Download App | FOLLOW US ON SOCIAL MEDIA
 Upload Your Resume   Employers / Post Jobs 

Data Privacy Attorney in Chicago, IL

United Airlines, Inc (UAL) Apr 27,2022 Location USA Chicago IL
This job is expired...

In-House

Attorney

Data Privacy

Min 5 yrs required

Profile

Counsel – Cybersecurity Duties: Accountable for all aspects of information security and cybersecurity. Analyze new and current laws and regulations and advise the business on information security and cybersecurity obligations and carry out information security and cybersecurity compliance operations. Work closely with cross-functional teams, including senior management, and collaborate with Privacy counsel to provide information security and cybersecurity strategy and guidance to support operations and new initiatives. Advise Cybersecurity and Digital Risk team on appropriate information security and cybersecurity controls to comply with global regulatory requirements and best practices and translate legal requirements into technical design requirements. Draft, negotiate and advise the business on the information security and cybersecurity aspects of contracts and advise Cybersecurity and Digital Risk team in United’s vendor risk management program. Advise Incident Response team in connection with potential incidents, including response, remediation and legal risks and requirements. Advise the Vulnerability Management team in connection with the resolution of vulnerabilities and information sharing. Advise Cybersecurity and Digital Response team in connection with security audits and compliance matters. Guide the continued improvement of the United’s global cybersecurity program. Coordinate with outside counsel as necessary with respect to information security and cybersecurity matters. Conduct risk assessments and develop work plans to address identified risks. Collaborate with Privacy counsel on data protection compliance initiatives. Work with Privacy counsel to provide training to relevant employee groups. Serve as subject matter expert in developing and enhancing data governance strategies. Build and maintain relationships with private and public sector entities focused on information security and cybersecurity.

Qualification and Experience

Qualifications: JD required; Membership in good standing in a state Bar. Should have 5+ years of information security and cybersecurity experience. In-house, government or large firm private practices experience. Extensive understanding and experience in evolving global cybersecurity programs and appropriately tailoring strategies and policies to fit business needs and risks. Experience working with data protection authorities. Experience working with law enforcement and national security authorities. Experience leading data breach and incident response investigations. Experience in developing working on policy issues related to information security and cybersecurity, investigations, threat sharing as it intersects with privacy and cybersecurity. Substantial experience with cybersecurity standards, frameworks, risk assessments, and certification processes, such as NIST, ISO and other compliance frameworks. Cybersecurity technology knowledge, including the ability to effectively communicate with cybersecurity professionals and the ability to translate technical issues to legal risk in a clear and concise manner. Excellent communication skills. Effective business writing and presentation skills combined with strong interpersonal communication abilities enable individuals to work effectively with a wide range of technical and practical aspects of the business. Excellent management and project management skills and business judgment with a capacity to make decisions and give practical business/legal/compliance advice. Ability to create and maintain strong collaborative relationships with business partners. Ability to provide effective guidance and assistance to the Deputy General Counsel, Chief Compliance Officer, Legal team and business stakeholders.

Additional info

Job ID: WHQ00019844

Company info