Cybersecurity Counsel

This organization is seeking a Cybersecurity Counsel to join its Legal team, reporting to the Global Privacy Lead. This role involves providing expert legal advice on cybersecurity risks and compliance with global cybersecurity laws, enhancing incident detection and response, and supporting data privacy incident responses. The counsel will also guide regulatory audits, contribute to the global privacy program, and stay updated on data security laws and technological developments to ensure a unified approach to data protection and responsible AI governance.

Must Have

• Provide legal advice on cybersecurity risks and compliance
• Improve incident detection and response processes
• Support cybersecurity investigations and data privacy incidents
• Guide security audits
• Enhance global privacy program
• Stay updated on data security laws and tech developments
• Juris Doctor and active state bar membership
• 7+ years experience in cybersecurity legal practice
• Expertise in global privacy and cybersecurity laws (GLBA, SEC, NYDFS, GDPR, DORA, AI Act)
• Experience in legal negotiation, drafting, and policy updates

Perks & Benefits

• Remote work
• Medical insurance
• Flexible time off
• Retirement savings plans
• Modern family planning

One company built from many blocks, all united by the same purpose of economic empowerment. The blocks that form our foundational teams — People, Finance, Counsel, Hardware, Information Security, Platform Infrastructure Engineering, and more — provide support and guidance at the corporate level. They work across business groups and around the globe, spanning time zones and disciplines to develop inclusive People policies, forecast finances, give legal counsel, safeguard systems, nurture new initiatives, and more. Every challenge creates possibilities, and we need different perspectives to see them all. Bring yours to this organization.

The Role

We are looking for an attorney for the Legal team, focusing on cybersecurity, to help us support this organization's purpose of economic empowerment. Reporting into our Global Privacy Lead, you will support a best-in-class cybersecurity legal function and be at the forefront of privacy, AI, and data protection issues. If you're ready to take on the challenge of shaping the future of privacy in a leading technology company, we want to hear from you.

You Will

• Provide expert legal advice to our teams as it relates to managing cybersecurity risks and compliance with global cybersecurity laws and regulations.
• Build and improve incident detection and response processes.
• Provide support and counsel during cybersecurity-related investigations and the response to data privacy incidents, including breach notification and mitigation strategies, to minimize impact and maintain trust.
• Provide legal guidance on regulatory, third-party, and internal security audits, and work with teams to scope and perform periodic security hygiene assessments, mitigation and remediation.
• Help enhance the global privacy program, including privacy operations and documentation, employee training on data privacy and security obligations, promoting a culture of awareness and compliance throughout the organization, policy enforcement, privacy compliance program monitoring and auditing, and third-party risk assessment.
• Collaborate with the global legal team to align security and privacy practices across the organization, ensuring a unified approach to data protection.
• Remain up-to-date on relevant data security laws and regulations, industry approaches to privacy program management, and on privacy and security technological developments, threat vectors, and evolving industry standards to provide solutions to complex issues.
• Help prepare board and executive presentations, regulatory filings, and other legal disclosures to ensure accuracy and completeness of cybersecurity representations.
• Support global AI governance, helping the business teams continue innovating responsibly.

You Have

• Juris Doctor and active membership in at least one state bar
• 7+ years of experience as a practicing attorney in a law firm, government agency, or in-house legal team, with a substantial number of those years focused on cybersecurity and incident response.
• Subject matter expertise regarding global privacy and cybersecurity laws and regulations (including, among others, U.S. state laws and international data protection frameworks, GLBA, SEC, and NYDFS cybersecurity requirements, and the EU's GDPR, DORA, and AI Act).
• Strategic vision and ability to spot issues and communicate complex legal issues to a variety of legal and non-legal partners across the organization.
• Experience negotiating, drafting, and updating documents and policies.

We're working to build a more inclusive economy where our customers have equal access to opportunity, and we strive to live by these same values in building our workplace. This organization is an equal opportunity employer evaluating all employees and job applicants without regard to identity or any legally protected class. We will consider qualified applicants with arrest or conviction records for employment in accordance with state and local laws and “fair chance” ordinances.

We believe in being fair, and are committed to an inclusive interview experience, including providing reasonable accommodations to disabled applicants throughout the recruitment process. We encourage applicants to share any needed accommodations with their recruiter, who will treat these requests as confidentially as possible. Want to learn more about what we're doing to build a workplace that is fair and square? Check out our I+D page

.

While there is no specific deadline to apply for this role, U.S. roles are typically open for an average of 55 days before being filled by a successful candidate. Please refer to the date listed at the top of this job page for when this role was first posted.

This organization takes a market-based approach to pay, and pay may vary depending on your location. U.S. locations are categorized into one of four zones based on a cost of labor index for that geographic area. The successful candidate’s starting pay will be determined based on job-related skills, experience, qualifications, work location, and market conditions. These ranges may be modified in the future.

To find a location’s zone designation, please refer to this resource

. If a location of interest is not listed, please speak with a recruiter for additional information.

Zone A:

$217,800—$326,800 USD

Zone B:

$202,600—$303,800 USD

Zone C:

$191,700—$287,500 USD

Zone D:

$185,200—$277,800 USD

Use of AI in Our Hiring Process

We may use automated AI tools to evaluate job applications for efficiency and consistency. These tools comply with local regulations, including bias audits, and we handle all personal data in accordance with state and local privacy laws.

Contact us at privacy@block.xyz

with hiring practice or data usage questions.

Every benefit we offer is designed with one goal: empowering you to do the best work of your career while building the life you want. Remote work, medical insurance, flexible time off, retirement savings plans, and modern family planning are just some of our offering. Check out our other benefits.

_