Requisition ID # 163613 

Job Category: Legal 

Job Level: Attorney

Business Unit: Gen Counsel, Ethics, Risk & Compliance

Work Type: Hybrid

Job Location: Oakland; Washington D.C.

Department Overview

PG&E’s Law Department provides timely, efficient and business-focused legal services to the company. The Strategic Transactions and Customer Care (STACC) legal team provides regulatory, transactional and strategic support across a broad spectrum of matters, including (1) transactions pertaining to sourcing, energy procurement, and real estate; (2) customer issues; (3); cybersecurity, privacy and Artificial Intelligence (AI) issues; and (4) municipalization matters.

Position Summary

This is an exciting role that encompasses numerous responsibilities across the areas of cyber security, privacy, AI, and data management.  The Senior Counsel (Cybersecurity, Privacy, and AI) will report to the Managing Counsel for STACC and will work primarily in the areas of cybersecurity, privacy, and AI. The Senior Counsel will be responsible for providing legal advice and representation to clients in various aspects of the company's cybersecurity, privacy, AI, and data practices.

Reporting Relationship

Reports into the Managing Counsel – STACC.

Job Responsibilities

This role involves the following day-to-day responsibilities:

Cyber Security

• Compliance and Risk-Management: 
• • Provide legal support regarding development of, maintenance of, and compliance with information security and information technology standards, policies, and procedures; and support the company’s NIST Cybersecurity Framework maturity model development.
  • Assist in managing cybersecurity legal risk(s) in sourcing, utility transactions, regulatory proceedings, and with respect to critical infrastructure, including compliance with relevant state and federal energy regulations from such regulators as FERC, NERC, NRC, SEC and CPUC.
  • Develop cross-functional cybersecurity risk management processes and policies involving third parties, including vendors, contractors, and regulators.
• Law Enforcement Engagement: 
  • Coordinate with law enforcement and intelligence community on cybersecurity risks and incident response.
• Incident Response: 
  • Support cybersecurity incident preparedness and response, including providing legal review and input on incident response policy development and management, table-top and functional exercises, and live incident response.
• Client Support: 
  • Lead and coordinate with key clients on cybersecurity incident disclosure obligations.
  • Provide advice and counsel to clients, management and project teams on legal issues, as well as on federal and state policy, compliance and strategic matters

Privacy

• Compliance and Risk-Management:
  • Monitor ongoing compliance with privacy and data security laws, regulations, and self-governing frameworks and standards, provide advice and counsel, and manage cross-functional initiatives.
  • Draft privacy policies and review guidance documents and other notices relating to compliance.
  • Conduct internal data management risk and compliance education and training.
  • Monitor relevant privacy and data security laws and regulations, technological developments, and evolving industry standards to support providing sound compliance advice.
• Incident Response:
  • Lead data loss investigations and incident response.
• Client Support:
  • Draft, review and negotiate privacy and data security contract language.
  • Advise key business partners on enhancing controls.
  • Manage and advise on data-related issues in regulatory proceedings.

AI

• Compliance and Risk-Management:
  • Assist in developing AI policies, best practices, guidance documents, controls, and trainings.
  • Develop and support implementation of AI risk assessments and processes- both pre- and post-implementation.
  • Monitor and advise on legislative and regulatory proposals on issues like AI risk management, privacy, bias and discrimination, data transparency, and more to build out robust AI governance and compliance practices.
  • Provide advice and counsel to clients, management and project teams on legal issues, policy, compliance and strategy as it relates to AI.

Leadership Qualities

PG&E expects its leaders to conduct themselves with the highest ethics and integrity and to embody specific leadership qualities.

Strategic Mindset

• Seeing ahead to future possibilities and translating them into breakthrough strategies.
• Operating effectively, even when things are not certain or the way forward is not clear.

A Leader in the Community and Industry

• Effectively building formal and informal relationship networks inside and outside the organization.
• Anticipating and balancing the needs of multiple stakeholders.

Demonstrates Safety Leadership

• A safety champion in words and deeds with respect to both employee and public safety.
• Maintaining an environment of open dialog and free of retaliation.

Influences and Inspires

• Using various- communications that convey a clear understanding of the needs of different audiences.
• Maneuvering comfortably through complex policy, process, and people-related dynamics.

Optimizes Team Performance

• Building strong-identity teams that apply their diverse skills and perspectives to achieve common goals.
• Creating a climate where people are developed and motivated to do their best to help the organization.

Values Diversity and Creates Inclusion

• Recognizing the value that different perspectives and cultures bring to an organization.

Fiscally Responsible

• Interpreting and applying understanding of key financial indicators to make better business decisions.
• Planning and prioritizing work to meet commitments aligned with organizational goals.

Leads Ethically and in a Compliant Manner

• Sponsoring and sustaining a high integrity speak-up corporate culture which prioritizes ethics, safety and compliance.
• Building on necessary level of industry, company and subject-matter expertise, including laws and regulations.

Provides a High Level of Customer Service

• Building strong customer relationships and delivering customer-centric solutions.

Compensation

PG&E is providing the salary range that the company in good faith believes it might pay for this position at the time of the job posting. This compensation range is specific to the locality of the job.  The actual salary paid to an individual will be based on multiple factors, including, but not limited to, specific skills, education, licenses or certifications, experience, market value, geographic location, and internal equity.  Although we estimate the successful candidate hired into this role will be placed towards the middle point of the range, the decision will be made on a case-by-case basis related to these factors.​

A reasonable salary range is:

Bay Area Minimum: $189,000

Bay Area Maximum: $323,000

Background Qualifications

Minimum

• Bachelor’s degree or equivalent experience
• Juris Doctor degree from an accredited law school
• Law Bar Admission, U.S.
• U.S. state bar active member in good standing
• Legal experience, post-JD-Juris Doctor, or other job-related, 10 years
• Experience as Attorney, 7 years

Desired

• Law Bar admission, CA
• Registered In-House Counsel permit, California
• Experience in legal matters, complex