Principal Lawyer – Cyber Security

Requirements of the role

The Information Commissioner’s Office (ICO) is the independent regulator of information rights. In a data-driven world, we provide advice, guidance, and support to organisations enabling compliance with their obligations, as well as protecting individuals and their personal data. We are also a competent authority under the Network and Information Systems (NIS) Regulations 2018, which sets out security requirements for a range of organisations.

As an employer, we are passionate about making a positive difference to the lives and careers of our people, and we empower you to be curious, impactful, collaborative and respectful.

The post holder will provide expert legal advice with respect to Cybersecurity, and forge partnerships with other areas of the organisation to achieve consistency of approach, efficiency and the delivery of high quality, timely and risk-based legal advice to the ICO.

Job description

The Principal Lawyer – Cyber Security will act in accordance with directions given by the Commissioner and Executive Team. They will advise as to the appropriate legal lines to take, including providing advice about ICO cyber security policy on specific regulatory interventions, which may include enforcement, prosecution or appeals depending on the nature of the case.

As one of the ICO’s noted legal experts in their field, the Principal Lawyer – Cyber Security will provide technical support on cyber security and related data protection law to investigators, subject matter experts, lawyers and others across the organisation.

The post holder will primarily manage and supervise legal work relating to cyber security including in relation to complex and high profile cases and issues. They will work closely with technical experts in the ICO’s Regulatory Cyber directorate, as well as with legal colleagues. They will also help ensure that learning and development in this complex area is shared and developed collectively across relevant teams in the ICO.

KEY RESPONSIBILITIES

• Provide strategic, high quality, timely and risk based legal advice on legal queries received from across the ICO, in particular managing and supervising legal advice on complex and high profile cybersecurity cases and matters.
• Provide expert advice in areas of responsibility, by being fully conversant with all relevant legislation and procedural rules and lead on developing strategy and thinking on novel and complex legal issues.
• Provide supervision and guidance to in house lawyers and instructions to external lawyers on key legal cases and legislative matters.
• Seek continuous improvement in all areas of responsibility, recommending changes, and managing and leading on cases, projects and initiatives ensuring that implementation is successfully achieved.

• Participate and where appropriate lead on behalf of the Commissioner/ICO at meetings and events where senior representation is required both nationally and internationally. Some travel (including overseas) may be required.
• Identify opportunities and risks to ICO reputation, and to make recommendations for improving information rights and cyber security practice in targeted sectors/organisations
• Engage with media and other external stakeholders on important legal issues related to the ICO’s work
• Advise on guidance to be published by the ICO to help ensure that it is legally accurate and reflects current legislation and lead on strategic legal input relevant to particular areas of specialism.
• Effectively and independently manage a caseload of ongoing cyber security legal issues/cases and ensure that matters are dealt with in line with ICO standards, policy and regulatory priorities.
• Add value to the wider operation and influence of the ICO by participating in projects and providing advice on the creation of policies and procedures.

View on member website