Privacy and Cybersecurity Associate Attorney

A law firm in Austin, TX is seeking a Privacy and Cybersecurity Associate Attorney to join their team. This role involves leading projects, interfacing directly with clients, and developing comprehensive compliance programs. The ideal candidate will have 3-5 years of practical experience in data privacy counseling, with a focus on implementing state privacy laws and addressing compliance in sectors such as financial and health/life sciences.

Duties:

• Lead privacy and cybersecurity projects and interface directly with clients.
• Conduct compliance gap assessments and develop comprehensive compliance programs.
• Draft and review privacy policies, procedures, and guidance, including data subject request (DSR) procedures, incident response plans, and incident response tabletop exercises.
• Develop contracting templates and playbooks, and provide advice on data sales/sharing and targeted advertising.
• Provide practical advice on state privacy laws (e.g., CCPA, WA MHMD) and adtech regulations (e.g., TCPA, CAN-SPAM, DAA/NAI/IAB self-regulatory rules).
• Assist clients in determining priorities, managing risks, and implementing compliance programs.
• Offer specialized advice for sectors such as financial services and health/life sciences, including experience with GLBA, CalFIPA, FCRA, HIPAA, and state health privacy laws.
• Manage matters independently or significant segments of large/complex matters, ensuring projects are pushed to completion.
• Collaborate effectively within a team and maintain a collaborative, congenial work environment.

Requirements:

• 3-5 years of practical data privacy counseling experience.
• Specific experience with state privacy laws and adtech regulations is required.
• Strong preference for experience with the financial and health/life sciences sectors and relevant regulations.
• Excellent organizational skills and attention to detail.
• Strong verbal and written communication abilities.
• Ability to prioritize workload and manage competing demands.
• Proven ability to work under pressure and provide practical advice based on risks.
• Experience in large law firms is required; boutique specialists may be considered.
• Certified Information Privacy Professional certifications (CIPP-US, CIPT, CIPM) are preferred but not mandatory.
• Must be admitted to practice in the jurisdiction.

Education:

• Juris Doctor (JD) degree from an accredited law school.

Certifications:

• Certified Information Privacy Professional (CIPP-US, CIPT, CIPM) preferred but not mandatory.

Skills:

• Strong organizational and detail-oriented skills.
• Excellent verbal and written communication skills.
• Ability to independently manage projects and complex matters.
• Collaborative approach with a capacity to work well in a team environment.
• Strong judgment and practical problem-solving abilities in data privacy and cybersecurity issues.