Senior Corporate Counsel - Cybersecurity

Secure Every Identity, from AI to Human

Identity is the key to unlocking the potential of AI. Okta secures AI by building the trusted, neutral infrastructure that enables organizations to safely embrace this new era. This work requires a relentless drive to solve complex challenges with real-world stakes. We are looking for builders and owners who operate with speed and urgency and execute with excellence.

This is an opportunity to do career-defining work. We're all in on this mission. If you are too, let's talk.

Senior Corporate Counsel – Cybersecurity 

Accelerate your career by joining Okta, the World’s Identity Provider, as a member of our Cybersecurity & Privacy Legal team. We free everyone to safely use any technology — anywhere, on any device or app. Our Workforce and Customer Identity Clouds enable secure yet flexible access, authentication, and automation that transforms how people move through the digital world, putting Identity at the heart of business security and growth. As Senior Corporate Counsel – Cybersecurity, you will lead the cybersecurity legal team, helping build a scalable global cybersecurity practice. You will apply your experience when providing legal guidance on cybersecurity and privacy issues and drafting and negotiating information security exhibits, data processing addenda and related commercial documents with some of the biggest names across every industry that trust Okta to help their organizations work faster, boost revenue, and stay secure. You will work on cutting-edge projects in a cloud-first, SaaS environment where you can apply your experience providing strong legal support to help Okta deliver world-class products to our thousands of global customers.

Responsibilities:

• Lead a team of talented, high-performing cybersecurity legal professionals and serve as a point of escalation to provide cybersecurity legal expertise and guidance to executives, cross functional leaders and other stakeholders throughout the organization.
• Advise, draft and negotiate cybersecurity and privacy terms associated with outbound cloud service Master Subscription Agreements, Information Security Exhibits, Data Processing Addendums and other documentation related to sales transactions, while partnering closely with Okta’s Commercial Legal team.
• Provide day-to-day legal support surrounding cybersecurity and privacy-related contract requests and respond promptly and effectively to legal requests from internal clients with pragmatic and business-oriented guidance.
• Provide advice and guidance to Okta Security, Engineering, Product, executives, and other stakeholders on compliance with applicable security and privacy laws and regulations, such as the General Data Protection Regulation, United States’ federal and state regulations, security/privacy by design, frameworks and industry certifications.
• Support the investigation of potential security and privacy incidents, including analyzing relevant legal and regulatory responsibilities, and providing guidance to internal clients on mitigation, remediation and resolution efforts.
• Develop, implement and maintain standards, processes, runbooks and guidance surrounding cybersecurity and privacy-related issues for Go-to-Market transactions, and partnering closely with members of the Legal, Security, Compliance and Engineering teams, among other key stakeholders. 
• Build critical relationships in order to effectively provide practical and strategic advice to assist the business in meeting its objectives, while ensuring information security and privacy compliance. Advise on recommended courses of action and legal risk, with the ability to judge when to escalate identified issues as appropriate.
• Assist in the maintenance and review of various security and privacy programs and processes, including updates to security and privacy policies, plans, procedures, standards, certifications and customer-facing security and privacy documentation.
• Support the procurement team in drafting and negotiating cybersecurity and privacy terms associated with vendor agreements.
• Maintain an understanding of technical controls and assist in the creation of audit and monitoring frameworks to support stable, controlled operations.
• Review cybersecurity and privacy-related marketing and other external communications content for accuracy and completeness. 
• Support the management of outside counsel and consultants, and contribute to other interesting legal projects, as needed.

Required Skills and Experience: 

• 8+ years of relevant law firm and/or in-house experience, including at least 2 years working primarily on cybersecurity and privacy-related transactional matters, preferably at a SaaS technology company. 
• Familiarity and comfort with the culture of a fast-paced enterprise software company and knowledge of SaaS products.
• Experience working with highly-regulated customers, especially those in the financial services industry, preferred.
• Excellent written and verbal communication, presentation, drafting and negotiation skills.
• Sound and practical legal and business judgment, as well as the ability to think strategically and develop strong working relationships with key internal clients.
• Knowledge in global security, privacy and data protection frameworks, including NIST, ISO, FedRAMP, PCI-DSS, GDPR, CCPA, CPRA and HIPAA.
• Ability to maintain strong working relationships with a variety of internal clients and business partners from a variety of functions. 
• A self-motivated individual with grit who takes initiative and is comfortable rolling up their sleeves. Team-oriented with a sense of humor and high emotional intelligence. Ability to organize, prioritize, and manage deadlines.
• Strong academic background and J.D. from highly-regarded school, active bar admission.

#LI-Hybrid

#LI-KC4

(P24905_3376880)

Below is the annual base salary range for candidates located in California (excluding San Francisco Bay Area), Colorado, Illinois, New York and Washington. Your actual base salary will depend on factors such as your skills, qualifications, experience, and work location. In addition, Okta offers equity (where applicable), bonus, and benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. To learn more about our Total Rewards program please visit: .   

The annual base salary range for this position for candidates located in California (excluding San Francisco Bay Area), Colorado, Illinois, New York, and Washington is between: $212,000—$292,000 USD

The Okta Experience

We are intentional about connection. Our global community, spanning over 20 offices worldwide, is united by a drive to innovate. Your journey begins with an immersive, in-person onboarding experience designed to accelerate your impact and connect you to our mission and team from day one.

Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws.

If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please  use this Form to request an accommodation.

Notice for New York City Applicants & Employees: Okta may use Automated Employment Decision Tools (AEDT), as defined by New York City Local Law 144, that use artificial intelligence, machine learning, or other automated processes to assist in our recruitment and hiring process. In accordance with NYC Local Law 144, if you are an applicant or employee residing in New York City, please  click here to view our full NYC AEDT Notice.

Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Personnel and Job Candidate Privacy Notice at  .