Privacy Counsel

Privacy Counsel

Requirements

• Experience counseling and working closely with Security teams, including on-call rotation for security and privacy incident response
• Knowledge of security frameworks and compliance (e.g., NIST and ISO 27001), including establishing robust governance, risk and compliance programs and assisting with cybersecurity risk assessments
• Experience advising on global cybersecurity regulations and executive orders, including EU NIS 2, EU Cyber Resilience Act, CIRCIA, Executive Order 14117, and the Cybersecurity Information Sharing Act
• Experience advising on domestic and global privacy issues, including the GDPR, ePrivacy Directive, Section 5 of the FTC Act relating to privacy, anti-spam laws, cookies regulation, and U.S. State privacy laws
• Knowledge of global privacy and data security laws, regulations, and industry guidelines, especially those relevant for ecommerce, ad tech, and Internet companies
• In-house experience or law firm experience counseling clients on privacy and data security matters
• Excellent legal and business judgment and strategic thinking
• Able to communicate effectively with stakeholders across the company on complex, multifaceted issues
• Detail-oriented, business-friendly, and a team player, with an ability to think creatively and accommodate tight deadlines
• Strong work ethic and able to work independently and collaboratively
• Great sense of humor
• J.D. from a nationally recognized law school
• Active membership in at least one state bar
• 6+ years of experience practicing law

Responsibilities

• Partner closely with Snap’s Engineering Security team to provide legal and strategic advice on a range of matters, including vendor due diligence and third party privacy and security assessments, governance, risk and compliance, and privacy and security incident response
• Collaborate with stakeholders to help create, improve, and enforce Snap’s data security policies, standards, and practices, assuring they meet global legal requirements
• Ensure Snap’s data processing globally complies with all applicable privacy laws, including the EU General Data Protection Regulation (GDPR) and state and federal consumer protection and privacy laws
• Partner with Product Counsel on complex issues as they emerge in the development of new products and technologies, including privacy, data security, and encryption
• Help continue to improve over time Snap’s privacy-by-design requirements, working closely with Snap’s Privacy Engineering team
• Analyze potential legal risks and regulatory requirements for new products and technologies
• Conduct privacy due diligence reviews, privacy impact assessments, and integration plans for potential acquisitions and partnerships
• Help draft public-facing descriptions of new products and technologies
• Track and analyze proposed, pending and new domestic and global privacy, data security, and consumer legislation that could impact the business and recommend any potential or necessary modifications to practices, as well as advise Policy team on lobbying priorities
• Conduct periodic privacy and security trainings across the company

Preferred Qualifications

• Great sense of humor