We seek an experienced Associate Corporate Counsel, Data Protection to support Splunk’s commercial privacy and security program initiatives in the AMER region. This role’s primary focus is to draft, negotiate and align Splunk’s commercial privacy and security obligations in its agreements (inbound and outbound) to Splunk’s world-wide contractual, legal and regulatory obligations. You will work closely with members of Splunk’s Data Protection, Products and Procurement teams to maintain and evolve Splunk’s commercial data protection terms globally. The role will report to Splunk’s Sr. Director, Data Protection. Splunk is based in the San Francisco Bay Area; for this position, full-time remote is available (East Coast time zone preferred).
Personal Characteristics and Skills: How can I succeed at Splunk?
The successful candidate will:
- Have a high EQ and a strong history of successful cross-functional collaboration with others
- Speak/write clearly and concisely with a flexible style adaptable to different needs globally
- Rapidly adapt to evolving negotiations
- Express complex ideas in easily understandable and effective ways
- Be agile when managing conflict and creating/influencing/implementing policies and procedures
- Possess excellent business judgment and exceptional strategic thinking and analytical capabilities
- Be proactive and demonstrate initiative, resourceful, and strong work ethic
- Maintain a sense of humor and live the mantra--work hard, have fun, make history!
Responsibilities: I want to and can do that!
The successful candidate will:
- Draft, review and negotiate privacy, security and data protection terms in customer/vendor/product agreements
- Collaborate with Procurement and Commercial Legal teams on contract administration, including contract process improvement, contract management tool maintenance, tracking and reporting
- Work collaboratively with legal and business clients to identify, develop and implement process improvements to the commercial aspects of Splunk’s Data Protection Program
- Assist with performing vendor security/data protection risk assessments
- Help update and maintain Splunk’s customer RFP database
- Assist with data mapping, classification and related data management/compliance programs
- Assist with data protection impact assessments
- Other responsibilities as needed
Requirements: I’ve already done that or have that!
Candidates must have:
- JD degree with excellent academic credentials
- License to practice law in good standing in state where practicing
- At least 3-6 full years tech transactions experience, with minimum 3 years concentrated SaaS and data protection (privacy and security), in-house experience strongly preferred
- Solid grasp of the commercial requirements of key data protection compliance programs in the EU/US (GDPR, CCPA, HIPAA)
- Foundational knowledge of key security programs such as SOC2, ISO, HIPAA, PCI-DSS and FedRAMP
- Strong familiarity with emerging technologies, network and cyber security, infrastructure resiliency and cloud computing
- Significant experience negotiating Data Protection Addenda
- A passion for data protection
- Expertise in Google Docs, Sheets, Slides, Word, Excel and PowerPoint
- Prior experience with OneTrust and Apttus, a plus