Title:  Director, Legal

Job Summary

As Director, Senior Privacy Counsel for NetApp, you will lead NetApp’s global Data Privacy and Governance team reporting to the Vice President, Chief Privacy Officer.  You will be responsible for developing and implementing NetApp’s privacy compliance program worldwide to build trust with our customers and stakeholders. In conjunction with product counsel, you will advise on data privacy compliance as it relates to NetApp’s products and services and actively engage with and manage our global privacy champions program to help scale privacy operations in compliance with applicable laws.  You will be responsible for assessing privacy operations to determine regulatory risk and educating and advising our employees on data privacy, cybersecurity, and data governance legal compliance. 
Our legal department is change and innovation-oriented and seeks to hire top notch leaders around the world with deeply aligned values and a desire to win!

At NetApp Legal, we believe our team should be a role model for the company’s values and culture, and can create competitive advantage for NetApp through partnership, service, and integrity.  We also believe in having fun while we are at it.
 

Job Requirements

This is not an exhaustive listing of job functions. The Director will perform other duties as assigned by the Vice President, Chief Privacy Officer.  Your responsibilities will include:

•    In conjunction with the Vice President, Chief Privacy Officer, develop the strategy for privacy compliance with respect to privacy policies and procedures, training plans, testing and monitoring plans, metrics and risk assessments, and other operational activities. 
•    Lead Netapp’s Data Privacy and Governance Team, including defining personal goals and performance management of the group, fostering a culture of inclusion and belonging, and building a cohesive and collaborative team.
•    Serve as subject matter expert in data protection, privacy, and data governance laws for NetApp’s product and commercial counsel and stakeholders within various business units.
•    Establish strong working relationships with legal department colleagues and key leaders in NetApp business units.
•    Raise awareness of privacy issues and help create a culture of privacy compliance and data governance awareness, including through management of the privacy champions program.
•    Advise on and maintain documentation of data protection impact assessments, privacy assessments, transfer impact assessments, cross border data flows, data subject requests, and privacy incidents across a global organization. 
•    Perform privacy assessments of new and existing products and services, tools and processes using risk-based prioritization and automation tools.  
•    Support M&A activities and follow up integration related to privacy, cybersecurity, and data governance due diligence and obligations.
•    Develop and deliver privacy training across the organization.
•    Develop content addressing legal and regulatory requirements of interest to our customers, partners, and stakeholders for Trust Center publication (SIG, CAIQ-lite, HIPAA, FinServ, etc). 
•    Develop and maintain policies, processes, playbooks, trainings, and reference materials relating to privacy requirements to support sales and sales operations.
•    Act as DPO for Germany and other EEA countries, as may be required. 
 

Education & Skills

The successful candidate’s profile shall ideally include:

•    Law degree and 5-7 years’ experience in a combination of private practice and in-house counselling. 
•    Licensed to practice law in the U.S. or EEA and in good standing with the relevant licensing authority. 
•    Expertise in global privacy laws, including frameworks and standards relied on by regulatory bodies. 
•    Expertise in global cybersecurity, data protection, and data governance laws.
•    Keen business sense and ability to distill legal theory to practical advice.
•    Experience in operationalizing global data privacy requirements.
•    Highly analytical with strong attention to detail.
•    Ability to communicate with intention both speaking and in writing, including to executives.
•    Ability to thrive in a high performance, fast-paced environment and to multitask, prioritize effectively and meet deadlines.
•    Team-oriented, with a good sense of humor and high level of integrity, responsibility and professionalism, and the ability to build relationships and collaborate across functions. 
•    Commitment to diversity, inclusion, and belonging.

Candidates with the following skills and experience are preferred:

•    Familiarity with industry standards relating to information systems management and security controls, such as NIST Risk Management Framework, ISO 27001, NIST 800-53, and SOC 2.
•    Experience in-house with an IT or technology company covering multiple jurisdictions, including at least the US and EEA.
•    Knowledge and experience with enterprise cloud privacy risks.
•    Understanding of legal risks in supply chains for software and cloud services.
•    Familiarity with OneTrust platform.

 NetApp has a flexible hybrid working model supporting working from home, the office or a combination of the two.