Data Protection Counsel

About the role:

We are looking for a Data Protection Counsel to join our legal team. This role will be responsible for Axonius' data protection and privacy compliance needs on a global scale. You will have an incredible opportunity to use your expertise to have a significant impact on a fast-growing hi-tech company.

This role reports directly to Axonius' VP Legal and will work cross-functionally with the Security, R&D, Engineering, People, and Marketing teams. The ideal candidate is a business-minded attorney, self-starter, comfortable working in a fast-paced environment, attentive to detail, and willing to work collaboratively to meet company-wide goals. If you have a strong drive to make an impact on, and engage in the business of, a cutting-edge tech company read on!

Responsibilities:

As Data Protection Counsel, you will provide support to our teams globally. Your core responsibilities will include:

• Deliver best in class data protection and privacy counseling, primarily focusing on cyber and SaaS-related products and services.
• Build, refine, and scale privacy and data protection compliance processes.
• Develop and refine our internal privacy governance documentation (privacy policy, privacy notices, data privacy addendums (DPAs) etc.).
• Draft and negotiate DPAs, advise on privacy and data security in commercial transactions (customers/vendors), develop processes to support same.
• Lead our cross-team efforts in connection with DSRs, cookie policies, data mapping, and subprocessor list management.
• Track new privacy/security laws and regulations (as well as relevant technological developments) in the US and globally to ensure an ongoing ability to provide compliance advice.
• Work with the Security team to scope and perform periodic data protection and privacy risk assessments, mitigation, and remediation.
• Establish privacy and data protection trainings; create and provide playbooks and guides on areas within the privacy purview.
• Collaborate with the Security and Product/R&D teams on incident preparedness, investigation, communication, and remediation.
• Integrate privacy principles in the product development lifecycles.

Requirements:

• JD (or equivalent legal) degree; current Bar admission; CIPP/CIPM or a similar certification.
• 5-6+ years of legal experience supporting and advising businesses on global privacy and data protection matters, ideally with both a law firm and a tech/SaaS company.
• Excellent knowledge of global privacy laws, regulations, standards, and related regimes including GDPR and CCPA.
• Experience building privacy and data protection programs and developing compliance processes, practices, and related documentation.
• Exceptional communication (making complex topics easily-digestible for business people) and project management skills, ability to calibrate risk and to lead cross-functional teams.
• Service-oriented and responsive attitude, strong attention to detail, hard-working and committed to providing an excellent work product.
• Impeccable professional ethics, integrity, and judgment.
• Able to work independently but with full recognition of areas of limitation and need for support (humility and honesty appreciated!)
• Teamwork oriented attitude and sense of humor.
• Ability to work in the US (visa sponsorship for this role is currently not available).

Advantages:

• Experience with software/systems for privacy compliance (e.g., OneTrust).
• Experience working at a successful, high-growth SaaS company or in the cybersecurity industry.
• Curious about innovation; strong understanding of SaaS products and interest in technology; knowledge of IP licensing, and open-source licenses.

Compensation will be based on individual education, qualifications, and experience. The salary range is from $145,000 to $180,000 annually plus an annual performance bonus, equity, and attractive benefits.