Job Description:
Airbnb is seeking a business-oriented attorney with substantial experience in global cybersecurity laws to join our legal team.
You will be responsible for providing cybersecurity legal support and advice to Airbnb’s global teams and for supporting our Chief Information Security Officer. You must have substantial experience in cybersecurity law, excellent judgment in balancing legal risks with business strategy and a proven ability to function independently in a demanding fast-paced environment. We’re looking for a highly adaptable and collaborative person who can handle ambiguity and rapidly shifting priorities with flexibility, patience, and poise.
This position is US – Remote Eligible. The role may include occasional work at an Airbnb office or attendance at offsites, as agreed to with your manager. Airbnb,Inc. can employ in states where we have registered entities. Currently, employees can not be located in: Alaska, Indiana, Nebraska, North Dakota, Ohio, South Dakota, Wisconsin, Alabama, Mississippi, Oklahoma, Delaware and Rhode Island. This list is continuously evolving and being updated, please check back with us if the state you live in is on the exclusion list. If your position is employed by another Airbnb entity, your recruiter will inform you what states you are eligible to work from.
Primary Responsibilities:
- Assist with the legal response to product vulnerability and information security matters.
- Provide counsel on cybersecurity breach notification and other risks and obligations that flow from network intrusions.
- Counsel IT, information security, and business unit stakeholders regarding the development and implementation of cybersecurity and network incident response plans, bug bounty programs, penetration testing, and compliance with regulations and industry standards regarding network security.
- Advise on secure cross border data transfers per applicable global data protection laws.
- Assist on the drafting and presentation of cybersecurity compliance presentations, exercises and training for the global information security team and the company at large.
- Maintain significant knowledge of the GDPR, Brazilian LGPD, China Cybersecurity Law, and U.S. state and federal information security and cybersecurity laws and regulations.
US Located Required: Yes
Location: Remote
Schedule: Full time
Salary: USD 225K – 280K
