Director – Cyber Legal Counsel
Location: Whippany
Posted on: June 23, 2025
|
|
|
Job Description:
Barclays have an excellent opportunity for a Cyber Legal Counsel
to join the Cyber Legal team, based in Whippany.
Purpose of role Director, Cyber Legal Counsel’s
role will specifically involve, among other things: Legal and
regulatory risk management support to CISO, CSO, Resilience, and
Technology stakeholders and senior committees; Compliance with
cybersecurity related laws, rules, and regulations; Regulatory
reporting re cybersecurity and technology incidents; Third and
fourth party security issues; Optimizing external legal spend; and
Engaging in industry thought leadership. Essential Skills/Basic
Qualifications: Qualified cyber lawyer with at least extensive
applicable in-house, law firm, or government experience;
Exceptional communication and writing skills; Willingness to work
at least 3 days per week from Barclays’ offices in Whippany, New
Jersey. Desirable skills/Preferred Qualifications: Experience
interpreting and advising on global cybersecurity regulations as
applied to a control environment; Experience advising during
cyber-attack or data breach; and Experience working for or with
government security, intelligence, and/or law enforcement agencies.
About Cyber Legal Barclays’ Cyber Legal Team (“Cyber Legal”) is
part of the Barclays Execution (“BX”) Legal function. Cyber Legal
provides a shared service across the entire organization advising
on all legal and regulatory issues and risks relating to
cybersecurity, with a focus on supporting the Chief Information
Security Office (“CISO”), the Chief Security Office (“CSO”) and its
Joint Operations Centres (“JOC”), and the Operational Resilience
(“Resilience”) function. Cyber Legal partners extensively with
other Barclays Legal teams that include Data Privacy Legal; AI &
Emerging Tech Legal; Financial Crime Legal; Litigation,
Investigations & Enforcement; Commercial, Innovation & Technology
Legal and other specialist Legal colleagues and business coverage
Legal teams. Cyber Legal’s work primarily involves: Incident
Preparedness and Response: Establishing incident response plans,
tri-partite agreements with law firms and cyberforensic vendors;
Socializing and training on practices for limiting regulatory and
litigation exposure from cyberattack; and Supporting day-to-day on
internal and third party cybersecurity and technology incidents,
including w/r/t business impact, data issues, regulatory
notifications and public disclosures. Governance, Risk, &
Compliance: Advising Barclays Chief Information Security Officers
and Resilience leads on governance practices, and emerging legal
and regulatory risks; and Serving as Legal Coverage Leads for Cyber
on bank-wide program for compliance with all applicable
cybersecurity laws, rules, and regulations. Intelligence:
Establishing agreements and maintaining relationships with law
enforcement & industry groups; and Advising on threat intelligence
collection from surface and dark web sources, and sharing to public
and private partners. Public Disclosures: Preparing and socializing
annual and ad hoc cybersecurity and resilience disclosures.
Internal Investigations: Supporting CSO internal investigations
into insider threats, data leakage, physical security threats, and
criminal activity by staff; and Facilitating law enforcement
engagement. Physical Security: Coordinating agreements with law
enforcement; Advising on physical security incidents and bespoke
issues. Third Party Security Risk Management: Advising on security
terms; supporting CISO’s Third Party Security Management team. Red
Team and Penetration Testing: Reviewing and advising on internal
Red Team operations. Crisis Management: Drafting communications,
regulatory notifications; creating and exercising runbooks.
Transactions: Supporting Legal colleagues with interpretation and
negotiation of cybersecurity clauses and related due diligence.
Resilience: Supporting stakeholders efforts toward workforce and
technology recovery planning, Resilience scenario testing,
Resilience by design, and contingent processes; Assessing
requirements for Important Business Services, Resilience Scenario
Testing, Resilience by Design, and Contingent Processes. Education
and Training: Delivering substantive training for security
stakeholders and Legal colleagues. Industry Leadership:
Participating actively in the broader network of in-house cyber
legal counsel. Key Accountabilities The role of Director, Cyber
Legal Counsel will require: Capacity to advise heads of business
and infrastructure teams on sensitive, complex, and strategic legal
and regulatory issues; Expertise regarding the proper treatment of
cybersecurity incidents and issues—whether internal, external,
cross-border, or otherwise—from identification to resolution;
Engagement with regulators and law enforcement; A nuanced
understanding of global cybersecurity legal and regulatory
framework; Ability to anticipate and advise on industry
developments; and A professional manner that is above reproach and
exemplifies Barclays Values. You may be assessed on the key
critical skills relevant for success in the role, such as those
relating to risk and controls, change and transformation, business
acumen, strategic thinking, as well as job-specific technical
skills. This role is located in New York. Minimum Salary: $270,000
Maximum Salary: $330,000 The minimum and maximum salary/rate
information above include only base salary or base hourly rate. It
does not include any other type of compensation or benefits that
may be available. Purpose of the role To help ensure that the
Cyber, Data, IP & Emerging Tech Legal activities are conducted in
compliance with applicable laws and regulations, and to help the
bank manage legal and reputational risks associated with these
activities. Accountabilities Development and implementation of best
practice legal strategies for risk management and compliance. Legal
advice and support to the business on cybersecurity, data privacy,
intellectual property (IP) and emerging tech matters, including
cybersecurity and data privacy incidents, IP protection and
technology deployment. Representation of the bank in legal
proceedings related to cybersecurity, data privacy, IP protection
and emerging tech, such as litigation, arbitration, and regulatory
investigations. Creation and review of legal documents such as data
protection policies, cybersecurity protocols, IP licenses and
emerging tech policies to ensure compliance with applicable laws
and regulations. Legal research and analysis to stay up to date on
changes in laws and regulations that may impact the banks
cybersecurity, data privacy, IP protection and emerging tech
practices. Developing and delivering training programmes to educate
employees on legal and regulatory requirements related to
cybersecurity, data privacy, IP protection and emerging tech.
Pro-active identification, communication, and provision of legal
advice on applicable laws, rules and regulations (LRRs). Keeping up
to date with regards to changes to LRRs in the relevant coverage
area. Ensuring that LRRs are effectively allocated to, and
adequately reflected within, the relevant policies, standards and
controls. Director Expectations To manage a business function,
providing significant input to function wide strategic initiatives.
Contribute to and influence policy and procedures for the function
and plan, manage and consult on multiple complex and critical
strategic projects, which may be business wide They manage the
direction of a large team or sub-function, leading other people
managers and embedding a performance culture aligned to the values
of the business. Or for an individual contributor, they lead
organisation wide projects and act as deep technical expert and
thought leader, identifying new ways of working and collaborating
cross functionally. They will train, guide and coach less
experienced specialists and provide information affecting long term
profits, organisational risks and strategic decisions Provide
expert advice to senior functional management and committees to
influence decisions made outside of own function, offering
significant input to function wide strategic initiatives. Manage,
coordinate and enable resourcing, budgeting and policy creation for
a significant sub-function. Escalates breaches of policies /
procedure appropriately. Foster and guide compliance, ensure
regulations are observed that relevant processes in place to
facilitate adherence. Focus on the external environment,
regulators, or advocacy groups to both monitor and influence on
behalf of Barclays, when appropriate. Demonstrate extensive
knowledge of how the function integrates with the business division
/ Group to achieve the overall business objectives. Maintain broad
and comprehensive knowledge of industry theories and practices
within own discipline alongside up-to-date relevant sector /
functional knowledge, and insight into external market developments
/ initiatives. Use interpretative thinking and advanced analytical
skills to solve problems and design solutions in often complex/
sensitive situations. Exercise management authority to make
significant decisions and certain strategic decisions or
recommendations within own area. Negotiate with and influence
stakeholders at a senior level both internally and externally. Act
as principal contact point for key clients and counterparts in
other functions/ businesses divisions. Mandated as a spokesperson
for the function and business division. All Senior Leaders are
expected to demonstrate a clear set of leadership behaviours to
create an environment for colleagues to thrive and deliver to a
consistently excellent standard. The four LEAD behaviours are: L –
Listen and be authentic, E – Energise and inspire, A – Align across
the enterprise, D – Develop others.
Keywords: , Hamilton , Director – Cyber Legal Counsel, Legal , Whippany, New Jersey
