Data, Privacy and Cybersecurity – Mid-Level Associate

Hogan Lovells’s Data, Privacy and Cybersecurity practice group seeks a mid-level associate with approximately 2–4 years of experience in cybersecurity, privacy, and technology regulatory matters. Our Privacy and Cybersecurity practice consistently ranks among the nation’s best for expertise, legal ability, client service, and business understanding. We are looking for a candidate who demonstrates strong analytical skills, excellent judgment, and the ability to take ownership of significant workstreams while collaborating closely with attorneys and clients.

Our practice supports major industry players across many sectors including technology, life sciences, digital health, enterprise software, professional service, manufacturer, and financial services.

Primary Responsibilities

The associate will work on a wide range of cybersecurity and privacy advisory matters, including:

•    Cybersecurity incident response support, including fact gathering, legal analysis, strategic communications, threat actor interactions, law enforcement coordination, and addressing multi-jurisdictional notice obligations.
•    Regulatory interaction following cyber incidents—such as preparing regulatory responses, supporting investigations, and advising on reporting strategies and timelines.
•    Incident preparedness, including policy and playbook development, tabletop exercise support, red teaming and adversary simulations, vulnerability disclosure handling, and assessments of incident/breach response readiness.
•    Assisting clients with cybersecurity compliance program enhancements, such as governance structures, risk assessments, vendor/third party risk practices, and information security documentation.
•    Analysis of cybersecurity and privacy regulatory frameworks, including cross sector cybersecurity requirements, state and federal privacy and security expectations, and applicable industry standards (e.g., NIST CSF).
•    Supporting client counseling on cybersecurity and privacy issues arising in product development, commercial transactions, and cross border data flows.
•    Managing discrete workstreams and participating directly in client calls, presentations, and deliverables appropriate to a mid-level associate.

Qualifications

•    2–4 years of experience in cybersecurity, privacy, technology regulatory counseling, incident response, or related areas (law firm, government, or in house experience welcome).
•    Strong academic credentials and excellent research, writing, and oral communication skills.
•    Demonstrated ability to deliver clear, concise client ready work product in a fast-paced environment.
•    Membership in or eligibility for the D.C. Bar.
•    Experience supporting cybersecurity incident response, breach notifications, or regulatory inquiries strongly preferred.
•    Familiarity with cybersecurity frameworks (e.g., NIST CSF), sector agnostic privacy/security obligations, and consumer protection enforcement trends is a plus.
•    Ability to manage multiple competing deadlines and work collaboratively across teams.
•    Please include at least one substantive writing sample related to cybersecurity, privacy, or technology matters.

The expected base salary range for this role is $235,000 to $310,000 per year. This range reflects a good-faith estimate of pay at the time of posting; the actual compensation offered may vary depending on factors such as the candidate’s qualifications. This position is eligible for additional forms of compensation, which may include annual performance bonuses and discretionary bonuses.  Employees in this role are also eligible for benefits offered by the firm, subject to applicable plan terms and conditions, which currently include medical, dental, and vision insurance; a 401(k) retirement plan; and paid time off. Additional benefits may include relocation. Please review this link for more information regarding employee benefits in the United States. 

We will consider for employment qualified applicants with arrest and conviction records in a manner consistent with the requirements of applicable law, including the San Francisco Fair Chance Ordinance and City of Los Angeles Fair Chance Initiative for Hiring Ordinance.

A resume or CV is a must for our application system. We encourage you to include a cover letter to tell us why you are interested in this position and a law school transcript (or the equivalent).  Candidates for lawyer opportunities in the U.S. must have a law degree from an ABA-accredited law school and be a member of the Bar in the United States. 

To apply please complete the on-line application, attaching a resume and law school transcript.

All search firm submissions should be sent to the attention of Suzanne Hudgens at [email protected] Submissions must include a resume and law school transcript.
 

This job description sets forth the responsibilities of this position and may be changed from time to time as shall be determined.

Hogan Lovells is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, age, national origin, disability, sexual orientation, gender identity or expression, marital status, genetic information, protected Veteran status, or other factors protected by law.

Hogan Lovells complies with federal and state disability laws and makes reasonable accommodations for applicants and candidates with disabilities. If reasonable accommodation is needed to participate in the job application or interview process, please contact our Benefits Department at [email protected].