E*TRADE, a dynamic publicly-traded financial services firm is seeking an Information Security and Data Counsel. The Director, Associate General Counsel will report to the SVP, Bank General Counsel and will be the primary lawyer for the Information Security and Technology teams ensuring compliance with applicable information and cyber security laws and best practices, and advising on enterprise wide data management.
Assist and advise on the Company’s information security risk management, compliance and governance frameworks to ensure that they are consistent with relevant laws and regulations and the Company’s policies, procedures and business goals.
Advise on development and implementation of the Company’s Enterprise Data Management Program and related initiatives.
Provide leadership in the design and evaluation of information security and data management related projects so that business activities are conducted appropriately, including with regard to retention of external vendors and advisors.
Conduct periodic impact assessments in coordination with the organization’s other compliance and operational assessment functions.
Participate as a key stakeholder in the Company’s Incident Response Plan.
Advise on remedial actions concerning information security and data management policies and procedures in collaboration with other stakeholders.
Track and monitor development of legal, regulatory and industry best practices developments and, as warranted, assist and advise in the periodic revision of the information security and data management programs, with a particular focus on regulatory developments and guidance issued by the FFIEC, the Federal Reserve, the OCC, FINRA and the SEC.
Assist in the development of information security and data management training materials to train employees and third parties on the Company’s policies, procedures and data handling practices.
Collaborate with internal audit to with respect to the internal and external information security and data management audit programs.
JD and a minimum of 8 years’ of legal experience within the financial services sector (in-house experience preferred), including substantial experience in information security and data management matters.
Extensive experience in writing policies, procedures and guidance documents, with an exceptional attention to detail.
Highly motivated, self-starter with a demonstrated ability to work independently, and strong analytical, communication and organizational skills.
Excellent interpersonal skills and ability to work in a highly collaborative, team-oriented environment, while demonstrating an ability to influence and drive change.