VP, Assistant General Counsel, Cybersecurity

About The Position

Requirements

• Juris Doctor (JD) from an accredited law school; licensed to practice in at least one U.S. jurisdiction.
• 8–12+ years of legal experience with a strong background in cybersecurity, data security, privacy, technology law, or incident response.
• Experience in financial services with exposure to broker-dealer and/or investment advisory regulatory environments (SEC, FINRA, MSRB, banking regulators).
• Experience advising on cyber incident response, materiality assessments, regulatory notifications, and supervisory expectations.
• Familiarity with cybersecurity regulations and frameworks, including NYDFS Cybersecurity Rules, state breach laws, Reg S-P, SEC/FINRA expectations, and data protection statutes.
• Experience drafting and maintaining cybersecurity policies, incident response procedures, standards, and playbooks.
• Strong analytical and problem-solving skills, with the ability to translate complex technical concepts into actionable legal guidance.
• Excellent written and verbal communication skills, including experience presenting to executive leadership during time-sensitive events.
• Ability to manage multiple priorities in a fast-paced, high-stakes environment.
• Collaborative mindset with the ability to work across technical, business, legal, compliance, and risk teams.

Nice To Haves

• In-house experience in a financial services or regulated technology environment.
• Experience advising on supervisory exams, regulatory inquiries, and remediation efforts involving cyber or technology controls.
• Knowledge of cybersecurity technologies and ecosystem components (e.g., logging/monitoring, endpoint security, IAM, cloud environments, threat detection platforms) is a plus.
• Strong contract negotiation and drafting skills.
• Familiarity with crisis management practices and communications during cyber or data events
• Cybersecurity & Risk Certifications: ISC2 CC, SSCP, CISSP, or CSSLP CISM, CRISC, or CISA (ISACA)
• Privacy & Data Certifications: CIPP/US, CIPT, CIPM (IAPP)

Responsibilities

• Advise on legal and regulatory obligations applicable to cybersecurity incidents, including materiality assessments, regulatory notifications, disclosure requirements, and client/advisor communications.
• Serve as the primary legal advisor for incident response, working closely with Information Security, Technology, Communications, Compliance, and executive leadership during cyber and data events.
• Monitor and interpret evolving cybersecurity regulations (e.g., NYDFS Cybersecurity Rules, state breach laws, privacy laws, SEC/FINRA expectations) and assess their impact on business operations.
• Support crisis management activities and provide legal guidance on escalation, response coordination, and regulatory engagement during high-priority events.
• Draft, review, and update cybersecurity and incident response policies, standards, procedures, and playbooks, including enhancements to the firm’s incident response program and governance model.
• Provide legal input into cyber tabletop exercises, readiness assessments, and cross-functional simulations to strengthen operational resilience.
• Advise on cybersecurity requirements applicable to third-party service providers, vendor oversight, and technology integrations, including contractual terms, diligence, and supervisory expectations.
• Partner with Information Security to evaluate cybersecurity controls and governance frameworks, including processes related to logging, monitoring, identity and access management, endpoint protection, and vulnerability management.
• Support regulatory examinations, supervisory inquiries, remediation activities, and documentation efforts related to cybersecurity matters.
• Collaborate cross-functionally with Technology, Risk, Compliance, Data Governance, and business teams to support cybersecurity regulatory compliance and operational alignment.
• Educate internal stakeholders on cybersecurity legal risks, regulatory expectations, and best practices to promote a culture of cybersecurity awareness and accountability.

Benefits

• LPL Total Rewards package is highly competitive, designed to support your success at work, at home, and at play – such as 401K matching, health benefits, employee stock options, paid time off, volunteer time off, and more.