Cybersecurity Counsel

About The Position

Requirements

• 5+ years of experience practicing cybersecurity law in a law firm or corporate environment
• Experience with U.S. and global cybersecurity requirements and data protection laws applicable to publicly traded companies that perform work for government and commer cia l customers
• Experience providing legal and strategic advice on cybersecurity and data protection issues, including current and evolving regulatory and contractual obligations, incident response, cybersecurity- related investigations, audits, cyber risk identification and mitigation efforts, and cybersecurity insurance matters
• Experience advising on contractual requirements and drafting and negotiating data security terms in contracts with customers, vendors, and business partners
• Experience collaborating with cross-functional teams to evaluate risks and root causes and to aid in designing and implementing practical mitigation strategies or action plans
• Experience working under pressure, managing multiple complex matters simultaneously, and meeting deadlines in a fast-paced environment
• Knowledge of cybersecurity aspects of U.S. government acquisition regulations such as FAR, DFARS, or HSAR and security certifications and frameworks such as CMMC, ISO, FedRAMP, and NIST
• Ability to listen actively to ensure that the right questions are being asked and answered, translate legalese or regulations into succinct, clear, and workable business solutions, execute against clear goals, priorities, and success met rics or KPIs, and manage against program plans
• J.D. degree
• Active bar admission with any U.S. state bar or the District of Columbia

Nice To Haves

• Experience providing advice on procedures and processes relating to data governance, cloud- related issues and governance, and other areas of emerging technology
• Experience advising on processes and procedures related to artifi cia l intelligence governance and privacy laws
• Experience implementing cybersecurity compliance, including training, communications, risk assessments, audits, concern reporting, and investigations
• Experience advising on cybersecurity aspects of mergers, acquisitions, and other tra nsa ctions
• Experience collaborating with cross-functional teams to provide integrated and durable solutions

Responsibilities

• Serve as t rus ted counsel to leaders on compliance strategy, policies or standards, and risk-based decision making across the enterprise.
• Advise on incident response and cyber events, including escalation decisions, investigations, notifications or reporting considerations, and post-incident remediation activities.
• Guide government-contracting cybersecurity obligations such as FAR DFARS and agency supplements, including flow-down considerations and alignment to recognized frameworks such as NIST, CMMC, FedRAMP, or ISO.
• Partner cross-functionally with Security, Privacy, Compliance, Procurement, Risk, and business teams to translate complex requirements into practical, durable controls and playbooks.
• Support enterprise initiatives such as audits or assessments, cyber risk mitigation planning, third-party risk, and cyber insurance- related legal matters.
• Counsel on contractual cybersecurity requirements and risk allocation, including reviewing, drafting, and negotiating data security and privacy terms with customers, vendors, and partners.

Benefits

• health
• life
• disability
• financial
• retirement benefits
• paid leave
• professional development
• tuition assistance
• work-life programs
• dependent care
• recognition awards program