Corporate Counsel, Marketing and Privacy — Elastic

We seek to hire a Corporate Counsel, Marketing and Privacy to join our legal department in this fast growing, truly globally distributed company.  This is an optionally remote position that will be ideal for a self-sufficient and resourceful mid-level attorney. 

We’re looking for someone with the ability to learn quickly and enthusiastically with great interpersonal skills, who is effective at collaborating across multiple teams and building strong relationships with stakeholders.

You'll be serving as primary contributor for review of all data privacy matters related to vendor agreements.  This includes training the vendor legal team on the analysis and negotiation of data privacy matters related to vendor agreements and/or reviewing and negotiation vendor data privacy provisions and DPAs.

This position will also assume a knowledge leadership role within the legal team on all privacy and data protection matters across the legal team.  This includes serving as the primary point of escalation for all privacy matters relating to deals as well as providing guidance on privacy standards applicable to Elastic’s legal templates and negotiation fallback positions.  

What You Will Be Doing:

• Supporting our marketing team with a focus on all aspects of data privacy associated with lead generation and management
  • This includes advising and counseling on relevant legal principles worldwide and collaborating with the marketing team to achieve lead generation goals while staying compliant with applicable data privacy and protection laws

• Collaborating with the demand generation team, the partner marketing team, the various regional marketing teams and the community team to develop guidance and implement privacy programs in support of each team’s mandate
  • These include, for example, participation in partner or regional events and/or co-marketing programs, market development fund programs, and contest design and implementation

• Working with others on the legal team to maintain our data privacy and information security legal templates and terms
  • This includes staying current on developments in data privacy matters worldwide and being able to pragmatically incorporate any new requirements into the existing templates

• Developing a collaborative and trusted relationship with our information security team
  • This includes coordinating the escalation of contractual provisions that require InfoSec review and providing timely assistance in attaining and maintaining our essential security credentials (SOC2, ISO 27001, FEDRAMP, etc.) and assisting in response to data security incidents

• Maintaining our public facing privacy statements
  • These include our general privacy statement, product privacy statement, cookie statement, candidate privacy statement and California and/or EU privacy statements

• Working with our HR and InfoSec team to develop, implement and communicate privacy policies relevant to our handling of personal data of applicants, employees and customers
  • This will include providing guidance and training based on regional privacy requirements and/or relevant operational roles

What You Bring Along:

• Solid experience in both commercial transactions and data privacy matters
• Your commercial experience includes familiarity with direct and partner marketing initiatives related to implementation of such initiatives
• Your data privacy experience includes negotiating data processing agreements and working collaboratively across multiple teams to build consensus on data privacy matters
• You have excellent judgment, are able to balance competing demands on your time, independently function in a fast-paced environment, and can handle ambiguity and rapidly shifting priorities with flexibility, patience and humor

Bonus Points If You Have:

• Juris Doctor degree from a top law school
• 3-5  years of domestic and international data privacy/data protection law experience including developing and implementing data privacy programs within a rapidly-growing technology company or in a top law firm advising rapidly-growing technology companies
• Solid understanding and ability to interpret and implement relevant data protection laws and regulations, including GDPR, PIPEDA, HIPAA, GLB and CCPA
• Solid understanding and interest in information security principles and requirements and in integrating applicable security standards (SOC, ISO 27001, FEDRAMP) with the information security requirements of a privacy program
• An enthusiasm for training, team building, collaboration and process development combined with a willingness to learn and teach tools for managing complex data flows
• Experience and confidence with negotiating complex data privacy and information security issues and with teaching others how to do so
• A strong work ethic and the ability to prioritize and drive to results with a high emphasis on quality and professionalism