Director General Counsel, Information Security And Privacy

The Options Clearing Corporation Chicago , IL 60602

Posted 2 months ago

Job Details:

Director, General Counsel, Information Security and Privacy will provide legal advice on routine and complex business matters to internal clients and assist in managing legal risks faced by Corporation relating to privacy and information governance.

  • Serve as main point of contact for the provision of legal services to the information technology department and the security services group of the enterprise risk management department.

  • Act as subject matter expert for the legal function by providing specialized legal and regulatory advice to internal clients on a variety of matters, with an emphasis in the areas of information technology, cybersecurity, information governance, and privacy.

  • Assist the Company in preparing for examinations by

  • Monitor proposed legislation, and ensure the Company is apprised of legal developments in matters concerning information security and governance, privacy, and business continuity.

  • Be familiar with and advise internal clients on specific regulations applicable to OCC, including the SEC's Regulation Systems Compliance and Integrity (Reg. SCI) and the CFTC's Systems Safeguards, and any legal developments in matters concerning information security and governance, privacy, and business continuity.

  • Work on Corporation projects, which include, but are not limited to, researching and advising internal clients on legal and regulatory issues associated with privacy, data loss prevention, cyber-security, records management, and information governance; support regulatory inspections of company technology systems.

  • Advise internal clients on compliance with respect to applicable laws affecting privacy, records management, data and information security, and interpret OCC's By-laws and Rules and policies and procedures thereunder.

  • Develop and provide in-house training and education on regulatory and legal issues pertaining to: information technology ad governance, cybersecurity, data loss prevention, records management, and privacy.

  • Assist with general litigation matters, including the administration of legal holds and general discovery, as well as, enforcement actions relative to OCC's By-laws and Rules.

  • Review, draft, and provide advice regarding policies, procedures, memoranda and business communications relative to the foregoing and other areas on an as needed basis.

  • Interface with outside counsel, as needed, with respect to matters described above.

  • Manage medium to high complexity matters with a significant degree of independence.

  • Perform other duties as required.

Qualifications/Education:

  • Experience in one or more of the following areas: information security, privacy, cyber-security, information governance, litigation, records management, and e-discovery.

  • Knowledge and familiarity with laws, rules, regulations, and industry standards concerning one or more the above-mentioned practice areas, including but not limited to knowledge of Regulation SCI.

  • Experience working with regulated financial institutions or, alternatively, experience in software or other technology companies.

  • Ability to communicative effectively with security and risk professionals, engineers, software developers, product development, Human Resources, and other teams.

  • Strong writing, analytical, and communication skills.

  • Ability to communicate effectively with both non-technical and highly technical individuals across different departments.

  • Well-organized and capable of managing several significant assignments at the same time.

  • Ability to work independently, and quickly shift priorities in response to changing business environment.

  • Comprehensive analytical, conceptual, and problem solving skills.

  • Ability to work collaboratively with internal business clients from different departments and at various levels of seniority as well as outside counsel.

  • Ability to promptly produce high-quality, detailed work product.

  • Excellent written and oral communication skills.

  • Excellent client management skills.

  • Juris Doctor or equivalent degree from a law school accredited by the American Bar Association.

  • 7-10 years of related experience either at a law firm or in-house.

  • Degree from accredited college or university

  • Admitted to practice law in Illinois or Texas

Step 1

When you find a position you're interested in, click the 'Apply' button. Please complete the application and attach your resume. Step 2

You will receive an email notification to confirm that we've received your application.Step 3

If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location. For more information about OCC, please click hereOCC is an Equal Opportunity Employer


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Security Privacy Manager

Inteliquent

Posted 1 week ago

VIEW JOBS 11/4/2018 12:00:00 AM 2019-02-02T00:00 The Challenge Every day, Inteliquent completes millions of phone calls and text messages for the biggest telecommunication companies in the United States. Wireless carriers, cable companies, CLECs and broadband service providers depend on the quality, reach and reliability of the Inteliquent network to deliver more than 17 billion minutes of voice traffic per month. This position will play an integral role in variousCyber Security and Data Privacy Programs in safeguarding information assets, systems and network as well as contributing to the company's growth forward with Information Security and Privacy aspects including GDPR. Our Information Security Programs are based on international standards and sponsored by executive decision makers. This is a great opportunity for a successful candidate who is passionate about information security especially in risk management. What you do * Strategic * Contribute to the improvement of Inteliquent's strategy to enhance Cybersecurity and Data Privacy control, Assurance and Compliance capabilities. * Support the Cybersecurity agenda within Inteliquent, including driving business/functional stakeholder engagement. * Cybersecurity Leadership * Advocate best practices and Cybersecurity awareness to improve Inteliquent security program maturity, both culturally and technically. * Provide coaching and mentoring for employees and contractors, maturing Cybersecurity awareness, best practices and Secure development expectations. * Lead efforts in implementing and managing ISMS, Privacy Shield and GDPR. * Risk Management * Provide continual improvement in security and privacy programs and dynamically enhance People, Process and Technology towards Cyber Resiliency. * Oversee and provide SME hands-on contributions in the areas of security and privacy risk management * Work with cross-functional teams to appropriately mitigate risks timely. * Policy Management * Provide SME contribution in the areas of security and privacy plans, policies, standards and procedures such as Written Information Security Program (WISP) Cyber IRP, DDoS Playbook, GDPR, Privacy Shield, Vendor Management, Vulnerability and Patch Procedures, BCPs, etc. * Security Awareness * Promote awareness and advocate Security & Data Privacy throughout the company * Manage and improveEmployee Security Awareness program. * Compliance * GDPR, Privacy Shield * ISO 27001, 27002, 22301 * SSAE 16/18 SOC 2/3 * Other * Security administrative duties * Exception management. What you'll need to succeed Education & experience * BS or MS degree in related discipline * 5 or more years of progressive hands-on experience in security including policy development and risk management * 1 or more years of experience in data privacy compliance * Proficient expertise in developing and implementing various risk management models, tools, and metrics. Ability to collect, evaluate, and summarize risk data into a company risk profile, and recommend risk reduction program priorities. * Auditing or Implementing experience in at least two of GDPR, NIST Cybersecurity framework (CSF), ISO 27001/27002/22301, SSAE 16 SOC 2/3, Privacy Shield or EU-US Safe Harbor * At least two security certifications such as CISSP, CRISC, CISM, ISSMP, GIAC, CIPM, CIPP/US, CBCM or CEH. * Hands-on Microsoft Office, Online meeting and other business tools * Reasonable understanding of Operating Systems, Network, DNS, Databases, Cyber Threats. Attributes * Self-driver, persistent and confident for preparing an organization to become cyber resilience. * Excellent organization skills and ability to multi-task with can-do attitude. * Ability to be flexible, proactive, and to comprehend quickly. * Excellent written and oral communication skills. * High level of initiative and resourcefulness. * Operate with a considerable degree of credibility and business sense. * Must be able to write and talk in security policy language. Preferred Experience * Auditor or Implementor for Security and Privacy Compliance * FedRAMP, CJIS * A technical background The awesome sauce Our most successful stars are committed to continuous improvement; check out our core competencies: * Competitive "All-In" * Customer-Focused * Data Driven * Innovative * Integrity/Credibility * Intellectual Curiosity Your success defined * Your passion in Data Privacy, Security and Compliance, Information Security as a business enabling function * Strong analytical ability with the capability to determine the root cause of problems and issues and provide solutions * Ability to work and lead effectively as part of a team * Demonstrate success in building and nurturing long-term business relationships without compromising security and data privacy. This job description is not designed to contain a comprehensive listing of activities, duties, or responsibilities that are required. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities at any time. Onvoy is an Affirmative Action and Equal Opportunity Employer Inteliquent Chicago IL

Director General Counsel, Information Security And Privacy

The Options Clearing Corporation