Data Privacy - Transactional Attorney in Washington, DC

In-House

Washington, DC

Data Privacy - Transactional Attorney in Washington, DC

Attorney

5-7 yrs required

No

Job Title: Senior Counsel - Data Governance, Privacy, and Cybersecurity

Job Responsibilities:
The Senior Counsel at the company will be responsible for providing strategic legal advice on data governance, privacy, cybersecurity, and emerging artificial intelligence issues. The role involves advising clients on complex legal, regulatory, and policy questions related to data privacy and protection, including federal and state laws, healthcare privacy laws like HIPAA, Canadian provincial laws, and cybersecurity frameworks such as CMMC, NIST, ISO 27001, and HITRUST. The Senior Counsel will draft, review, and negotiate contracts related to privacy, cybersecurity, AI, and data protection, creating templates and playbooks for efficient management of contracting issues.

The position requires assessing and mitigating harms from privacy and cybersecurity incidents, conducting reviews of technology proposals with privacy, cyber, and AI risks, and offering solutions based on privacy and security by design concepts. The Senior Counsel will be expected to manage competing projects with agility, provide strategic insights for compliance, and develop governance mechanisms for emerging data and technology laws. The role requires strong decision-making and communication skills, especially during time-sensitive incidents or high-risk business proposals. The Senior Counsel must also demonstrate the ability to work with compliance professionals and define operational targets through partnership and communication.

Education and Experience Information:
Candidates must have a minimum of 5-7 years of experience as a lawyer with a focus on privacy, data governance, and cybersecurity. Prior in-house experience and cross-functional collaboration in a multi-national company are preferred, as is legal work with healthcare companies. A degree from an accredited law school and admission in good standing with a US state bar are required. The role is comparable to a seasoned, senior associate in a law firm, capable of conducting sophisticated counseling and client management with limited supervision.

Minimum Skills, Knowledge, and Ability Requirements:
Candidates should be familiar with privacy, cybersecurity, and AI laws and regulations, including cyber disclosures to regulatory bodies like the SEC. Knowledge of healthcare-specific laws, particularly HIPAA, is advantageous. The role requires the ability to manage outside counsel, liaise with experts, and align legal requirements with business strategies. Experience advising senior leadership on risk management and mitigation strategies is crucial, as are strong soft skills for handling incident management and risk escalation. Possession of certifications like CIPP, CIPM, AIGP, CIPT, or CISSP is preferred. Excellent negotiation, prioritization, multi-tasking, and client management skills are essential.

Salary Information:
The salary range for this full-time position is $121,000 - $186,230, reflecting a national average. Actual salaries may vary based on location, with specific states potentially having ranges up to 10% lower or 12% higher than the stated minimum and maximum.

Equal Employment Opportunity:
The company is committed to providing equal employment opportunities without discrimination based on race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status, or any other protected class. The company prohibits harassment and ensures that recruiting, training, compensation, benefits, promotions, and transfers comply with equal opportunity principles. Reasonable accommodations for individuals with disabilities are provided during the employment process, consistent with legal requirements.