Rapid7 is helping organizations around the globe advance securely. Our technology, services, and community-focused research simplify complexity for security teams, helping them reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks. With more than 8,500 customers across 120 countries, Rapid7 is a recognized leader in cybersecurity that has proudly earned numerous industry accolades and strong recognition for our technology and culture. Learn more at www.rapid7.com
As Senior Legal Counsel, Corporate, you will provide guidance and direction in the development, implementation, and maintenance of consistent, company-wide compliance with applicable laws, regulations, and policies related to privacy and export matters. As part of these efforts, you will work with cross-functional partners to drive the continued implementation of Rapid7's privacy and data compliance program, including developing and enhancing corporate privacy policies and business-specific processes and procedures related to privacy. You will serve as the subject matter expert to the company on issues of privacy and export, providing expert advice and strategic operational guidance to all functions across the company.
In this role you will:
Provide counsel, strategic advice and business guidance on privacy and export matters, including compliance with laws, regulations, industry standards, self-regulatory requirements, and best practices.
Understand the technologies that create export, privacy and data security challenges and work with cross-functional partners to address them.
Respond to customer, regulatory and employee inquiries on export, data privacy and data security.
Collaborate with other members of the Legal Team and business functions to analyze and assist with the review and negotiation of privacy and data security contract issues that arise in certain commercial transactions.
Partner with Information Security to manage the company's privacy, data security and data governance training and awareness programs, including development and execution of activities to promote awareness within the company.
Assist the Incident Response Team in the review and coordination of potential privacy or data security incidents, including investigations, notifications, and other resolution efforts.
Assist the Associate General Counsel in the execution and continuous improvement of Rapid7's privacy and data compliance program and other corporate and compliance activities as needed.
In return you will bring:
Admission to and in good standing with the Massachusetts bar (or equivalent with in house waiver/registration).
4-6 years of legal experience in the field of privacy/data protection • IAPP Privacy Certification such as CIPP or CIPM preferred.
Experience advising on customer, vendor and employee privacy/data protection strategies for international commercial organizations.
Very strong interpersonal and communication skills, including the ability to communicate effectively with a wide variety of people, collaborate with diverse business groups, and build interdepartmental relationships at all levels.
Excellent project and time management skills with the ability to handle multiple tasks of varied complexity, set priorities, meet deadlines, and develop process efficiencies where required.
Attention to detail and a “can-do” attitude coupled with a sense of humor and team mentality.