Privacy and Security Counsel

Job Description

  • Job Title Legal

Description

Position Summary

This position will support Rimini Street and its clients to comply with global privacy and security regulations.

The Security and Privacy Counsel will report to the Director and Managing Counsel, Privacy as part of the Ethics and Compliance Department.

Essential Duties and Responsibilities

  • Partner closely with the security, product, service delivery, sales, and marketing departments to assess potential data, privacy and security risks and regulatory controls and governance for Rimini Street and client products and technologies.
  • Ensure Rimini Street’s cybersecurity controls comply with Rimini Street’s policies and procedures, as well as global regulatory requirements and vice versa.
  • Design strategy to align with internal and external security teams on, incident response, threat detection, containment, and mitigation.
  • Align and merge Rimini Street’s privacy and security policies for mutual support and simplicity.
  • Review and provide guidance and legal support on security plans and audits.
  • Develop and maintain effective policies, procedures, and documentation to demonstrate compliance; and further develop integrated strategies across Rimini Street to optimize new data use and innovations for customer benefit.
  • Advise on the continued development and improvement of policies and procedures, supporting all aspects of Rimini Street’s incident response and security program.
  • Help influence and shape data security and incident management, cross border data flows, and support for regulated data and spaces.
  • Provide legal analysis, cross-jurisdictional comparison, and other resources to the company’s Question and Answer database, contracting playbooks, and sales enablement platforms.
  • Review laws and guidance to provide advice to Privacy team, as well as Legal and Ethics and Compliance departments.
  • Contribute to, help manage, and support Privacy team initiatives and operations, as needed.
  • Qualifications/Skills/Experience

    Education

  • J.D. degree and membership in at least one state bar preferred.
  • Location

  • Remote - U.S.
  • Required Experience, Skills and Attributes

  • Minimum 3-5 years of relevant privacy experience working with privacy laws and principles and relevant cybersecurity experience (including prior in-house or law firm experience) supporting threat detection, investigation, containment and mitigation
  • Experience with information security standards, frameworks, risk assessments, and certification processes (e.g., SOC 1, 2 & 3, ISO/IEC 27001, 27002 & 27005, NIST, etc.)
  • Experience with both US and global cybersecurity laws, regulations, and standards
  • Proven track record of advancing large, sophisticated projects.
  • Ability to communicate effectively with all levels of the organization.
  • Strategic problem solver with excellent legal and business judgment including demonstrated experience assessing information for risk mitigation opportunities.
  • A meticulous, business-friendly teammate who can think creatively.
  • Strong understanding and experience with both domestic and international privacy and security requirements.
  • Exceptional interpersonal skills with a great sense of humor and commitment to professionalism.
  • Experience working collaboratively and effectively with cross-functional teams.
  • Preferred Experience, Skills and Desired Attributes

  • One or more privacy or security certifications
  • Experience maintaining and or collaborating on a knowledge base
  • Familiarity with software development, tech, security, privacy or IP industry
  • Comfortable working remotely from a home office
  • Experience supporting an internal sales organization
  • Inherent respect for a variety of cultures
  • Openness and interest in international legal standards
  • #LI-Remote 

       
    Apply

    There is something wrong with this job ad? Report the error