Top-tier privacy and cybersecurity practice is seeking a mid-level associate (approximately 2–4 years’ experience) to join its Washington, DC office. The role involves advising on incident response, regulatory interaction, compliance program enhancements, and privacy/security issues across technology and regulated industry clients.

Day-to-day responsibilities include supporting cybersecurity incident response and regulatory matters, developing incident preparedness materials (playbooks, tabletop exercises, vulnerability disclosure), conducting risk and regulatory analyses, and counseling on data transfers and product-related privacy/security issues. The role requires ownership of discrete workstreams and regular client interaction appropriate to a mid-level associate.

2–4 years of experience in cybersecurity, privacy, technology regulatory counseling, incident response, or closely related practice (law firm, government, or in‑house experience welcome)
Strong research, writing, and oral communication skills; demonstrated ability to deliver clear, client‑ready work product
Experience supporting cybersecurity incident response, breach notifications, or regulatory inquiries strongly preferred
Familiarity with cybersecurity frameworks (e.g., NIST CSF) and cross‑sector privacy/security obligations is a plus
Membership in or eligibility for the D.C. Bar
Please be prepared to provide a substantive writing sample related to cybersecurity, privacy, or technology matters

Apply for this role

Confidential. We never contact your current employer.