Assoc General Counsel III-Privacy/Cybersecurity/RIM

The Legal Division is evolving its capabilities to support the ongoing efforts of our firm to meet our 2030 Ambition. In doing so, we are looking for an attorney who will be responsible for developing and leading certain strategic initiatives, including efforts aimed at reducing and mitigating cybersecurity, data, and technology risks, as well as maturing the privacy program to provide best-in-class support to our technology and business partners.
A successful candidate will seamlessly interface with the wider legal team and have a strong partnership with our data, technology, and business partners to provide practical, strategic legal guidance and design and implement creative solutions to complex enterprise challenges. The position requires the ability to influence other firm leaders, as well as have an aptitude for developing and implementing risk-aware business solutions.
This role will drive collaboration between legal, information security, technology, data, and product teams to enhance consumer trust, mitigate privacy risks, and align privacy practices with business objectives while serving as a key advisor to senior leadership on ethical data use and regulatory trends. The successful candidate will be able to demonstrate forward-thinking, collaborative leadership and drive privacy excellence across the firm while balancing innovation, business growth, and regulatory compliance.
Candidates should be highly motivated and extremely knowledgeable about cybersecurity, data, and privacy laws and regulations, emerging technologies, and information governance program management. Prior experience in cybersecurity law, especially in a highly regulated environment is preferred.
This position will report directly to the firm's Chief Privacy Officer, who leads our organization's Legal-Information & Data Protection team, consisting of both privacy and records and information management professionals.
What you'll do:

• Providing day-to-day thought leadership, legal guidance, and business support for key firm initiatives and strategic imperatives, in particular to support the firm's cybersecurity, information governance, and digital and data functions.
• Identifying and evaluating cybersecurity, information governance, emerging technology, and privacy risks, generally, and design and implement best-in-class, risk-aware strategies and processes to eliminate, mitigate, and control such risks.
• Assisting in the development and management of enterprise-wide procedures to remove or mitigate constraints related to the development of new products and services and to ensure such products and services are developed consistent with firm privacy policies and legal obligations imposed by federal and state laws and regulations.
• Co-creating relevant data and information security strategies to support the firm's business ambitions and influence and lead horizontally (i.e., without direct authority) those strategic initiatives both within and outside the legal division.
• Working closely with the Chief Information Security Officer (CISO) and security teams on data breach preparedness and response.
• Fostering a culture of accountability and transparency, ensuring that privacy remains a core pillar of the firm's innovation and growth strategy.

• Doctor of Jurisprudence (JD) and state bar admission (in good standing).
• Minimum 12 years progressive responsibility in an in-house, regulatory, or law firm environment, with a focus on privacy, and information security, or information governance required, with people leadership preferred.
• Preference for a strong technical background with command of information technology and software utilized data governance and information security functions.
• Aptitude for influencing business leadership and deep knowledge of cybersecurity, data, and privacy principles, industry standards, and best practices.
• Capacity to represent legal perspectives in a large, cross-functional, collaborative environment.
• Strong cross-function collaboration skills and the ability to oversee a large number of ongoing projects.
• Excellent verbal, written communication, and interpersonal skills, with demonstrated ability to influence decisions at senior executive levels of organizations.
• Capacity to work independently, as needed, and collaboratively in a team environment.

• One or more of the following certifications:
  • Certified Information Privacy Professional/United States (CIPP/US) designation from the International Association of Privacy Professionals.
  • Certified Information Systems Security Professional (CISSP) designation from ISC2.
  • Certified Information Security Manager (CISM) or Information Systems Auditor (CISA) designation from ISACA.
  • Information Governance Professional (IGP) from ARMA; or a similar privacy, information security, or information governance certification.

Edward Jones does not discriminate on the basis of race, color, gender, religion, national origin, age, disability, sexual orientation, pregnancy, veteran status, genetic information or any other basis prohibited by applicable law.