This position is within the T-Mobile Legal Department. Provide practical and actionable legal and regulatory advice to the relevant teams at T-Mobile on a variety of issues, with an emphasis on data security.
- Researches, develops, and provides legal advice on privacy and data security laws and regulations, internal policies, and industry best practices;
- Identification of security laws applicable to organization, based on jurisdictions and activities;
- Evaluates proposed technology changes, operational changes, identified security vulnerabilities, remediation plans and other matters with an eye towards compliance with federal and state laws requiring reasonable safeguards for data security;
- Coordinates with the Digital Security Office to identify and evaluate appropriate security controls to meet legal and regulatory requirements, in particular requirements in the FCC’s CPNI regulations, and the NY Department of Financial Services and similar state law regulations;
- Drafts and negotiates privacy and data security provisions in commercial contracts for vendors supporting T-Mobile US Care, Retail, Engineering teams, and with OEM partners;
- Drafts internal and public-facing data security policies and other documentation;
- Assists with merger and acquisition due diligence and integration activities, in particular evaluating acquired company policies and procedures on data security; and
- Assists with other projects and duties as assigned.
- Minimum of 7-10 years’ experience as a lawyer, with a focus on privacy and cybersecurity;
- JD from a reputable law school;
- Current Washington State bar membership, in good standing (or good standing membership in at least one U.S. state bar, with the ability to become a licensed member of the Washington State bar within 6 months);
- Working knowledge of major data security laws and regulations (e.g., GDPR, CCPA, CPNI, FTC Act, HIPAA, GLBA, State Breach laws, etc.) and data security standards (NIST, PCI, ISO, etc.);
- Practical experience with the development and implementation of data security compliance programs, policies and standards, including standards such as NIST Cybersecurity Framework;
- Demonstrated ability to perform and document detailed legal research and synthesize advice into concise summaries;
- Demonstrated ability to provide practical and actionable advice in a dynamic and ambiguous legal environment;
- Demonstrated ability to work independently, multi-task, and manage multiple assignments simultaneously;
- Excellent verbal and written language skills; and
- Excellent personal computer skills.
- Contract negotiation experience (e.g., negotiating privacy and security provisions in master service agreements, statements of work, etc.)
- Technical fluency in Internet and telecommunications technology and cybersecurity;
- Practical experience in the field of telecommunications law (including CPNI regulations);
- Demonstrated ability to interact with senior management and the capacity to develop executive maturity and leadership skills; and
- CIPP and/or CISSP certification.
Application Submission Information:
Please apply online at: