TRU Staffing Partners
Senior Counsel, Cybersecurity, Data Litigation, and Data Risk
TRU Staffing Partners, Washington, District of Columbia, us, 20022
Our client, a global automotive leader, is seeking an experienced Senior Counsel, Cybersecurity, Data Litigation, and Data Risk to take on a critical role within its legal team. This position is designed to address a range of evolving legal and technical challenges, including cybersecurity compliance, data breach response, litigation strategy, and collaboration with information security on audits and risk assessments. The ideal candidate will have a solid foundation in cyber and privacy law—with a focus on cyber—combined with technical fluency around data architecture, cloud security, and regulatory frameworks like ISO 27001. This role will work closely with legal and IT leadership and offers the opportunity to help shape how the company manages and protects sensitive information. The position is a hybrid role, requiring three days per week in office in either DC, Detroit, or Chattanooga.
Role Responsibilities :
Oversees legal advice to the Company and provides day-to-day counsel on matters and projects related to areas of expertise (Cybersecurity and Data Risk - 50%) Serves as Chief Information Security Officer’s primary legal advisor and lead lawyer supporting the Cybersecurity team Provides cybersecurity legal advice and compliance support on state, federal, and international laws (UNECE, cyber and data breach legislation, Automated Vehicle legislation, CISA regulations, state “right to repair” laws, etc.) and assists business units in mapping legal frameworks to cybersecurity standards and procedures Advises on responses to international, federal, and state governmental and other external inquiries regarding cybersecurity practices Provides legal support for cybersecurity vendor and application risk management, the information security management system, product development, product regulatory teams, and the Car Security Board, developing new processes and procedures as appropriate Leads tabletop exercises in conjunction with cybersecurity and business Supports cybersecurity and privacy audits and regulatory inquiries Focuses on and advances enterprise-wide compliance with global cybersecurity regulatory requirements, developing new processes and procedures as appropriate Legal support for cybersecurity contract negotiations Participates in industry cybersecurity legal working groups on behalf of the company Provides backup support to privacy legal team as needed, offering privacy legal advice and risk assessments Oversees legal advice to the Company and provides day-to-day counsel on matters and projects related to areas of expertise (Incident Response, Data Litigation, and E-Discovery - 40%) Leads privacy incident response team, advising on incident response, working with internal teams to understand exposures, advising on disclosures, and collaborating with outside counsel, vendors, law enforcement, and other company entities as necessary Manages privacy, cybersecurity, and related data litigation claims, litigation, and regulatory investigations: formulating strategies, assisting with briefs, motions, court pleadings, coordinating witnesses, managing discovery, and other activities Supports the company’s eDiscovery team by providing strategic direction, review, and commentary on legal topics related to eDiscovery and records management, including compliance with procedural rules, statutes, and cross-border laws Assists all OGC case teams in developing eDiscovery strategies aligned with company policies and best practices Supports IT in building and maintaining legally compliant preservation and collection processes Advises on legal risks associated with technology implementation and configuration Supports records management and defensible disposition projects Serves as primary attorney handling subpoenas, warrants, and law enforcement requests Training and Processes (10%)
Attends industry and legal seminars to stay current on laws and regulations Conducts training for business units in relevant legal areas Designs and implements procedures and documentation for responsibilities and activities Qualifications - External
Years of Relevant Experience : Significant experience in law firm, corporate legal department, or equivalent, focusing on cybersecurity, litigation, and privacy law Education - Required : Bachelor’s and Law Degrees from top-tier institutions Membership in good standing in the State Bar of Virginia or another US state, with ability to operate with a Virginia corporate counsel certificate Education - Desired : IAPP certifications (CIPP-US, CIPM, CIPT) Certified Information Systems Security Professional (CISSP) Skills : Sound professional judgment Strong communication skills Ability to analyze legal issues in a business context with a solution-oriented approach Fostering partnership between legal and business units Excellent drafting and communication abilities Client handling skills Attention to detail and organizational skills Negotiation and persuasion skills Presentation skills Resource and people management skills Specialized Skills - Required :
Extensive experience as an attorney and litigator in law firms, regulatory agencies, or in-house roles, related to the topics in this description Experience managing attorneys and legal professionals on cross-disciplinary issues Proven ability to advocate and present to senior executives Quick learner of various legal issues Cybersecurity legal advice experience supporting information security and product development teams Managing privacy and legal aspects of cybersecurity incidents Handling litigation, claims, and regulatory inquiries Knowledge of data privacy laws (GDPR, CCPA, FTC, TCPA, breach notification practices) Experience drafting and negotiating data licenses and privacy/security contracts Managing and advising on eDiscovery within litigation Additional Skills :
Automotive industry experience Strong technical background in cybersecurity, data, and IT infrastructure Supporting privacy by design reviews in product development Advising on privacy compliance and governance in AdTech Experience with global privacy laws and operationalizing privacy compliance German language skills Expected salary for this exempt role is $200,000 - $215,000, commensurate with experience and qualifications.
#J-18808-Ljbffr
Oversees legal advice to the Company and provides day-to-day counsel on matters and projects related to areas of expertise (Cybersecurity and Data Risk - 50%) Serves as Chief Information Security Officer’s primary legal advisor and lead lawyer supporting the Cybersecurity team Provides cybersecurity legal advice and compliance support on state, federal, and international laws (UNECE, cyber and data breach legislation, Automated Vehicle legislation, CISA regulations, state “right to repair” laws, etc.) and assists business units in mapping legal frameworks to cybersecurity standards and procedures Advises on responses to international, federal, and state governmental and other external inquiries regarding cybersecurity practices Provides legal support for cybersecurity vendor and application risk management, the information security management system, product development, product regulatory teams, and the Car Security Board, developing new processes and procedures as appropriate Leads tabletop exercises in conjunction with cybersecurity and business Supports cybersecurity and privacy audits and regulatory inquiries Focuses on and advances enterprise-wide compliance with global cybersecurity regulatory requirements, developing new processes and procedures as appropriate Legal support for cybersecurity contract negotiations Participates in industry cybersecurity legal working groups on behalf of the company Provides backup support to privacy legal team as needed, offering privacy legal advice and risk assessments Oversees legal advice to the Company and provides day-to-day counsel on matters and projects related to areas of expertise (Incident Response, Data Litigation, and E-Discovery - 40%) Leads privacy incident response team, advising on incident response, working with internal teams to understand exposures, advising on disclosures, and collaborating with outside counsel, vendors, law enforcement, and other company entities as necessary Manages privacy, cybersecurity, and related data litigation claims, litigation, and regulatory investigations: formulating strategies, assisting with briefs, motions, court pleadings, coordinating witnesses, managing discovery, and other activities Supports the company’s eDiscovery team by providing strategic direction, review, and commentary on legal topics related to eDiscovery and records management, including compliance with procedural rules, statutes, and cross-border laws Assists all OGC case teams in developing eDiscovery strategies aligned with company policies and best practices Supports IT in building and maintaining legally compliant preservation and collection processes Advises on legal risks associated with technology implementation and configuration Supports records management and defensible disposition projects Serves as primary attorney handling subpoenas, warrants, and law enforcement requests Training and Processes (10%)
Attends industry and legal seminars to stay current on laws and regulations Conducts training for business units in relevant legal areas Designs and implements procedures and documentation for responsibilities and activities Qualifications - External
Years of Relevant Experience : Significant experience in law firm, corporate legal department, or equivalent, focusing on cybersecurity, litigation, and privacy law Education - Required : Bachelor’s and Law Degrees from top-tier institutions Membership in good standing in the State Bar of Virginia or another US state, with ability to operate with a Virginia corporate counsel certificate Education - Desired : IAPP certifications (CIPP-US, CIPM, CIPT) Certified Information Systems Security Professional (CISSP) Skills : Sound professional judgment Strong communication skills Ability to analyze legal issues in a business context with a solution-oriented approach Fostering partnership between legal and business units Excellent drafting and communication abilities Client handling skills Attention to detail and organizational skills Negotiation and persuasion skills Presentation skills Resource and people management skills Specialized Skills - Required :
Extensive experience as an attorney and litigator in law firms, regulatory agencies, or in-house roles, related to the topics in this description Experience managing attorneys and legal professionals on cross-disciplinary issues Proven ability to advocate and present to senior executives Quick learner of various legal issues Cybersecurity legal advice experience supporting information security and product development teams Managing privacy and legal aspects of cybersecurity incidents Handling litigation, claims, and regulatory inquiries Knowledge of data privacy laws (GDPR, CCPA, FTC, TCPA, breach notification practices) Experience drafting and negotiating data licenses and privacy/security contracts Managing and advising on eDiscovery within litigation Additional Skills :
Automotive industry experience Strong technical background in cybersecurity, data, and IT infrastructure Supporting privacy by design reviews in product development Advising on privacy compliance and governance in AdTech Experience with global privacy laws and operationalizing privacy compliance German language skills Expected salary for this exempt role is $200,000 - $215,000, commensurate with experience and qualifications.
#J-18808-Ljbffr