Title: Director, Senior Counsel
Job Responsibilities:
- Develop and implement a comprehensive strategy for managing third-party supplier risks within the cyber threat domain, focusing on **Members Only**'s Global Supply Chain, Sourcing, and Third-Party Risk Management (TPRM) programs.
- Enable business strategy by providing expert guidance on the legal and regulatory environment and associated risks.
- Foster a culture of accountability and responsibility concerning privacy, data protection, and cybersecurity among employees.
- Ensure compliance with legal and regulatory requirements related to privacy, data protection, AI, and cybersecurity.
- Develop, update, and maintain policies, procedures, and guidelines for managing third-party supplier risks from a privacy, data protection, and cybersecurity standpoint.
- Train business stakeholders and TPRM teams on onboarding, risk assessment, and risk management of third-party supplier risks.
- Engage with third-party suppliers for risk assessments and provide guidance on privacy, data, and cyber controls.
- Consult on the design and operationalization of third-party supplier risk assessment procedures, templates, and documentation.
- Collaborate with key stakeholders, including legal, compliance, technology, enterprise risk, and business teams, to ensure effective risk management practices.
- Lead and manage the onboarding, risk assessment, and risk management of third-party supplier risks.
- Manage and document escalations, risk acceptances, and adoption of mitigating controls during third-party supplier risk assessments.
- Provide advice on escalated third-party supplier contractual negotiations regarding privacy, cyber, and data-related issues.
- Lead and support the negotiation of Data Processing Agreements (DPAs) and other data-related contracts with third-party suppliers.
- Ensure that all contractual agreements comply with relevant privacy, data protection, and cybersecurity regulations.
- Work closely with internal stakeholders to address and resolve any contractual issues or disputes related to privacy, data protection, AI, and cyber laws.
- Provide expert guidance on third-party supplier clauses during contract negotiations to mitigate risks and ensure compliance.
- Provide ongoing oversight of the third-party supplier management program.
- Prepare and deliver regular reports on risk management activities, compliance status, and program enhancements to senior management.
Education and Experience Information:
- Juris Doctor (JD) degree from an accredited US law school.
- Minimum of 10 years of experience in privacy, data protection, cybersecurity, or a related field.
- Strong knowledge of legal and regulatory requirements related to privacy, data protection, and cybersecurity.
- Experience in the technology and financial services industries.
- Proven leadership and management skills, with the ability to lead cross-functional teams and drive organizational change.
- Excellent communication and interpersonal skills, with the ability to engage and influence stakeholders at all levels.
- Strong analytical and problem-solving skills, with the ability to develop and implement effective solutions.
Salary Information:
- In line with **Members Only**’s total compensation philosophy, the successful candidate will be offered a competitive base salary based on location, experience, and other qualifications for the role.
- Pay ranges for various locations are as follows:
- Purchase, New York: $187,000 - $300,000 USD
- Arlington, Virginia: $187,000 - $300,000 USD
- Atlanta, Georgia: $163,000 - $261,000 USD
- Boston, Massachusetts: $187,000 - $300,000 USD
- O'Fallon, Missouri: $163,000 - $261,000 USD
Additional Information:
- **Members Only** is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law.
- **Members Only** offers a comprehensive benefits package for full-time (and certain part-time) employees, including insurance, flexible spending accounts, health savings accounts, paid leaves, 401k with company match, fitness reimbursement, tuition reimbursement, and gender-inclusive benefits, among others.
- All employees are responsible for information security and must adhere to **Members Only**’s security policies and practices.
- The role may include eligibility for an annual bonus or commissions depending on the role.
