We Offer The position will be responsible for legal advisory support in relation to existing and emerging cybersecurity-related privacy and data security matters for Credit Suisse as a senior member of the Global Legal Data Protection & Sourcing team. The position will involve cross-team collaboration within General Counsel and with key business partner groups, including the Group Chief Technology Office (CTO), Chief Information Security Office (CISO), Technology Risk Management (TRM) and Data Protection Officer (DPO) functions.
Job responsibilities include:
Legal advisory role for cybersecurity-related matters, working closely with and supporting a number of business and functional business partners across the organization. This will include assessing and advising upon legal risks under meaningful data protection and cybersecurity laws and regulations, coordinating with colleagues within General Counsel, the Group DPO and other functional groups.
Supporting and collaborating with CTO and CISO colleagues on group policies and procedures to ensure that adequate technical and administrative controls are implemented in compliance with applicable cybersecurity and data protection laws and regulations.
Participating in data security incident legal assessment and responses affecting Credit Suisse with the support of external counsel (where appropriate).
Supporting and collaborating with contract functions, including Sourcing General Counsel colleagues on transactions, by providing advice on global cybersecurity laws and regulations, meaningful policies and position(s), and implications for cybersecurity and data protection safeguards/controls, including training and assisting with creation and updates of contract templates.
Maintaining up-to-date knowledge of global cybersecurity and related data protection laws and regulations, monitoring financial services authority developments, legal enforcement trends, and industry practice trends.
Credit Suisse maintains a Working Flexibility Policy, subject to the terms as set forth in the Credit Suisse United States Employment Handbook.
You have a Juris Doctorate or equivalent is required and a licensed attorney in good standing in at least one US state or another jurisdiction.
You have a minimum of seven years' experience in private practice and/or in-house in a MNC (preferably a financial institution) with shown experience advising on cyber security and privacy laws and regulations in multiple jurisdictions (including, but not limited to, NIST, ISO, SEC Cybersecurity Mentorship, Gramm-Leach Bliley Act, US HIPAA, HITECH, and EU GDPR). Litigation experience preferable.
You have deep understanding of technical concepts and creative tools and resources that may impact cybersecurity and data protection such as controls within data lakes, AI and machine learning.
You have proven ability and to draft, analyze and advise in a dedicated and effective manner in relation to complex data protection and cyber security projects and arrangements across different client and functional groups and at various levels within the bank.
You combine a keen to detail, structured and goal-oriented working style with a conceptual and analytical way of thinking, which allow you to advise in a creative and pragmatic manner in response to complex and meaningful problems whilst at the same time applying a high ethical and control standards.
You are able to work independently under time pressures in a fast-paced and continually evolving legal and regulatory environment with a strong ability to handle multiple tasks and projects concurrently, effectively prioritizing in real time, to ensure maximum effectiveness and value to the bank.
Internal Number: 5843739
About Credit Suisse -
eFinancialCareers is a career site specializing in financial services.