Who You Are:
What You'll Do:
How You Will Succeed:
- In conjunction with the General Counsel, develop and lead on strategic aspects of privacy, security, and compliance laws and their applicability to Formstack operations and agreements.
- Develop and maintain policies, workstreams, strategies, and tactics for Formstack privacy, security, and compliance program and contracting process.
- Collaborate across the organization to design and implement enhancements to our global privacy, security, and compliance program, to embed global privacy, security, and compliance best practices, standards, and guidance, as well as to manage incident response processes.
- Review and negotiate agreements to ensure that contracts meet all requirements, policies, and practices, ensuring successful and timely implementations.
- Working closely with members of Formstack Sales and Support Teams, further develop privacy templates and playbooks for commercial transactions globally, and act as a source of expertise for privacy and data protection issues in the team.
- Advise on key privacy and data protection risks and devise effective risk minimization strategies and compliance initiatives.
- Advise on and negotiate complex data protection/privacy provisions within Formstack’s external agreements.
- Identify requirements of applicable data protection laws and regulations and coordinate to ensure proper data processing and transfer between jurisdictions.
- Evaluate projects involving personal data, ensure data registries are updated, conduct privacy impact assessments, develop practical risk mitigation strategies, and communicate clear requirements to stakeholders.
- Build strong relationships of trust and confidence with internal and external stakeholders to ensure early engagement and align business activities with Formstack policies, legal requirements, and best practices.
- Continuously develop skills and knowledge of the compliance landscape and relevant industries through research, due diligence, training, benchmarking, and other means.
What We Are Looking For:
- Juris Doctor (“JD”) degree from an ABA-accredited law school
- 5-10 years of direct experience in privacy, security, and compliance program management in a consumer-facing corporate environment or negotiating technology-related contracts preferred
- Experience advising on privacy and data protection, with an understanding of key global privacy regimes, in particular in GDPR and CCPA/CPRA
- Experience negotiating complex commercial contracts
- Strong drafting, analytical, and critical thinking skills as well as commercial acumen
- Fully fluent and able to draft contracts in English
- Excellent legal and business judgment to communicate effectively with all levels of the organization.
Competitive health plans, Dental, Vision, Disability, and Life Insurance Benefits for US and Canadian full-time employees.- Monthly Health & Wellness and Technology stipends
- Half-day Fridays
- Unlimited PTO for all employees.
- 401k & Roth w/ safe harbor match (the US and Canada)
- The most up-to-date technology, including company-issued Macs, the latest software, and other tools needed to excel at your job
- Company-paid conferences and extended learning opportunities
- Yearly company and team gatherings
Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every qualification. Formstack is dedicated to building a diverse, inclusive, and authentic workplace. if you’re excited about this role, but your experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.
Formstack is an equal-opportunity employer. We are passionately committed to equitable hiring and boldly dedicated to diversity in our work and staff. We do not discriminate in employment opportunities or practices based on actual or perceived race, color, religion, national origin, sex (including pregnancy, childbirth, or related conditions), age, marital status, sexual orientation, gender identity or expression, veteran status, uniform service member status, disability or any other characteristic protected by law. Women, people of color, bilingual and bicultural individuals, LGBTQ+ persons, and people with disabilities are encouraged to apply.
All data collected in our application process, from resume collection to application questions, is used for recruitment purposes only. We will store it in our applicant tracking system, Lever, and will not share this data with anyone else. We will keep your data until the role is filled and only continue to store it if we feel you may fit future roles.