Senior Counsel, Cybersecurity and Incident Management
Role Description
As Senior Counsel, Cybersecurity and Incident Management, you will lead Dropbox’s incident response program and be responsible for cybersecurity counseling. This fast-paced role includes complying with global data breach notification laws, complying with cybersecurity rules and regulations, engaging with regulators, and advising on a wide range of legal issues that impact all aspects of Dropbox’s business. You will also help coordinate a global program that promotes user trust and facilitates company-wide responses to customer- and employee-impacting events. If you are passionate about security, privacy, and incident response, and thrive in an environment of uncertainty, then this role is for you.
Responsibilities
Investigate and assess security and privacy incidents, analyze legal responsibilities, and drive legal and regulatory responses.
Lead, and provide legal support to, Dropbox’s incident response program, which deals with a wide range of business issues beyond security and privacy.
Coordinate a team of on-call business managers that provide 24/7 support to incidents, and manage one incident response attorney.
Engage and coordinate with leaders and executives throughout the company to respond to business-impacting incidents.
Provide sophisticated advice to engineers working on security, threat intelligence, and abuse issues.
Ensure compliance with global cybersecurity laws.
Promote and foster a culture of trust within and outside of Dropbox.
Requirements
5+ years of post-JD legal experience, ideally with experience counseling privacy, security, breach notification, and incident response matters.
Strong understanding of, and experience with, domestic and global breach notification and cybersecurity laws, including GDPR, HIPAA, US state breach laws, and SEC cybersecurity disclosure rules.
Familiarity with technology and the ability to interact with highly-technical engineers and security personnel.
Willingness to support incident response outside of traditional business hours.
Great people skills and ability to work well in a fast-paced team environment with a wide range of technical and non-technical teams.
Excellent writing, communication, and organizational skills.
JD, admitted to a US state bar, distinctive academic record.
Preferred Qualifications
Basic knowledge of SQL or other query/programming languages is a plus.
Previous experience at a tech company.
Previous management experience.
Compensation
About the job
Apply for this position
Senior Counsel, Cybersecurity and Incident Management
Role Description
As Senior Counsel, Cybersecurity and Incident Management, you will lead Dropbox’s incident response program and be responsible for cybersecurity counseling. This fast-paced role includes complying with global data breach notification laws, complying with cybersecurity rules and regulations, engaging with regulators, and advising on a wide range of legal issues that impact all aspects of Dropbox’s business. You will also help coordinate a global program that promotes user trust and facilitates company-wide responses to customer- and employee-impacting events. If you are passionate about security, privacy, and incident response, and thrive in an environment of uncertainty, then this role is for you.
Responsibilities
Investigate and assess security and privacy incidents, analyze legal responsibilities, and drive legal and regulatory responses.
Lead, and provide legal support to, Dropbox’s incident response program, which deals with a wide range of business issues beyond security and privacy.
Coordinate a team of on-call business managers that provide 24/7 support to incidents, and manage one incident response attorney.
Engage and coordinate with leaders and executives throughout the company to respond to business-impacting incidents.
Provide sophisticated advice to engineers working on security, threat intelligence, and abuse issues.
Ensure compliance with global cybersecurity laws.
Promote and foster a culture of trust within and outside of Dropbox.
Requirements
5+ years of post-JD legal experience, ideally with experience counseling privacy, security, breach notification, and incident response matters.
Strong understanding of, and experience with, domestic and global breach notification and cybersecurity laws, including GDPR, HIPAA, US state breach laws, and SEC cybersecurity disclosure rules.
Familiarity with technology and the ability to interact with highly-technical engineers and security personnel.
Willingness to support incident response outside of traditional business hours.
Great people skills and ability to work well in a fast-paced team environment with a wide range of technical and non-technical teams.
Excellent writing, communication, and organizational skills.
JD, admitted to a US state bar, distinctive academic record.
Preferred Qualifications
Basic knowledge of SQL or other query/programming languages is a plus.
Previous experience at a tech company.
Previous management experience.