Associate Counsel, Privacy - Code.org : Job Details

Code.org is looking for an Associate Counsel, Privacy with significant data privacy and security experience in an online product-focused environment; meaningful experience with US and international privacy (e.g., GDPR) and/or K-12 education technology are strongly preferred. In this role, you will lead Code.org's privacy work to ensure we comply with all applicable domestic and international legislation (e.g., student privacy, donor privacy, etc.) and regulatory requirements and support the organization's data security team. Additionally, you will manage Code.org's day-to-day legal needs by providing strategic advice and guidance on a variety of legal issues, such as service provider reviews, contract negotiations, and legislative analysis. As the sole in-house legal role, this is a hands-on position with high visibility and interaction across Code.org teams.

In this role you will:

• Work closely with internal Code.org stakeholders (leadership, product, education, engineering, and security teams) to develop and maintain Code.org's approach to state, federal, and international data privacy and security laws and regulations governing the collection, storage, transmission, and usage of user data (with an emphasis on K-12 education and educational technology products)
• Obtain a deep working knowledge of Code.org education platform operations and apply that knowledge to support product design and to advocate and negotiate privacy/data protection agreements with external parties
• Create and maintain internal and public-facing privacy policies and operating procedures
• Monitor global privacy trends and legislative/regulatory activity in the privacy and data arena
• Communicate with the product, education, and engineering/security teams to assess the impact of new privacy and security laws and regulations
• Provide advice to leadership and relevant internal teams to mitigate data privacy risks, incorporate privacy-by-design and privacy-by-default principles, and ensure alignment with applicable legal requirements and data protection policies and best practices
• Provide legal expertise and advice on a variety of matters, liaising with Code.org's General Counsel (external firm) as needed
• Develop, review, and negotiate Code.org contracts, including donor agreements, service provider agreements, contractor and partnership agreements, data privacy agreements, and licensing agreements
• Track and manage contracts
• Respond to inbound privacy, security, and data-related legal questions
• Provide mandatory staff training and education resources on relevant privacy and security issues and practices
• Maintain and expand Code.org's Trademark inventory in coordination with outside counsel
• Manage key relationships and represent Code.org's interests in the student data privacy community

We seek candidates who have:

• A JD degree and a U.S. state bar membership in good standing
• A minimum of 5 years of combined experience as an attorney (law firm, government, in-house) with a practice emphasis on data privacy and security
• CIPP(US) privacy certification
• Demonstrated experience in evaluating and balancing legal and business risks and providing actionable legal and risk mitigation advice in a fast-paced, ambiguous, informal work environment
• Demonstrated ability to clearly and succinctly explain legal issues to non-legal audiences
• Demonstrated experience driving, prioritizing, and effectively managing cross-functional initiatives, and an ability to work both independently and with multi-stakeholder teams
• Demonstrated experience with contract negotiation and drafting
• Working knowledge (through practice in previous roles) of key data privacy laws and concepts, including FERPA and state student privacy laws, COPPA, CCPA/CPRA and other generally applicable state privacy laws, FTC Act, and GDPR
• Experience with, or willingness to quickly learn, the student data privacy and K-12 education technology privacy environment
• Excellent communication skills and strong attention to detail
• Exemplary personal and professional integrity, sound and practical business judgment, and strong ethical compass; exercises discretion and maintains confidentiality of sensitive information.

We prefer candidates who also have:

• Privacy program management experience
• CIPP(EU) privacy certification
• Significant experience with international data privacy issues (including with GDPR data processing agreements and cross-border transfers)
• Significant experience in an online product focused environment
• Significant experience in the K-12 education technology space

In addition, candidates must:

• Be a U.S. Citizen or Permanent Resident
• Be located in the United States
• Pass a pre-employment background check
• Be willing to travel a minimum of two times per year for team events

Step 1: Informational Interview - learn more about the role and share your experience (30 minutes)Step 2: Homework (~3 hours)Step 3: Interviews with several members of the Code.org team (~3 hours)Step 4: Final Interview (1 hour)Step 5: Reference Checks

All interviews are currently being conducted virtually via Zoom

Our team will review all applications on an ongoing basis and if we believe your qualifications would make a great fit, we'll contact you to schedule an informational interview.

The expected salary range for this position is $125,100 - $139,000. The actual offer will be at the company's sole discretion and determined by relevant business considerations, including the final candidate's qualifications, years of experience, and skillset.