Director & Counsel, Data Protection & Policy Remote, Germany

Company: CrowdStrike

About CrowdStrike:

CrowdStrike started with a mission to revolutionize the entire approach companies take to security. CrowdStrike has disrupted the multi-billion-dollar endpoint security market with innovative technology, services delivery, and intelligence gathering.  Our groundbreaking technology ensures that organizations can not only defend themselves but also do so in an efficient and future-proof manner. Today, the company continues to drive major innovations around AI/machine learning, behavioral-based prevention and detection, stay ahead of adversaries.   We are one of the World's Most 50 Innovative Companies according to MIT, and one of Forbes Most Promising Companies.  

We have raised significant financing and received a number of exciting awards including:

  • March 2019: Named Leader in the Forrester Wave: Cybersecurity Incident Response (IR) Services Q1 2019 report.
  • September 2018: Named to Forbes 2018 Cloud 100, the definitive list of the top 100 private cloud companies in the world.
  • June 2018:  Closed over $200 million, led by General Atlantic, Accel and IVP, with participation from March Capital and CapitalG (Google), achieving a valuation of more than $3.3 billion.
  • May 2018: CNBC Disruptor 50 List Second Year in a Row.
  • April 2018:  CrowdStrike Wins SC Award for Best Security Company Second Year in a Row.

About the Role 
The is a newly created cross-functional position on our privacy team. As Privacy Counsel, you will work remotely, reporting directly to our VP & Counsel of Privacy & Cyber Policy to facilitate and maintain CrowdStrike’s data protection initiatives, with a particular focus on applicable German and EU member state laws. Your responsibilities will include conducting data protection impact assessments and providing practical legal advice on data protection compliance and best practices related to internal business operations, including marketing campaigns, website development, vendor selection, and employee privacy.

Additional responsibilities

  • Maintain records of personal data processing activities and respond to data subject requests.
  • Develop and conduct privacy training and interact with employees at all levels of the organization and relevant third parties to build awareness on the importance of data protection compliance.
  • Conduct data protection impact assessments, assist our security compliance team as needed with vendor assessments, audits, and investigations.
  • Assist with monitoring of compliance with applicable data protection requirements.
  • Monitor legal and regulatory changes that impact CrowdStrike’s business and regularly update the data protection program based on emerging risks and best practices.
  • Serve as knowledgeable internal data protection, employee privacy, and consumer protection resource with subject matter expertise in German and EU law on a wide range of key areas, including GDPR, BDSG, German Telecommunications Act, anti-spam laws, and the E-Privacy Directive.
  • Draft privacy policies and notices, data protection agreements, and practical legal guidance.
  • Proactively identify opportunities for improvement and create data protection solutions across various areas of the business.
  • Collaborate with CrowdStrike’s Legal team as needed to assist with negotiations, improve agreements, and share knowledge.
  • Occasionally interact with customers to facilitate understanding of CrowdStrike’s data protection compliance.

What You’ll Need 

  • Full qualification as a German attorney, including university degrees in German law and successful passage of 1st and 2nd state examination.
  • 2-5 years data protection law experience working with a law firm or as in-house counsel.
  • Professional fluency in German and English.
  • Knowledge of GDPR, BDSG, German Telecommunications Act, E-Privacy Directive, anti-spam and other workplace privacy and consumer protection laws.
  • Awareness of global privacy laws, data localization laws, and best practices.
  • Understanding of cloud-based SaaS technologies, cybersecurity, digital marketing, big data analytics, and general business operations.
  • Knowledge of Data Protection Authorities, international data transfer mechanisms, and regulatory obligations.
  • Ability and willingness to tackle other areas of privacy law as needed.
  • Team player who welcomes responsibility and thrives in an intense, fast-paced environment.
  • Resourceful self-starter who enjoys wearing multiple hats and digging into challenging projects, big and small.
  • Experience in operationalizing data protection programs and implementing practical solutions across departments.
  • Ability to effectively communicate legal and compliance issues verbally and in writing in a clear and understandable manner; strong interpersonal skills.
  • Demonstrated ability to be proactive, exercise independent judgment and strong work ethic.
  • Ability to travel and work varying hours to accommodate global workforce, as needed.

Bonus Points:

  • Experience working with diverse cultures. 
  • Experience working remotely.
  • Experience working in a startup environment, in cybersecurity, in technology, or in a SaaS company.
  • Experience interacting with data protection regulators.
  • Fluency in additional languages.

Benefits of Working at CrowdStrike:

  • Market leader in compensation and equity awards
  • Competitive vacation policy
  • Comprehensive health benefits
  • Paid paternity and maternity leave, including adoption
  • Flexible work hours and remote friendly environment
  • Wellness programs
  • Peer recognition
  • Inclusive culture focused on people, customers and innovation
  • Regular team activities, including happy hours, community service events 

 CrowdStrike believes that diversity and inclusion among our organization is essential to our success as a global company, and we seek to attract, retain and empower the industries best and brightest from a diverse talent pool. 

 CrowdStrike is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. 

Vacancy page :