Data Privacy - Transactional Attorney in Phoenix, AZ

In-House

Phoenix, AZ

Data Privacy - Transactional Attorney in Phoenix, AZ

Attorney

Min 5 yrs required

No

Job Title: Associate General Counsel - Cybersecurity

Job Responsibilities:
The Associate General Counsel for Cybersecurity is primarily responsible for supporting and enhancing the comprehensive information security program at the company. This includes ensuring compliance with federal cybersecurity regulatory requirements to protect data and interests of federal customers, program beneficiaries, and other stakeholders. Key responsibilities include:

- Bridging legal and cybersecurity programs to address ongoing and upcoming regulations.
- Crafting a global compliance strategy and tracking evolving cybersecurity regulations and guidance applicable to the company's federal contracts.
- Supporting the implementation of and compliance with regulatory requirements for CCN and T-5 programs, as well as related federal and state law requirements.
- Advising leadership over IT and Information Security functions regarding current and expected future state requirements.
- Working with cross-functional partners and closely coordinating with the Information Technology and Information Security functions.
- Addressing regulatory and legal considerations arising from the handling of confidential data, including personal data and government confidential unclassified information.
- Supporting and counseling on responses to cyber events and related investigations.
- Assisting with monitoring subcontractor and vendor compliance.
- Providing expert guidance on implementation of cybersecurity regulations.
- Educating on regulatory issues and providing guidance on risk.
- Advising leadership to build processes to meet contract and regulatory cybersecurity obligations.
- Driving transparency with clear communications on critical risks.
- Liaising with Security leadership to incorporate strategy into the program framework.
- Collaborating with legal and privacy teams to assess and communicate adherence to new regulations.
- Reviewing regulatory trends and recommending risk mitigation strategies.
- Developing and implementing a comprehensive training program on cybersecurity matters.
- Building and managing relationships with business, IT, legal, and regulatory leaders to drive continuous improvement of the program.
- Providing legal advice to departments and committees on cybersecurity legal/regulatory issues.
- Drafting and reviewing miscellaneous legal documents and correspondence.
- Researching current issues and developments related to cybersecurity and impacts of existing and proposed regulations.
- Performing legal research and preparing memoranda on other legal issues as assigned.
- Assisting with the development and monitoring of internal regulatory compliance procedures.
- Functioning on standing and ad hoc committees as a representative of the Legal department as assigned.
- Assisting with training and implementation to ensure legal compliance with requirements.
- Reviewing and revising company policies and procedures.
- Ensuring employees and committee members are aware of and in compliance with applicable laws and regulations.
- Educating staff and committee members on legal requirements as appropriate.
- Advising senior leadership of the legal ramifications of past and proposed company actions.
- Performing other duties as assigned.
- Maintaining regular and reliable attendance.

Education and Experience:
Required:
- Juris Doctor degree from an accredited law school.
- License to practice law in the state where legal services will be primarily provided.
- At least 5 years of experience as a practicing attorney at a law firm, government, or in-house supporting cybersecurity.
- . Citizenship.
- Ability to receive a favorable Interim and adjudicated final Department of Defense (DoD) background investigation.
- Familiarity with federal laws, regulations, and guidance regarding cybersecurity, including FAR/DFARS, NIST 800-171, CMMC, etc.
- Excellent written and verbal communication skills.
- Experience advising in connection with cybersecurity compliance and managing cyber incidents.

Preferred:
- Certifications relevant to the cybersecurity field (., CISSP, CISM, CIPP).
- Experience advising federal government contractors.
- Experience reviewing, drafting, and negotiating cybersecurity language in commercial agreements.
- Familiarity with US State privacy and cybersecurity laws and regulations.
- Familiarity with VA and DoD healthcare programs.

Salary Information:
The position offers an approximate annual salary of $244,000, with potential for frequent pay raises, overtime opportunities, recognition and reward programs. The company provides a comprehensive and progressive compensation and benefits package that includes medical, dental, and vision coverage, generous paid time off, a 401(k) retirement savings plan with matching, short-term and long-term disability, basic life, and accidental death and dismemberment insurance, tuition reimbursement, and paid volunteer time.

The company is committed to equal employment opportunities and values diversity. It encourages candidates from all backgrounds to apply and considers applicants based on merit without discrimination on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or any other consideration made unlawful by applicable federal, state, or local laws.