Join us as we pursue our disruptive new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun and most importantly to each other’s success. Learn more about Splunk careers and how you can become a part of our journey!
We are seeking a motivated self-starter to join Splunk’s growing Data Protection team in a role that combines legal advisory and compliance functions. In this role, you will make an immediate contribution to the company's continued growth and success by acting as an expert on data protection related issues throughout the organization. This attorney will report to Splunk’s Director, Data Protection - Corporate & Security Frameworks.
Remote work will be considered, preferably from a Pacific or Mountain Time location.
Personal Characteristics and Skills: How can I succeed at Splunk?
The successful candidate will:
- Work independently as well as collaboratively with a strong desire to make a meaningful impact
- Be strategic and capable of influencing others
- Work effectively in a dynamic environment across different functional groups, time zones and cultures
- Be flexible, creative and smart—show initiative, perseverance, resourcefulness, a willingness and a desire to handle a variety of legal issues while maintaining a sense of humor
- Have strong interpersonal and project management skills
- Have a history of developing relationships of trust and confidence with business partners
Responsibilities: I want to and can do that!
The successful candidate will:
- Advise and guide HR, Marketing, Internal Audit, Security and Business Development, as well as other Legal Department colleagues
- Be knowledgeable about strategically important laws and regulations in the EU and the US, such as GDPR, the ePrivacy Directive/Regulation, HIPAA, CCPA/CPRA and related state and federal legislation
- Support development and maintenance of Splunk’s SaaS-standard security programs, such as SOC2, ISO 27001, HIPAA, PCI, and FedRAMP
- Support M&A due diligence and integration activities
- Serve as an escalation point to Commercial Legal on HIPAA matters
- Manage privacy policies, procedures, documentation, company guidance, and escalations on employee data subject access requests and records of processing activities
- Help ensure adherence to international data protection laws, while enabling the development and execution of business initiatives
- Help develop Splunk’s privacy and data protection practices globally
- Perform other legal responsibilities as requested
- JD degree with excellent academic credentials
- License to practice law in US (or in-house equivalent)
- Minimum of 6-9 years of experience in representing clients in privacy and data protection matters in the US and Europe, preferably for a technology company and/or law firm
- Demonstrated knowledge of global privacy and data protection laws
- Written and spoken fluency in English
- Understanding of cloud computing, SaaS infrastructure and emerging technologies
- Excellent analytical, written and verbal skills with the ability to present information/complex legal matters clearly and concisely
- Experience with OneTrust a plus
- Significant experience with requirements of SaaS security certifications and programs, such as SOC2, ISO, HIPAA, PCI-DSS, and FedRAMP
We value diversity at our company. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying.
For job positions in San Francisco, CA, and other locations where required, we will consider for employment qualified applicants with arrest and conviction records.
(Colorado only*) Minimum base salary of $125,000. You may also be eligible for incentive pay + equity + benefits.*Note: Disclosure per sb19-085 (8-5-201 et seq).