Overview
Cyber / Security / DORA Legal Consultant - Contract Review EMEA - URGENT!
My client, a leading giant in the world of banking and payments technology, is looking to hire for its UK / Ireland office.
Responsibilities
* Reviewing contracts in the EMEA region. Interface with counterparts in client and vendor organizations to ensure our clients' Cybersecurity requirements are upheld.
Personal Responsibilities
* Work closely with internal teams to explain complex legal concepts in straightforward, accessible terms, ensuring everyone understands their roles and responsibilities within the context of cybersecurity contracts.
* Collaborate with our clients Relationship Managers to facilitate clear communication, address contractual matters, and support the alignment of legal requirements with business objectives.
* Engage directly with clients and client attorneys to clarify contractual language, resolve legal questions, and foster productive relationships that support mutual understanding and successful outcomes.
Skills / Technical
* Establishing Scope: Clarity about the scope of services, technologies used, and the parties’ respective responsibilities is achieved through detailed technical descriptions within the contract.
* Specifying Security Requirements: Contracts often stipulate compliance with standards like ISO/IEC 27001, NIST Cybersecurity Framework, or PCI DSS. Attorneys must understand these frameworks to appropriately reference them and interpret obligations.
* Mandating Security Controls: Detailed requirements may include network segmentation, endpoint protection, regular penetration testing, or use of specific encryption algorithms.
* Incident Response Procedures: Outlining steps for responding to cyber incidents, including identification, containment, notification, and remediation, and assigning roles and responsibilities for each phase.
* Data Handling Provisions: Attorneys draft clauses dictating how data will be collected, stored, processed, transferred, and deleted, often referencing technical mechanisms like anonymization or pseudonymization.
* Cross-border Data Transfers: Ensuring compliance with international transfer mechanisms such as Standard Contractual Clauses, Binding Corporate Rules, or adequacy decisions.
* Privacy by Design: Embedding privacy considerations into contracts by requiring service providers to implement privacy-enhancing technologies from the outset.
Seniority level
* Mid-Senior level
Employment type
* Contract
Job function
* Information Technology and Legal
* Industries: Financial Services, Banking, and Information Services
#J-18808-Ljbffr