Director, Counsel, Privacy & Cybersecurity

About The Position

Requirements

• A law degree and qualification to practice in at least one U.S. state or the ability to qualify.
• 8+ years of legal experience, with a strong focus on privacy, cybersecurity, information security, or technology law.
• Deep understanding of cybersecurity frameworks, standards, and certifications (e.g., NIST CSF, SOC 2, PCI-DSS, ISO 27001).
• Deep understanding of privacy principles, frameworks and laws, with a focus on North American privacy law and regulations
• Experience advising on cybersecurity and privacy issues in complex, regulated environments-preferably in financial services.
• Strong communication skills with the ability to translate technical issues into clear legal guidance and the ability to translate legal guidance into actionable requirements
• Collaborative mindset and ability to work across diverse teams and cultures.
• A proactive, solutions-oriented approach and willingness to challenge the status quo.

Nice To Haves

• CISSP, CIPP, CISM or other relevant cybersecurity or privacy certification.
• Experience with secure and privacy centric software development.
• International legal experience.

Responsibilities

• Provide strategic legal advice on cybersecurity laws, regulations, and frameworks (e.g., NIST, PCI-DSS, SOC 2, ISO 27001, DORA, NIS2), as well as advice on global privacy laws, with a focus on North America
• Draft and refine cybersecurity and privacy policies, risk assessments, and governance frameworks.
• Advise on incident response planning, breach notification obligations, and post-incident reviews.
• Support cybersecurity and privacy -related aspects of contracts, including vendor risk, data security terms, and regulatory compliance.
• Collaborate with business and product counsel to embed security-by-design and privacy-by-design principles across the enterprise.
• Engage with regulators and industry bodies on privacy and cybersecurity initiatives and compliance matters.
• Partner with product, engineering, and business teams to support secure and customer centric development of new technologies and services.
• Monitor emerging cybersecurity and privacy threats, legal developments, and best practices to proactively manage risk.

Benefits

• You will also have access to short-term incentives, multiple health insurance options, accident and life insurance, and access to best-in-class development platforms, to name a few (https://careers.westernunion.com/global-benefits/).
• Flexible Time off
• Medical, Dental and Life Insurance
• Tuition Assistance Program
• Parental Leave