About the Position:
We are currently looking for an experienced Privacy & Security Counsel as the lead compliance expert for our business initiatives. We’re seeking a highly motivated, action-oriented privacy expert who is at ease providing data security and compliance guidance. We need a strong leader who can drive the execution of multiple business plans and projects, while partnering with the broader legal, product, and operations team. The successful candidate will be a security professional who is passionate about ensuring compliance as well as providing an exceptional customer experience.
As a Privacy & Security Counsel you will lead compliance and will have the following duties and responsibilities:
- Respond to vendor questionnaires and company RFIs.
- Help to define, maintain, and manage the security risk assessments we must ask our partners.
- Lead aspects of periodic review and update the compliance risk assessment in line with HIPAA, SOC2, and HITRUST. Make sure we’re staying compliant on our procedures.
- Identify areas of risk requiring the establishment or enhancement of internal controls, policies and procedures, products and/or services, and training associated with any compliance obligations.
- Assist in the development and maintenance of compliance training related to the corporate compliance program(s), and conduct any necessary training.
- Maintain an excellent technical knowledge of relevant regulations, keeping up to date with new developments and the latest regulatory position.
- As requested and directed, be responsible for overseeing and ensuring implementation of required operational changes to align with governing laws or regulations.
- Keep management and the compliance team informed and updated with progress.
- Ensure findings are recorded in appropriate systems and follow-up with the relevant individuals and management on the resolution and closure of open issues.
- Ensure that risk areas identified are documented and managed and that risks are escalated to the relevant Individuals.
- Diligently execute security & compliance projects as directed by the Chief Operating Officer or General Counsel.
- 3 years experience on U.S. (federal and state) privacy and cybersecurity laws
- JD or LLM excellent academic credentials
- Member of the California Bar
- CIPP-E and/or CIPP-US
- Comfort working in ambiguous or outdated areas of law
- Knowledge of privacy or cybersecurity-related financial services regulations such as GLBA, FCRA, and the NYDFS cybersecurity regulation
- The confidence to make quick and decisive decisions
- Demonstrated ability to lead and collaborate with cross-functional stakeholders
- Exceptional interpersonal skills
- Intellectual creativity and problem-solving skills that involve taking smart legal risks
- Extensive knowledge of data, technology and privacy innovation trends
What We Offer:
- Competitive Compensation
- Peer bonus system
- Health Benefits
- Flexible Time Off
- STD/LTD Benefits
- ID Theft Protection
- Company Events & Retreats
EaseCentral is an equal employment opportunity employer for all applicants and employees. We do not discriminate on the basis of race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), gender identity, national origin, ancestry, citizenship, age, physical or mental disability, legally protected medical condition, family care status, veteran status, marital status, domestic partner status, sexual orientation, or any other basis protected by applicable local, state, or federal laws. When necessary, we also make reasonable accommodations for disabled employees and for pregnant employees who request an accommodation, with the advice of their health care providers, for pregnancy, childbirth, or related medical conditions.