Information & Cyber Security Attorney

About The Position

Requirements

• Strong understanding of information security risk assessment, risk management, and governance to effectively advise on legal and regulatory risk and control alignment.
• Demonstrated experience with industry frameworks and standards such as NIST Cybersecurity Framework, SSAE 16, PCI, and ISO 27001/27002, and how these are applied within regulated environments.
• Juris Doctor (JD) degree with 4–6 years of experience practicing law, preferably within a financial services, insurance, technology, or highly regulated environment.
• Proven ability to build strong relationships and effectively collaborate with peers, business leaders, and legal stakeholders at all levels of the organization.
• Knowledge of information security and cybersecurity governance models and control frameworks
• Ability to interpret and apply regulatory requirements to cybersecurity and technology operations
• Experience supporting security audits, regulatory engagements, and contractual security obligations

Responsibilities

• Review, draft, and negotiate security‑related provisions in contracts with TransUnion vendors and other third parties.
• Advise Global Information Security and Global Technology teams on domestic and international laws, regulations, and standards impacting security operations.
• Partner with cross‑functional teams, including senior business and legal stakeholders, to provide cybersecurity and information security legal guidance supporting operations and new initiatives.
• Collaborate with Tech Risk Governance, Insider Threat, Vulnerability Management, and Incident Response teams to assess, manage, and resolve security risks, threats, and vulnerabilities.
• Support TransUnion’s Global Compliance team on security audits, regulatory examinations, and related compliance matters.
• Monitor and advise on changes in laws, regulations, and industry standards that may impact TransUnion’s short‑ and long‑term security and business strategy.
• Provide clear, practical guidance to senior leaders, including the General Counsel, on cybersecurity‑related legal and risk considerations.

Benefits

• Day-one eligibility for medical, dental, and vision coverage
• Supplemental plan options
• Spousal, domestic partner, and other eligible dependent coverage is available on select plans.
• Tax‑advantaged HSA and FSA accounts to make everyday care more affordable.
• Company‑paid basic life and AD&D
• Optional voluntary life and AD&D for you and your family
• Short‑ and long‑term disability
• Legal plan
• Pet insurance
• Travel accident coverage
• Adoption assistance
• Fertility planning coverage
• Caregiver support
• Access Dependent Care FSA for possibility of an employer match
• Complimentary Care@Work membership
• Up to 12 weeks of paid parental leave with eligibility for a thoughtful, gradual return.
• 401(k) with employer match
• Employee Stock Purchase Plan (ESPP)
• Financial wellness resources
• Career coaching
• Optional long‑term care insurance
• Tuition reimbursement
• Flexible time off for exempt employees or paid time off for nonexempt employees
• Up to 12 paid holidays per year
• Commuter benefits
• Employee discounts
• Charitable gift matching
• Paid volunteer time off
• Corporate volunteer events
• 24/7 support including professional therapy, coaching, and emotional well‑being programs alongside guided meditation and resources that support physical, mental, social, and financial wellness.