issues arising from cross border data requests.
Qualification and Experience
The candidate must of J.D. or equivalent Law Degree. Must be admitted to at least one state Bar (NY or CA preferred) – active/good standing. Privacy qualification or certification such as, CIPP/US, CIPM, CIPT is needed. Experience in global financial services and with financial regulators is preferred. Should have 8-10 years relevant experience at a major law firm or corporate legal department. Will consider candidates with 5 years of experience for those with strong data protection experience. Must have knowledge of, and practical experience with, federal and state data protection and data breach notification laws and regulations including NYDFS’ cybersecurity regulations. Strong interpersonal, organizational and problem-solving skills. Should have ability to present complex issues in a clear and concise manner and provide succinct results-oriented legal advice. Must have strong influencing and leadership skills, including decisiveness on both legal and business issues. Familiarity with BigData, APIs; laws related to e-commerce, and mobile commerce; self-regulatory regimes like APEC, Direct Marketing Association and CTIA is desired. Proficiency in other languages is preferred.