ROLE OVERVIEW
The team
The Data & Cyber team advises a wide range of clients across a variety of industry sectors on cyber incidents, regulatory response, technology and data-related claims, and cyber/technology insurance coverage. We are recognised for combining deep cyber incident response capability with a strong understanding of the insurance market, enabling us to support clients across the lifecycle of a cyber event and its downstream exposures: from immediate breach response and crisis management, through policy notification and coverage strategy, to regulatory engagement and dispute resolution.
The role
Based in Bristol, the Associate (1-4 years' PQE) and/or Senior Associate (4-8 years' PQE) will support Partners in delivering cyber and technology insurance and coverage work, alongside associated cyber incident response and data regulatory matters. The role is primarily focused on advising insurers and insureds on breach response insurance issues, policy interpretation and claims strategy, including large and complex multi-insurer cyber coverage claims.
As the Data & Cyber team continues to expand our services to clients outside of the insurance industry, this role will also serve corporates on non-insured cyber incidents, pre-breach preparation, internal and external communications support following a breach and breach remediation activities alongside trusted technical cyber partners.
The Associate/Senior Associate will also support on high-pressure incident response mandates (including ransomware/cyber extortion scenarios) and related privacy/regulatory workstreams, ensuring coverage considerations are integrated with practical breach response and stakeholder management. The role involves direct client contact and coordination with brokers, forensic and incident response providers, and counsel where appropriate, and the Senior Associate role will supervise junior lawyers.
In addition, you can expect to:
- Advise insurers, insureds and brokers on breach response insurance matters, including policy interpretation, coverage position analysis, reservations/coverage correspondence support, and claims presentation strategy.
- Support and run (with Partner supervision as needed) complex cyber coverage matters, including multi-insurer claims, allocation issues and high-value/fast-moving claims environments.
- Advise on technology and cyber-related liability coverage issues (including technology errors and omissions exposures) and the interplay between coverage, incident response and potential third-party claims.
- Support the defence and strategy of technology/data-related claims and disputes arising from cyber exposures, including managing pre-action issues, ADR/mediations and (where relevant) litigation workstreams.
- Support cyber incident response from initial compromise through containment and recovery, helping clients manage legal risk alongside operational response (including international ransomware matters).
- Advise on notification strategy and regulatory engagement, including ICO-facing matters and associated enforcement/investigation risk.
- Support handling of data subject and related third-party claims arising out of incidents, including coordinating litigation risk strategy with coverage and incident response considerations.
- Coordinate pragmatic data protection advice alongside our data advisory team to support incidents/claims (e.g. complex DSAR issues and international data transfers in the context of response and remediation).
Knowledge, skills and experience
- Experience in cyber breach response, insurance coverage and/or cyber/technology claims work (gained in private practice, in-house, or in a comparable setting).
- Demonstrable experience advising on cyber/tech insurance coverage, including breach response insurance policies; experience of large or multi-insurer claims is highly desirable.
- Understanding of cyber incident response workflows and the ability to advise calmly under time pressure, working effectively with all stakeholders such as CISOs, in-house counsel, brokers, insured stakeholders and technical incident response providers.
- Experience of technology and data-related claims/disputes (including ADR and, ideally, litigation/arbitration) and familiarity with technology EO exposures.
- Working knowledge of UK regulatory engagement considerations (including ICO interaction) sufficient to identify and support incident-led regulatory and claims workstreams.
- Strong drafting and analytical skills, good commercial judgement, project management experience and the ability to manage multiple matters with competing deadlines.
- Confident communicator with proven ability to build client relationships and collaborate across multi-disciplinary teams.
- Able to work efficiently and commercially and understand the importance of engagement financial hygiene.
- Good attention to detail and excellent organisational skills.
- Committed to being part of a supportive, inclusive and collaborative firm culture.
- Good knowledge of Microsoft Office.
Diverstiy, equity, inclusion and belonging
We are problem solvers. Whether in front of clients or behind the scenes. To solve problems creatively for clients, we need diverse collaborative thinking; drawing on different experiences, backgrounds and perspectives. That means that everyone who either applies to, or works for, the firm is treated equitably. Webelieve in removing barriers to equal access not least because our people define us and define what we do. If you need support and adjustments to do your best work, whether that's during the recruitment process or throughout your time at RPC, we're here to help.
Flexible working that supports your commitments outside of work is an important part of our culture and, where possible, we will support this across all roles. Please get in touch with our recruitment team if you have any questions about our hybrid working approach or flexible working policy.