Position Overview: The organization is seeking an accomplished attorney to lead the cybersecurity/data protection/privacy function and oversee regulatory guidance and requirements applicable to its business. This role reports directly to the General Counsel and is accountable for ensuring adherence to all applicable regulatory requirements and internal policies across multiple jurisdictions, while providing strategic oversight of regulatory risk management and corporate compliance function. The role will serve as a key advisor to the executive leadership team.
Key Responsibilities:Cybersecurity and Privacy Strategy & Framework
- Provide compliance governance and credible challenge for the firm's information security program in partnership with the CISO.
- Own privacy governance and program enterprise wide for non-public personal information (NPI) and other sensitive data, including data classification, retention and disposal, incident response, notification, and least-privilege access expectations. Role will serve as primary privacy officer.
- Partner with the CISO to maintain and periodically test incident response and breach notification playbooks (cybersecurity and privacy). Partner with the CISO and other stakeholders as it relates to response/reporting of any triggered incidents.
- Define and report cybersecurity and privacy compliance metrics to senior management and governance forums partnering with the CISO.
- Lead cybersecurity and privacy risk oversight, including contract controls, ongoing monitoring, and issue remediation.
- Establish compliance requirements and monitoring for electronic communications and recordkeeping technology.
- Own the regulatory and company-monitoring aspects of AI governance.
Regulatory Guidance, Risk Management & Oversight
- Lead companywide compliance annual review, compliance risk assessments, monitoring programs, compliance testing, and surveillance activities to identify, assess, and mitigate regulatory risks.
- Oversee regulatory change management, ensuring timely identification, interpretation, and implementation of new and evolving laws and regulations.
- Ensure organizational compliance with applicable federal, state, and international regulatory requirements.
- Serve as the primary liaison with global regulatory authorities, fostering transparent, proactive, and effective relationships.
- Lead responses to regulatory inquiries, examinations, and audits, ensuring appropriate coordination and timely resolution of findings.
- Partner with senior leadership to communicate key compliance risks, emerging trends, and mitigation strategies.
Compliance Strategy & Framework
- Provide strategic oversight of corporate compliance activities, including security, data privacy, records management, review and approval of third-party agreements, and the preparation and submission of regulatory filings and disclosures, ensuring adherence to requirements applicable to registered investment adviser (RIA) operations.
- Manage corrective action plans and remediation efforts, ensuring timely and effective closure of compliance gaps.
- Evaluate internal controls and recommend enhancements to strengthen the organization's compliance and risk management framework.
- Champion a strong culture of ethics, integrity, and risk awareness across the organization through leadership engagement, communications, and training initiatives
- Assist in the development of company-wide compliance training programs.
Qualifications:- Advanced degree (JD) required.
- 10+ years of experience in data protection, cybersecurity, privacy, compliance and regulatory roles within wealth management or financial services
- Proven experience leading global, cross-functional compliance teams and driving enterprise-wide compliance strategies.
- Deep knowledge of regulatory requirements governing RIAs, including SEC rules, fiduciary standards, and compliance program obligations, along with ERISA knowledge and experience
- Strong strategic thinking , with the ability to align regulatory requirements with business objectives and influence senior stakeholders.
- Exceptional analytical skills, with the ability to interpret complex regulatory environments and translate them into practical, actionable guidance.
- Strong leadership and communication skills, with a proven track record of building, developing, and leading high-performing teams.
What We Offer:We're proud to offer a competitive salary, PTO & paid holidays, 401(k) with match, and more. The base salary range for this position is $195,000 - $300,000. The base salary offered will be determined by factors including, but not limited to, experience, credentials, education, certifications, skill level required for the position, the scope of the position, and geographic location. Actual base salary offered will be determined on a case-by-case basis. In addition to the base salary, this position may be eligible for performance-based incentives.
