Data Security & Compliance Counsel

About The Position

Requirements

• Advanced degree (JD) required.
• 10+ years of experience in data protection, cybersecurity, privacy, compliance and regulatory roles within wealth management or financial services.
• Proven experience leading global, cross-functional compliance teams and driving enterprise-wide compliance strategies.
• Deep knowledge of regulatory requirements governing RIAs, including SEC rules, fiduciary standards, and compliance program obligations, along with ERISA knowledge and experience.
• Strong strategic thinking, with the ability to align regulatory requirements with business objectives and influence senior stakeholders.
• Exceptional analytical skills, with the ability to interpret complex regulatory environments and translate them into practical, actionable guidance.
• Strong leadership and communication skills, with a proven track record of building, developing, and leading high-performing teams.

Responsibilities

• Provide compliance governance and credible challenge for the firm’s information security program in partnership with the CISO.
• Own privacy governance and program enterprise wide for non-public personal information (NPI) and other sensitive data, including data classification, retention and disposal, incident response, notification, and least-privilege access expectations. Role will serve as primary privacy officer.
• Partner with the CISO to maintain and periodically test incident response and breach notification playbooks (cybersecurity and privacy).
• Partner with the CISO and other stakeholders as it relates to response/reporting of any triggered incidents.
• Define and report cybersecurity and privacy compliance metrics to senior management and governance forums partnering with the CISO.
• Lead cybersecurity and privacy risk oversight, including contract controls, ongoing monitoring, and issue remediation.
• Establish compliance requirements and monitoring for electronic communications and recordkeeping technology.
• Own the regulatory and company-monitoring aspects of AI governance.
• Lead companywide compliance annual review, compliance risk assessments, monitoring programs, compliance testing, and surveillance activities to identify, assess, and mitigate regulatory risks.
• Oversee regulatory change management, ensuring timely identification, interpretation, and implementation of new and evolving laws and regulations.
• Ensure organizational compliance with applicable federal, state, and international regulatory requirements.
• Serve as the primary liaison with global regulatory authorities, fostering transparent, proactive, and effective relationships.
• Lead responses to regulatory inquiries, examinations, and audits, ensuring appropriate coordination and timely resolution of findings.
• Partner with senior leadership to communicate key compliance risks, emerging trends, and mitigation strategies.
• Provide strategic oversight of corporate compliance activities, including security, data privacy, records management, review and approval of third-party agreements, and the preparation and submission of regulatory filings and disclosures, ensuring adherence to requirements applicable to registered investment adviser (RIA) operations.
• Manage corrective action plans and remediation efforts, ensuring timely and effective closure of compliance gaps.
• Evaluate internal controls and recommend enhancements to strengthen the organization’s compliance and risk management framework.
• Champion a strong culture of ethics, integrity, and risk awareness across the organization through leadership engagement, communications, and training initiatives.
• Assist in the development of company-wide compliance training programs.

Benefits

• competitive salary
• PTO & paid holidays
• 401(k) with match