Data Privacy & Cybersecurity Associate (3rd4th Year) - S.F.

Job Title: Data Privacy & Cybersecurity Associate (3rd–4th Year)
Location: San Francisco, CA (Hybrid)
Job Type: Full-Time
Compensation: $260,000–$310,000 annually
Posted: 30+ Days Ago

Direct Counsel is representing an Am Law Global 100 firm seeking a 3rd to 4th year associate to join its Data Privacy & Cybersecurity Practice in San Francisco. This is a shareholder (partner-track) opportunity offering competitive compensation, a comprehensive benefits package, and the chance to work with nationally recognized practitioners across industries including technology, healthcare, e-commerce, retail, fintech, and entertainment.

Key Responsibilities:

• Advise clients on global and U.S. data protection legal frameworks, including CCPA, GDPR, FTC Act, and other state and international privacy laws.

• Provide compliance counseling for HIPAA, GLBA, FCRA, COPPA, TCPA, CAN-SPAM, and other relevant statutes.

• Draft and revise privacy policies, incident response plans, data processing agreements, and service contracts.

• Assist with regulatory inquiries and investigations related to privacy compliance and data breaches.

• Provide due diligence support on corporate transactions involving privacy and security risks.

• Counsel clients on AI governance programs and applicable federal/state regulations, including the EU AI Act.

• Contribute to data breach response planning and execution.

• Collaborate with a cross-office team on cutting-edge privacy and cybersecurity matters.

Required Qualifications:

• Juris Doctor (JD) from an accredited law school.

• Admission and good standing with the California State Bar.

• 3–4 years of experience focusing on data privacy and cybersecurity law.

• Strong background in advising companies on privacy compliance frameworks and industry-specific regulations.

• Demonstrated excellence in legal research, writing, and communication.

• IAPP CIPP/US and/or CIPP/EU certification strongly preferred.

Ideal Candidate Traits:

• Practical, solution-oriented thinker with strong client service focus.

• Deep understanding of internet infrastructure and digital regulatory trends.

• Experience negotiating data protection agreements and working with clients in a variety of sectors.

• Knowledge of artificial intelligence regulation is a plus.

About the Practice:

The Data Privacy & Cybersecurity team provides strategic, business-oriented legal advice on domestic and international privacy regulations, cybersecurity, AI governance, cross-border data flows, and compliance risks. The team is known for its depth of industry knowledge, global reach, and high-profile publications in the data protection space.