Lead and develop a global privacy legal team at Okta, providing expert guidance on data protection compliance, incident response, policy development, and contract negotiations for a high-growth SaaS company. Requires 10+ years legal experience including 5+ in privacy, JD, and team leadership.
240k – 330k
Hybrid10+ YOELegal
About the role
Responsibilities
Lead and develop a team of talented, high-performing privacy legal professionals and serve as a point of escalation, providing privacy and data protection legal expertise to executives, cross functional leaders and other stakeholders throughout the organization.
Provide advice and guidance to Okta Security, Engineering, Product, executives and other stakeholders on compliance with applicable privacy and data protection laws and regulations, such as the General Data Protection Regulation, United States’ federal and state regulations, privacy by design, frameworks and industry certifications.
Provide advice negotiating privacy and data protection terms associated with Master Subscription Agreements, Data Processing Addendums and other documentation related to customer and vendor transactions.
Provide day-to-day legal support on privacy and data protection-related questions and respond promptly and effectively with pragmatic, business-oriented guidance.
Support the investigation of potential privacy incidents, including analyzing relevant regulatory responsibilities and contractual obligations.
Develop, implement and maintain privacy and data protection policies, procedures, standards, processes, runbooks, certifications and guidance.
Build critical relationships in order to effectively provide practical and strategic advice to assist the business in meeting its objectives, while ensuring privacy and data protection compliance.
Maintain an understanding of technical controls and assist in the creation of audit and monitoring frameworks to support stable, controlled operations.
Review privacy-related marketing and other external communications content for accuracy and completeness.
Strategically manage outside counsel relationships, including staffing, strategy, work product, day-to-day activity and budgets.
Required Skills and Experience
10+ years of relevant in-house and/or law firm experience as a practicing attorney, including at least 5 years of experience specializing in privacy and data protection, preferably at a SaaS technology company.
Ability to translate complex privacy and data protection issues into clear and straightforward legal guidance, communicate effectively with non-legal internal colleagues and support and inspire innovation across the business.
Familiarity and comfort with the culture of a fast-paced enterprise software company and knowledge of SaaS products.
Experience working with highly-regulated customers, preferably those in the financial services industry.
Excellent written and verbal communication, presentation, drafting and negotiation skills.
Sound and practical legal and business judgment, as well as the ability to think strategically and develop strong working relationships with key internal clients.
Strong knowledge of privacy and data protection frameworks, including, GDPR, CCPA, CPRA, HIPAA, NIST, ISO, FedRAMP and PCI-DSS.
Proven track record managing and overseeing a team of privacy legal professionals, preferably at a global company.
Ability to maintain strong working relationships with a variety of internal stakeholders and business partners from a variety of functions.
A self-motivated individual with grit who takes initiative and is comfortable rolling up their sleeves. Team-oriented with a sense of humor and high emotional intelligence. Results-driven with the ability to organize, prioritize and manage deadlines.
Strong academic background and J.D. from highly-regarded school, active bar admission.
Provide legal counsel on capital markets transactions, corporate governance, and securities compliance for a high-growth AI infrastructure company. Requires 4-7 years of top-tier law firm experience and a JD.
235k – 275k
On-site4+ YOELegal
Head of Enterprise Compliance & Privacy
Thyme CareNashville, TN
Leads enterprise compliance and privacy programs at a tech-enabled oncology care company, advising executives, scaling programs for clinical operations and telehealth, and ensuring regulatory adherence in HIPAA, Medicare, and multi-state models. Requires 10+ years healthcare compliance leadership and C-suite influence.
234k – 275k
On-site10+ YOELegal
Head of Legal
JuiceboxSan Francisco, CA
First Head of Legal to own legal strategy and execution across privacy, compliance, commercial contracts, vendor negotiations, and financings at a fast-growing AI SaaS company.
250k – 350k
On-site6+ YOELegal
Director of Compliance
IdmeMountain View, CA
Lead and scale the compliance function for a highly regulated identity verification platform, owning FedRAMP, SOC 2, ISO 27001, and NIST programs while driving automation and building a high-performing team.
230k – 320k
On-site8+ YOELegal
Director of Compliance
CommureMountain View, CA
The Director of Compliance designs, oversees, and monitors Commure’s corporate compliance program for its AI healthcare platform. Responsibilities include risk assessments, policy development, training, auditing, and advising on healthcare laws such as HIPAA, Anti-Kickback, Stark, FDA SaMD, and information blocking. Requires 6-10 years healthcare compliance leadership experience.