Senior Counsel, Cybersecurity and Incident Management
Dropbox
Dropbox is a Virtual First company. For this role, we are currently only authorized to hire candidates from the following provinces: Alberta, British Columbia, Ontario, and Saskatchewan.
Company Description
Dropbox is a special place where we are all seeking to fulfill our mission to design a more enlightened way of working. We’re looking for innovative talent to join us on our journey. The words shared by our founders at the start of Dropbox still ring true today. Wouldn’t it be great if our working environment—and the tools we use—were designed with people’s actual needs in mind? Imagine if every minute at work were well spent—if we could focus and spend our time on the things that matter. This is possible, and Dropbox is connecting the dots. The nearly 3,000 Dropboxers around the world have helped make Dropbox a living workspace - the place where people come together and their ideas come to life. Our 700+ million global users have been some of our best salespeople, and they have helped us acquire customers with incredible efficiency. As a result, we reached a billion dollar revenue run rate faster than any software-as-a-service company in history. Dropbox is making the dream of a fulfilling and seamless work life a reality. We hope you’ll join us on the journey.
Team Description
Our Legal, Policy, Trust & Privacy teams help keep users and their stuff safe, protect Dropbox, counsel Dropboxers on challenging problems, and are always synced with the Dropbox teams they work with. We deal with novel issues every day while standing up for users and helping the company and product grow.
Role Description
As Senior Counsel, Cybersecurity and Incident Management, you will lead Dropbox’s incident response program and be responsible for cybersecurity counseling. This fast-paced role includes complying with global data breach notification laws, complying with cybersecurity rules and regulations, engaging with regulators, and advising on a wide range of legal issues that impact all aspects of Dropbox’s business. You will also help coordinate a global program that promotes user trust and facilitates company-wide responses to customer- and employee-impacting events. If you are passionate about security, privacy, and incident response, and thrive in an environment of uncertainty, then this role is for you.
Responsibilities
- Investigate and assess security and privacy incidents, analyze legal responsibilities, and drive legal and regulatory responses.
- Lead, and provide legal support to, Dropbox’s incident response program, which deals with a wide range of business issues beyond security and privacy.
- Coordinate a team of on-call business managers that provide 24/7 support to incidents, and manage one incident response attorney.
- Engage and coordinate with leaders and executives throughout the company to respond to business-impacting incidents.
- Provide sophisticated advice to engineers working on security, threat intelligence, and abuse issues.
- Ensure compliance with global cybersecurity laws.
- Promote and foster a culture of trust within and outside of Dropbox.
Requirements
- 5+ years of post-JD legal experience, ideally with experience counseling privacy, security, breach notification, and incident response matters.
- Strong understanding of, and experience with, domestic and global breach notification and cybersecurity laws, including GDPR, HIPAA, US state breach laws, and SEC cybersecurity disclosure rules.
- Familiarity with technology and the ability to interact with highly-technical engineers and security personnel.
- Willingness to support incident response outside of traditional business hours.
- Great people skills and ability to work well in a fast-paced team environment with a wide range of technical and non-technical teams.
- Excellent writing, communication, and organizational skills.
- JD, admitted to a US state bar, distinctive academic record.
Preferred Qualifications
- Basic knowledge of SQL or other query/programming languages is a plus.
- Previous experience at a tech company.
- Previous management experience.
Compensation
The range listed above is the expected annual salary/OTE for this role, subject to change.
Salary/OTE is just one component of Dropbox’s total rewards package. All regular employees are also eligible for the corporate bonus program or a sales incentive (target included in OTE) as well as stock in the form of Restricted Stock Units (RSUs).
Benefits
Dropbox is committed to investing in the holistic health and wellbeing of all Dropboxers and their families. Our benefits and perks programs include, but are not limited to:
- Competitive medical, dental and vision coverage*
- Retirement savings through a defined contribution pension or savings plan**
- Flexible PTO/Paid Time Off policy in addition to statutory holidays, allowing you time to unplug, unwind, and refresh
- Income Protection Plans: Life and disability insurance*
- Business Travel Protection: Travel medical and accident insurance*
- Perks Allowance to be used on what matters most to you, whether that’s wellness, learning and development, food & groceries, and much more
- Parental benefits including: Parental Leave, Fertility Benefits, Adoptions and Surrogacy support, and Lactation support
- Mental health and wellness benefits
Additional benefits details are available upon request.
*Where group plans are not available, allowances may be provided
**Benefit, amount, and type are dependent on geographical location, based upon applicable law or company policy