Attorney in Washington, DC

In-House

Washington, DC

Attorney in Washington, DC

Non-practicing Attorney

Min 10 yrs required

No

Manager, Cybersecurity & Regulatory Compliance

Job Responsibilities:

- Develop, implement, and lead cybersecurity compliance programs and related strategies to ensure adherence to relevant laws, regulations, and industry standards.
- Lead and manage compliance-related projects, ensuring timely and successful completion.
- Provide guidance on compliance standards and procedures across the department, leading compliance initiatives including training, communications, and cross-functional projects.
- Serve as a liaison with Product Security Compliance and implement core cybersecurity compliance initiatives.
- Monitor changes in regulatory requirements and update compliance programs accordingly.
- Work with cross-functional teams and advisors (legal counsel and audit firms) to develop compliance strategies and ensure alignment with organizational goals.
- Drive continuous improvement initiatives and automation solutions to enhance operational efficiency, quality, and productivity.
- Evaluate information security provisions in vendor and customer contracts and provide guidance for compliance with corporate policies and guidelines.
- Develop and deliver training programs on cybersecurity compliance requirements.
- Prepare and present compliance reports to senior management and regulatory bodies as required.
- Stay current with the cybersecurity regulatory space and trends and incorporate this knowledge into compliance strategies and programs.

Education:

- JD preferred
- Bachelor's degree or equivalent combination of training and experience

Experience and Skills:

- 10+ years of experience in compliance, risk, and governance programs, with significant exposure to cybersecurity, information security, and technology.
- Proven expertise in managing regulatory compliance strategy and implementation matters with international experience.
- In-depth understanding of cybersecurity frameworks such as NIST, ISO 27001, or SOC2.
- Solid understanding of cybersecurity regulations, such as FISMA, PCI, EU NIS2, EU Cyber Resilience Act, and/or UK Cyber Essentials.
- Ability to interpret regulatory requirements and translate them into actionable policies and procedures.
- Experience in negotiating and conducting reviews for information security requirements in contracts with customers or vendors.
- Experience with risk assessment tools and methodologies.
- Ability to develop and continuously improve actionable processes and drive projects to successful completion.
- Excellent written and verbal communication skills.
- Experience with compliance management systems and tools.
- Experience with risk management principles and implementations.
- Commitment to continuous improvement and staying current with regulatory requirements and emerging trends.
- Ability to work in a fast-paced, dynamic environment and adapt to changing regulatory requirements.
- Strong organizational skills with the ability to prioritize tasks and manage time effectively.

Salary Information:

The company offers a competitive salary and comprehensive benefits package, including health, dental, and vision insurance, 401(k) plans with company match, generous paid time off, and employee wellness programs. Additionally, opportunities for professional development, career advancement, and a collaborative, innovative work environment are provided. Employees enjoy access to various work-life balance initiatives, employee assistance programs, and additional perks.

The company is an EEO/Affirmative Action Employer and does not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or any other legally protected status.