(Sr.) Corporate Counsel: Privacy/Data Protection, Splunk, San Francisco, CA

Splunk Legal is a collaborative team of lawyers and legal professionals who help accelerate Splunk’s success by providing creative and practical answers to cutting-edge legal questions. Splunk Legal delivers solutions that comply with the letter and spirit of the law and enable Splunk to grow its leadership globally.

Splunk is looking for an experienced attorney who can support Splunk’s privacy and data protection initiatives globally.  This role presents an exciting opportunity to shape policy and practice inside a big data company, influence product and services development and be a key player in Splunk’s incident response program. This role reports to the Director, Risk Management and Data Protection, and will help ensure that Splunk’s contractual, legal and regulatory obligations to protect data are in place.  The attorney will support transactions and operational processes involving privacy/data protection, and provide training and advice across the organization about the Splunk’s privacy/data protection program and related security requirements. Diligent and proactive, this role will require excellent business judgment and strategic thinking, along with the ability to work independently as well as collaboratively and flexibly in a collegial, fast-paced team environment.

Note: Title of Senior Corporate Counsel or Corporate Counsel will be based on experience.

Responsibilities: I want to and can do that!

  • Work collaboratively with legal and business managers to help identify, develop and implement process improvements related to privacy/security
  • Assist in creating, tracking and updating privacy related notices, policies, standards, guidelines and processes
  • Monitor Splunk practices to ensure ongoing compliance with applicable laws, policies, guidelines and processes
  • Perform vendor privacy/security risk assessments as part of the Splunk’s vendor risk management program
  • Draft, review, and negotiate customer/vendor contract terms regarding privacy/security
  • Help support Splunk’s incident response team and manage cyber security events
  • Assist with data mapping, classification and related data management/compliance programs
  • Develop privacy-related training materials and assist with training sessions
  • Respond to privacy-related customer/public inquiries
  • Help establish and oversee Splunk’s data transfer frameworks and agreements and assist with their annual compliance reviews
  • Other responsibilities as needed

Requirements: I’ve already done that or have that!

  • JD degree with excellent academic credentials.
  • License to practice law in California
  • At least 5 full years practicing in the field of data privacy and security, in-house experience strongly preferred
  • Strong understanding of the EU/Swiss-U.S. Privacy Shield Frameworks, GDPR, and APEC CBPR Framework
  • Prior experience participating in and managing cyber security incident response
  • Prior experience with HIPAA/PCI-DSS/FedRAMP strongly preferred
  • Possess exceptional legal capabilities and judgment
  • Familiarity with emerging technologies, network and cyber security, infrastructure resiliency, cloud computing
  • Ability to prioritize and drive multiple initiatives to conclusion independently and in a timely manner
  • Strong collaboration, organizational and project management skills
  • Excellent communication skills (oral and written)
  • Self-motivated, self-reliant, confident, and detail-oriented
  • A good sense of humor and the ability to adapt to a fast paced and rapidly changing environment

Application Submission Information:
Please submit directly to this Link – applications will be sent to both the hiring manager & staffing team.