Senior Counsel - Cyber and Incident Response

About The Position

Requirements

• JD required, with license in good standing to practice law in at least one jurisdiction.
• 8–10 years’ experience in cybersecurity law, incident response, and adjacent disciplines (privacy, data governance, technology, AI).
• Demonstrable expertise working in and with incident response programs, breach notification laws, and global regulatory frameworks.
• Ability to analyze technical facts – including those in forensics and incident reports - and translate them into legal and operational guidance.
• Strong foundation in governance, risk, and compliance with experience leading cross-functional programs.
• Experience working with technology and product teams to implement controls and standards.
• Excellent communication skills—able to distill complexity and present confidently to senior audiences.
• Collaborative mindset and ability to influence without authority across diverse stakeholder groups.
• Experience in global organizations or multi-jurisdictional environments.

Nice To Haves

• Experience with cyber insurance coverages and interactions with cyber insurers.
• Technical skills such as Proficiency in AI and ML fundamentals (e.g., algorithms, model lifecycle, data pipelines).
• Understanding of cloud platforms and infrastructure (Azure, AWS, GCP) and how they support AI workloads.
• Knowledge of software engineering principles (APIs, microservices, version control).
• Certifications such as CIPP/US, CIPP/E, CISSP, or GIAC; experience with cloud security, SaaS environments, or large-scale digital platforms.

Responsibilities

• Strategically enhance the global incident response program, including policies, processes, and communications that ensure timely and comprehensive response.
• Partner with the CISO, global technology, and product teams to translate principles into practical controls and implementation guidance.
• Lead contractual negotiations, risk reviews, and recommend mitigations balancing innovation with accountability for cybersecurity vendors and products.
• Track emerging laws, regulations, and technologies to ensure our governance approach remains forward-looking and globally relevant.
• Advise on breach notification obligations across multiple jurisdictions and regulatory engagement during incidents.
• Support cybersecurity and incident response initiatives in collaboration with global stakeholders—helping the business understand responsibilities and opportunities.
• Engage senior leadership with clear, actionable insights on cyber and related risks, trends, and strategic decisions.
• Work closely with outside counsel, leading forensics firms, and other vendors critical to incident response programs.
• Represent the company in regulatory discussions and industry forums on cybersecurity and risk governance.

Benefits

• Medical, vision, dental and mental health benefits for you and your family, with access to a health care concierge, and Flexible or Health Savings Accounts (FSA or HSA)
• Free concert tickets, generous paid time off including paid holidays, sick time, and personal days
• 401(k) program with company match, stock reimbursement program
• New parent programs including caregiver leave and baby bonuses, plus fertility, adoption, foster, or surrogacy support
• Career and skill development programs with School of Live, tuition reimbursement, and student loan repayment
• Volunteer time off, crowdfunding match