Privacy and Cybersecurity Counsel

orange eventbrite favicon logo
  • Individual Contributor
  • TSPA Members
  • Anywhere
  • Experience level: 6-8+ years

Website Eventbrite

This content was reproduced from the employer’s website on October 16, 2021. Please visit their website below for the most up-to-date information about this position.

THE CHALLENGE
In the last decade, Eventbrite has grown from a small US company to a complex NYSE-listed global business, empowering event creators to host memorable experiences for consumers in over 170 countries. Accompanying this exciting growth is the number of complex privacy regulations that our business teams need to understand and react to quickly to ensure we comply and protect customer trust in our marketplace.
THE TEAM
The Eventbrite Legal team collaborates with all areas of the business to develop proactive strategies and solutions that drive business growth while satisfying legal requirements and accounting for appropriate legal risk.
We’re a close knit Legal team. We work hard but try not to take ourselves too seriously. We are agile, highly adaptable and always go the extra mile to grow and protect the business. Above all else, we are creative problem solvers and set high expectations for ourselves as teammates and advisors to the business.
THE ROLE
As Privacy and Cybersecurity Counsel, you’ll build out a best-in-class data protection program and serve as the lead attorney for our cybersecurity incident response procedures.
You’ll counsel our product, engineering and cybersecurity teams on applicable global privacy regulations and you’ll get to see your impact immediately as we bring our products to market. You’ll also own our cybersecurity incident response program. This includes enhancing our incident response plans, leading all aspects of an investigation in the event of an incident, partnering with security on remediation measures and counseling cross-functional partners on global data breach notification requirements and communication plan strategies.
The role is high-visibility, high impact and requires you to have a hands-on approach to lawyering. If you’re looking to get exposure, breadth and ownership in your legal practice, join us!

YOU WILL

    • Own and build new cyber incident readiness processes for Eventbrite to mitigate legal and security risk
    • Partner closely with security, risk and compliance to identify gaps and implement best practices for our cyber incident response protocols
    • Build out and enhance Eventbrite’s privacy compliance program continuously localizing practices while anticipating and tracking future regulatory changes
    • Counsel product, engineering and data science teams on global privacy requirements as they take an idea from conception to launch
    • Scale and run ongoing privacy program efforts, including data retention, the new EU Standard Contractual Clauses, data mapping initiatives and our privacy tools and systems
    • Advise and educate Eventbrite executive leadership and conduct manager trainings on the impact of applicable regulations (e.g., CPRA)

THE SKILL SET

    • J.D. required, admitted to any state bar
    • 6-8+ years of combined legal experience at a global firm and/or in-house legal department of a technology company
    • Experience managing and responding to cyber incidents (either in-house or as outside counsel) and aligning cross-functional teams on a response plan
    • Experience identifying gaps and developing proactive strategies to enhance a company’s cyber readiness strategy, including drafting and implementing new policies and protocols
    • Solid understanding and counseling experience with global privacy law requirements (e.g., GDPR, e-Privacy, CCPA, LGPD, CPRA, etc.)
    • Excellent written and verbal communication skills with a passion for educating business teams on privacy issues
    • Ability to own and drive cross-functional projects

BONUS POINTS

    • Running executive-level tabletops with data breach hypotheticals
    • Designing vendor management programs
    • Data breach litigation experience
    • Drafting and negotiation experience with data protection provisions of commercial agreements
    • CIPP or CISSP
    • Thought leader in the privacy space
    • Active Eventbrite user that enjoys live events

To apply for this job please visit jobs.lever.co.