Job description
Job Posting: Cybersecurity & Privacy Counsel
Location: Philadelphia
Position Type: Full-Time
About Us: My client is a leading full-service law firm, known for its commitment to excellence and innovation in providing high-quality legal services. Our firm prides itself on delivering top-tier legal counsel to clients across various industries, with a strong emphasis on technology, data privacy, and cybersecurity. We are seeking an experienced and proactive Cybersecurity & Privacy Counsel to join our growing team and help guide our clients through the increasingly complex and ever-evolving legal landscape of cybersecurity and data privacy.
Job Overview: As a Cybersecurity & Privacy Counsel, you will be a critical part of our firm’s Data Privacy & Security practice group. In this role, you will provide legal advice and support to our clients on a wide range of cybersecurity and privacy matters, including compliance with global data privacy regulations, incident response, risk management, and the development of data protection strategies. You will work closely with other attorneys, clients, and external stakeholders to address complex legal and regulatory challenges in a fast-paced, technology-driven environment.
Key Responsibilities:
- Provide legal counsel to clients on cybersecurity and data privacy matters, including compliance with GDPR, CCPA, HIPAA, and other national and international regulations.
- Advise clients on data protection strategies, risk management, incident response plans, and crisis management during data breaches.
- Assist with drafting, reviewing, and negotiating privacy-related contracts, including data processing agreements, vendor agreements, and cybersecurity clauses.
- Work with clients to develop privacy policies, terms of service, and user agreements in compliance with applicable laws.
- Lead internal investigations and legal responses to data breaches, including advising on breach notification requirements and reporting obligations.
- Stay up-to-date with emerging privacy and cybersecurity laws, regulations, and industry standards.
- Support clients in the implementation and maintenance of cybersecurity frameworks, risk assessments, and audits.
- Represent clients in regulatory investigations, enforcement actions, and litigation related to privacy and cybersecurity issues.
- Develop and deliver client training on data privacy, cybersecurity risks, and legal compliance.
Qualifications:
- J.D. from an accredited law school and admission to the bar in Pennsylvania.
- At least 5+ years of experience practicing law in the areas of cybersecurity, privacy, and data protection.
- Strong understanding of data privacy laws and regulations, including GDPR, CCPA, HIPAA, and other applicable local, national, and international frameworks.
- Experience advising clients on incident response and crisis management related to data breaches and security vulnerabilities.
- Familiarity with key cybersecurity concepts, standards (e.g., NIST, ISO 27001), and technologies.
- Excellent communication skills with the ability to simplify complex legal concepts for clients.
- Strong legal research, drafting, and analytical skills.
- Ability to work independently, as well as collaborate effectively within a team environment.
- Proven ability to manage multiple projects and meet deadlines in a fast-paced environment.
Preferred Qualifications:
- CIPP/US, CIPP/E, or other privacy certifications are a plus.
- Experience in a law firm or corporate legal department with a focus on cybersecurity and data privacy.
- Strong network in the privacy and cybersecurity legal community.
- Prior experience handling regulatory investigations, enforcement actions, and litigation.