Principal Counsel, Cybersecurity Legal

Netflix•Los Angeles, CA

13d

About The Position

At Netflix, our mission is to entertain the world. Together, we are writing the next episode - pushing the boundaries of storytelling, global fandom and making the unimaginable a reality. We are a dream team obsessed with the uncomfortable excitement of discovering what happens when you merge creativity, intuition and cutting-edge technology. Come be a part of what’s next. The Opportunity We are looking for a business oriented cybersecurity lawyer to join our Privacy and Data Security Legal team. You’ll provide strategic legal counsel on cybersecurity related issues impacting Netflix’ business and products across the globe, working alongside our security and privacy assurance team. This role will report to the VP of Privacy and Data Security, Legal. Your work will include: Monitoring, assessing and advising on cyber security laws and regulations and their impact in collaboration with our government affairs and legal compliance teams, Provide legal counseling in support of our information security programs, including risk assessments, vulnerability management, threat modeling, bug bounty program, etc. Providing support and counsel during cybersecurity-related investigations and the response to cybersecurity and data privacy incidents, including breach notification and mitigation strategies, Providing legal guidance on regulatory, third-party, and internal security audits, and working with teams to scope and perform periodic security hygiene assessments, mitigation and remediation, and Drafting and negotiating data protection and cybersecurity agreements

Requirements

Significant experience in cybersecurity legal practice, with a deep knowledge of global cybersecurity laws, and regulatory and other guidance and standards. You will also need a JD or equivalent and admission to at least one US state bar.
Deep understanding of applicable cyber frameworks and standards, global regulatory landscapes, and emerging national security cyber laws.
Experience advising on security by design principles, incident response management, and developing strategies to implement requirements from new laws and regulations.
Experience managing legal response to cyber incidents, including coordination across the enterprise with interdisciplinary teams.
Proven track record of working collaboratively with diverse business units and across regional legal teams, translating complex legal concepts into simple and actionable items for the business.
A proactive, pragmatic and positive mindset toward emerging challenges and a proven ability to exercise sound business and risk-based legal judgment under pressure within tight timeframes.
Ability to lead, take action, and provide direction in the face of ambiguity.
Ability to partner at all levels of the organization.

Responsibilities

Monitoring, assessing and advising on cyber security laws and regulations and their impact in collaboration with our government affairs and legal compliance teams
Provide legal counseling in support of our information security programs, including risk assessments, vulnerability management, threat modeling, bug bounty program, etc.
Providing support and counsel during cybersecurity-related investigations and the response to cybersecurity and data privacy incidents, including breach notification and mitigation strategies
Providing legal guidance on regulatory, third-party, and internal security audits, and working with teams to scope and perform periodic security hygiene assessments, mitigation and remediation
Drafting and negotiating data protection and cybersecurity agreements