OverviewCyber / Security / DORA Legal Consultant - Contract Review EMEA - URGENT!My client, a leading giant in the world of banking and payments technology, is looking to hire the above in their UK / Ireland office.ResponsibilitiesReviewing contracts in the EMEA region. Interface with counterparts in client and vendor organizations to ensure our clients' cybersecurity requirements are upheld.Information Technology Fundamentals: Grasping the basics of computer networks, systems architecture, software development lifecycles, and cloud computing enables attorneys to understand the underlying technologies referenced in cyber contracts.Cybersecurity Principles: Familiarity with concepts such as encryption, authentication, access control, incident response, and vulnerability management is essential for evaluating security-related clauses and obligations.Legal Frameworks: Comprehensive understanding of national and international legal regimes governing data security, privacy (e.g., GDPR, DORA), and electronic transactions.Skills/TechnicalEstablishing Scope: Clarity about the scope of services, technologies used, and the parties’ respective responsibilities is achieved through detailed technical descriptions within the contract.Specifying Security Requirements: Contracts often stipulate compliance with standards like ISO/IEC 27001, NIST Cybersecurity Framework, or PCI DSS. Attorneys must understand these frameworks to appropriately reference them and interpret obligations.Mandating Security Controls: Detailed requirements may include network segmentation, endpoint protection, regular penetration testing, or use of specific encryption algorithms.Incident Response Procedures: Outlining steps for responding to cyber incidents, including identification, containment, notification, and remediation, and assigning roles and responsibilities for each phase.Data Handling Provisions: Attorneys draft clauses dictating how data will be collected, stored, processed, transferred, and deleted, often referencing technical mechanisms like anonymization or pseudonymization.Cross-border Data Transfers: Ensuring compliance with international transfer mechanisms such as Standard Contractual Clauses, Binding Corporate Rules, or adequacy decisions.Privacy by Design: Embedding privacy considerations into contracts by requiring service providers to implement privacy-enhancing technologies from the outset.Seniority levelMid-Senior levelEmployment typeContractJob functionInformation Technology and LegalIndustriesFinancial Services, Banking, and Information Services
#J-18808-Ljbffr