Cybersecurity and Data Protection Associate General Counsel

Cybersecurity and Data Protection Associate General Counsel

Are you an attorney who is passionate about cybersecurity compliance, information and cloud security, and incident response? Are you looking to combine your legal knowledge with big‑picture business thinking to help protect critical operations, enable secure innovation, and deliver enduring value? At Booz Allen, you’ll join a global team of experienced professionals driven to excel and realize values‑driven change for our clients, colleagues, and communities.

In this role, you’ll work closely with leaders across Enterprise Cybersecurity, the Chief Information Office, cloud and technology teams, and business leadership to anticipate compliance needs and develop practical governance structures with agility and action. You’ll establish trusted partnerships across the company and collaborate with fellow members of the Legal, Ethics & Compliance team to help strengthen Booz Allen’s cybersecurity posture while supporting secure cloud deployment, incident response readiness, and evolving business needs.

Guided by Booz Allen’s purpose and values, together we’ll anticipate and proactively prepare for the issues we’ll encounter tomorrow. Your work will focus on helping the company navigate complex compliance, cloud security, and incident response obligations in a highly regulated and government‑facing environment. Due to the nature of work performed within this facility, U.S. citizenship is required.

• Provide legal advice on Booz Allen’s cybersecurity program, including counseling on compliance with key regulatory requirements and frameworks such as NIST, CMMC, FedRAMP, FAR, and DFARS, as well as advice on secure cloud deployments and related governance.
• Partner with Enterprise Cybersecurity to evaluate cybersecurity controls and governance frameworks, including processes related to identity and access management, logging, monitoring, endpoint protection, and vulnerability management.
• Provide legal advice on incident response processes, standards, and playbooks and serve as legal advisor for incident response, working closely with related functions on investigations, reporting, and remediation.
• Advise on cybersecurity requirements applicable to third‑party service providers, vendor oversight, and technical integrations.
• Counsel on cybersecurity considerations affecting client‑facing solutions, products, and other go‑to‑market activities.
• Educate internal stakeholders on cybersecurity legal and compliance risks, regulatory expectations, and best practices.

• 7+ years of experience with a law firm or in‑house cybersecurity, compliance, cloud, incident response, or data protection.
• Experience advising on NIST, CMMC, FedRAMP, FAR, or DFARS frameworks and requirements.
• Experience supporting cybersecurity compliance programs, audits, assessments, or remediation efforts.
• Experience advising on incident response, investigations, and reporting obligations.
• Experience counseling on cloud security and technology deployments.
• Ability to manage multiple priorities in a fast‑paced environment.
• Ability to translate complex legal requirements into practical business guidance.
• J.D. degree.

• Experience with federal government contracts.
• Experience with cloud governance or secure system deployment in regulated environments.
• Experience with privacy, data governance, AI governance, or crisis management.
• Experience supporting market‑facing technology or product teams.
• Experience working with engineers, security teams, architects, or developers.

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract‑specific affordability and organizational requirements. The projected compensation range for this position is $ to $ (annualized USD). This posting will close within 90 days from the Posting Date.

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.