Cybersecurity and Data Protection Associate General Counsel

Booz Allen Hamilton•McLean, VA

23h•Remote

About The Position

Are you an attorney who is passionate about cybersecurity compliance, information and cloud security, and incident response? Are you looking to combine your legal knowledge with big-picture business thinking to help protect critical operations, enable secure innovation, and deliver enduring value? At Booz Allen, you’ll join a global team of experienced professionals driven to excel and realize values-driven change for our clients, colleagues, and communities. We bring bold thinking to complex challenges across analytics and artificial intelligence, cyber, digital solutions, engineering, and advising, serving industries ranging from defense and national security to health, energy, and international development. In this role, you’ll work closely with leaders across Enterprise Cybersecurity, the Chief Information Office, cloud and technology teams, and business leadership to anticipate compliance needs and develop practical governance structures with agility and action. You’ll establish trusted partnerships across the company and collaborate with fellow members of the Legal, Ethics & Compliance team to help strengthen Booz Allen’s cybersecurity posture while supporting secure cloud deployment, incident response readiness, and evolving business needs. Guided by Booz Allen’s purpose and values, together we’ll anticipate and proactively prepare for the issues we’ll encounter tomorrow. Your work will focus on helping the firm navigate complex compliance, cloud security, and incident response obligations in a highly regulated and government-facing environment. Due to the nature of work performed within this facility, U.S. citizenship is required. Join us. The world can’t wait.

Requirements

7+ years of experience with a law firm or in-house cybersecurity, compliance, cloud, incident response, or data protection
Experience advising on NIST, CMMC, FedRAMP, FAR, or DFARS frameworks and requirements
Experience supporting cybersecurity compliance programs, audits, assessments, or remediation efforts
Experience advising on incident response, investigations, and reporting obligations
Experience counseling on cloud security and technology deployments
Ability to manage multiple priorities in a fast-paced environment
Ability to translate complex legal requirements into practical business guidance
J.D. degree

Nice To Haves

Experience with federal government contracts
Experience with cloud governance or secure system deployment in regulated environments
Experience with privacy, data governance, AI governance, or crisis management
Experience supporting market-facing technology or product teams
Experience working with engineers, security teams, architects, or developers

Responsibilities

Provide legal advice on Booz Allen’s cybersecurity program, including counseling on compliance with key regulatory requirements and frameworks, such as NIST, CMMC, FedRAMP, FAR, and DFARS, as well as advice on secure cloud deployments and related governance.
Partner with Enterprise Cybersecurity to evaluate cybersecurity controls and governance frameworks, including processes related to identity and access management, logging, monitoring, endpoint protection, and vulnerability management.
Provide legal advice on incident response processes, standards, and playbooks and serve as legal advisor for incident response, working closely with related functions on investigations, reporting, and remediation.
Advise on cybersecurity requirements applicable to third party service providers, vendor oversight, and technical integrations.
Counsel on cybersecurity considerations affecting client-facing solutions, products, and other go-to-market activities.
Educate internal stakeholders on cybersecurity legal and compliance risks, regulatory expectations, and best practices.