At Elastic, we have a simple goal: to pursue the world's data problems with products that delight and inspire. We help people around the world do extraordinary things with their data. From stock quotes to Twitter streams, Apache logs to WordPress blogs, our products are extending what's possible with data, delivering on the promise that good things come from connecting the dots. Often, what you can do with our products is only limited by what you can dream up. We believe that diversity drives our vibe. We unite employees across 30+ countries into one unified team, while the broader community spans across over 100 countries.
We are seeking a Corporate Counsel, Privacy teammate for our fast-growing, global legal team. If you have the requisite experience and curiosity, you already know and appreciate that this area of law is unsettled and evolving for years to come. This role, if executed with pragmatism and enthusiasm, will be deeply rewarding and will give you a chance to create a tangible impact to Elastic’s success.
This is a distributed role anywhere in the USA.
What You Will Be Doing:
You will be our first specialist driving the development and implementation of our data privacy and data protection program. This is an exciting and hands-on role for an experienced attorney who is motivated by the desire to design and deliver a privacy program that is both proactive and practical.
- Play a key role in the team that envisions, designs, develops and implements a pragmatic data privacy and data protection program that works
- Be hands-on directing and implementing the program. This may include everything from advising senior management on how to prepare for CCPA, to leading our cross-functional privacy program team, to updating our privacy policies, privacy statements and cookie policies in light of changing regulations or internal marketing directives, to “hands-on-keyboard” updating Article 30 records. Your role here will not be limited by a shortage of opportunities to get things done
- Be vital to our commercial transactions team. This means keeping our forms of data protection addenda and information security addenda up-to-date as well as training our commercial attorneys on first-line negotiations of data privacy and protection issues and, ultimately, being the voice of knowledge on what makes sense when tough deal decisions need to be made
- Encourage and engage our engineering, product management, information security, marketing, sales and human resources teams to think of data privacy and protection as a feature not a bug. Needless to say, this includes making “privacy by design” part of our DNA
- Learn and develop a practical understanding of data privacy law and will stay up to date on legal and regulatory developments. You will actively benchmark our data privacy and protection initiatives against similar fast-growing software companies. You will use this understanding to update and advise key stakeholders so that Elastic stays ahead of the privacy power curve
- Craft and implement company-wide and department-specific training that will be directed at an understanding of key principles as well as at practical means for staying compliant
- Build a collaborative and trusted relationship with our information security team and will play a key role in enabling us to attain and maintain essential security credentials (SOC2, ISO 27001, FEDRAMP, etc.)
What You Bring Along:
You have a strong understanding of domestic and international data privacy/protection laws and regulations (GDPR, HIPAA, GLB, PIPEDA and, in time, CCPA to name a few) and of the mechanisms by which such laws are interpreted and enforced (WP29, OCR, FTC, etc.). But just as importantly, you are an operationally driven manager and team-builder who thrives on getting stuff done. We are looking for the kind of person who becomes most interested and engaged when the issues get tough. Mere advisors need not apply.
When you think of yourself, you have excellent judgment, a strong commitment to deliver, and the ability to balance competing demands on your time. Priorities shift rapidly and you feel you can adjust with flexibility, patience and humor—and learn quickly along the way.
In addition, you have:
- Juris Doctor degree
- Professional experience in domestic and international data privacy/data protection law experience including developing and implementing data privacy programs within a rapidly-growing technology company or in a top law firm advising rapidly-growing technology companies
- Solid understanding and interest in information security principles and requirement and in integrating applicable security standards (SOC, ISO 27001, FEDRAMP) with the information security requirements of a privacy program
- A strong interest in software engineering (including open source business models) and in the tools and processes used to develop and publish code (e.g., GitHub) is a strong plus
- An enthusiasm for training, team building, collaboration and process development combined with a willingness to learn and teach tools for managing complex data flows
- Experience and confidence with negotiating complex data privacy and information security issues and with teaching others how to do so
- Competitive pay based on the work you do here and not your previous salary
- Global minimum of 16 weeks parental leave (moms & dads)
- Generous vacation time and one week of volunteer time off
- An environment in which you can balance great work with a great life
- Your age is only a number. It doesn't matter if you're just out of college or your children are; we need you for what you can do
- Distributed-first company with Elasticians in over 30 countries, spread across 18 time zones, and speaking over 30 languages!
Elastic is an Equal Employment employer committed to the principles of equal employment opportunity and affirmative action for all applicants and employees. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status or any other basis protected by federal, state or local law, ordinance or regulation. Elastic also makes reasonable accommodations for disabled employees consistent with applicable law.