Senior Director, Corporate Counsel - Cybersecurity & Privacy

Senior Director, Corporate Counsel - Cybersecurity & Privacy

Accelerate your career by joining Okta, the World’s Identity Provider, as a member of our Privacy and Product Legal team.  We free everyone to safely use any technology—anywhere, on any device or app. Our Workforce and Customer Identity Clouds enable secure yet flexible access, authentication, and automation that transforms how people move through the digital world, putting Identity at the heart of business security and growth. As Senior Director, Corporate Counsel - Cybersecurity & Privacy, you will lead a global cybersecurity and privacy legal practice at a high-growth, publicly-traded enterprise software company. You will work on cutting-edge projects in a cloud-first, SaaS environment where you can apply your experience providing strong legal support to help Okta deliver world-class products to our thousands of global customers.

What you’ll be doing 

• Lead and develop Okta’s team of talented, high-performing Cybersecurity and Privacy legal professionals.
• Provide advice and guidance to Okta Security, Engineering, Product, executives, and other stakeholders on compliance with applicable data security and privacy laws and regulations, security/privacy by design, frameworks and industry certifications..
• Lead the legal response for the investigation of potential security incidents, determine legal and regulatory obligations, advise on necessary and recommended responses and provide guidance on mitigation, remediation and resolution efforts.
• Assist in the drafting and presentation of cybersecurity and privacy related materials, including to the Cyber Risk Committee.
• Develop and maintain cybersecurity and privacy legal processes and procedures, including programs and processes, policies, plans, procedures, playbooks and certification programs. 
• Provide early lifecycle stage advice on risk and innovations to speed development.
• Maintain a current understanding of technical controls and assist in the creation of mature audit and monitoring frameworks to support stable, controlled operations.
• Work cross functionally with Compliance, Legal Operations, Product, IP/AI, Litigation and other teams to ensure information security and privacy compliance. 
• Partner with cross functional teams to ensure necessary compliance in security and privacy terms in customer and vendor contracts. 
• Strategically manage outside counsel relationships, including staffing, strategy, work product, day-to-day activity and budgets. 

What you’ll bring to the role

• 12+ years of relevant experience as a practicing attorney, including 5+ years of experience specializing in global cybersecurity, privacy, and data protection matters. In-house experience at a multinational SaaS company is strongly preferred.
• Ability to translate complex global cybersecurity and privacy issues and ambiguity into clear and straightforward legal guidance, to communicate effectively with non-legal internal colleagues and support and inspire innovation across the business
• Expertise in global security, privacy and regulatory frameworks, including NIST, ISO, FedRAMP, PCI-DSS, GDPR, CCPA, CPRA and HIPAA.
• Ability to organize, prioritize and manage deadlines in a fast-paced and demanding work environment, while quickly issue spotting and appropriately prioritizing risk and possible outcomes.
• Demonstrated experience as a strong collaborator and communicator. 
• Familiarity and comfort with the culture of a fast-paced enterprise software company.
• A self-motivated individual with grit who takes initiative and is comfortable rolling up their sleeves. Team-oriented with a sense of humor and high emotional intelligence.
• JD from an accredited law school and be a member in good standing of at least one state Bar. 
• This position requires the ability to access federal environments and/or have access to protected federal data. As a condition of employment for this position, the successful candidate must be able to submit documentation establishing U.S. Person status (e.g. a U.S. Citizen, National, Lawful Permanent Resident, Refugee, or Asylee. 22 CFR 120.15) upon hire.

#LI-CM2

#LI-Remote