Sr. Legal Counsel, Cybersecurity

About The Position

Requirements

• Juris Doctorate Degree, or equivalent international degree
• Active membership in at least one state bar
• 8+ years of experience as a practicing attorney in a law firm, government agency, or in-house legal team, with a substantial number of those years focused on cybersecurity and incident response
• Experience in global privacy and cybersecurity laws and regulations (including, among others, U.S. state laws and international data protection frameworks, GLBA, SEC, and NYDFS cybersecurity requirements, and the EU's GDPR, DORA, and AI Act)

Nice To Haves

• Strategic vision and ability to spot issues and communicate complex legal issues to a variety of legal and non-legal partners across the company
• Experience negotiating, drafting, and updating documents and policies
• Excellent attention to detail and organizational skills. Skilled at managing multiple priorities in a fast-paced environment
• Strong communication and interpersonal skills, with the ability to collaborate effectively with different teams and stakeholders
• Ability to work with a sense of urgency while prioritizing competing interests
• Ability to work independently, and as part of a team, with members across multiple offices in a fast-paced environment
• A client-first mentality
• Ability to maintain strong working relationships with a variety of internal clients

Responsibilities

• Provide expert legal advice to our teams as it relates to managing cybersecurity risks and compliance with global cybersecurity laws and regulations
• Provide legal guidance on regulatory, third-party, and internal security audits, and work with teams to scope and perform periodic security hygiene assessments, mitigation, and remediation
• Help enhance Docusign’s data governance posture, including data governance operations and documentation, employee training on data governance and security obligations, promoting a culture of awareness and compliance throughout the organization, policy enforcement, data compliance program monitoring and auditing, and third-party risk assessment
• Collaborate with the global legal team to align security and data practices across the company, ensuring a unified approach to data protection
• Support building and improving incident detection and response processes
• Provide support and counsel during cybersecurity-related investigations and the response to data incidents, including breach notification and mitigation strategies, to minimize impact and maintain trust
• Remain up-to-date on relevant data security laws and regulations, industry approaches to data governance program management, and on data compliance and security technological developments, threat vectors, and evolving industry standards to provide solutions to complex issues
• Help prepare board and executive presentations, regulatory filings, and other legal disclosures to ensure accuracy and completeness of cybersecurity representations
• Support global AI governance, helping the business teams continue innovating responsibly

Benefits

• Bonus: Sales personnel are eligible for variable incentive pay dependent on their achievement of pre-established sales goals. Non-Sales roles are eligible for a company bonus plan, which is calculated as a percentage of eligible wages and dependent on company performance.
• Stock: This role is eligible to receive Restricted Stock Units (RSUs).
• Paid Time Off: earned time off, as well as paid company holidays based on region
• Paid Parental Leave: take up to six months off with your child after birth, adoption or foster care placement
• Full Health Benefits Plans: options for 100% employer paid and minimum employee contribution health plans from day one of employment
• Retirement Plans: select retirement and pension programs with potential for employer contributions
• Learning and Development: options for coaching, online courses and education reimbursements
• Compassionate Care Leave: paid time off following the loss of a loved one and other life-changing events