Summary: Meta is seeking a highly motivated counsel to lead its global cybersecurity legal team and advise the company on a broad range of security initiatives for Meta. The role will support Meta’s security teams (X-Sec) while working closely with business, engineering, operations, policy, and product teams, as well as other teams across Meta Legal.The position will be responsible for counseling our X-Security and Governance, Risk and Compliance (GRC) teams as we pursue our objectives of maturing our security capabilities at scale; identifying and addressing our top security risks (including data access management, potential compromise of Meta data and systems, and security of our AI products and models);meeting and exceeding our legal and regulatory compliance obligations (including SEC Rules, NIS2, FTC, and other existing and emerging global regulatory regimes); and enabling the company to continue to deliver on our product roadmap. This position will also serve as a critical leader for the company’s Regulatory Readiness function for cybersecurity.Required Skills: Director and Associate General Counsel, Cybersecurity Responsibilities:
Lead a global team of experienced attorneys in building and maintaining a best-in-class cybersecurity legal function for Meta
Provide mission-focused legal advice to the CISO and X-Sec and Global Risk Compliance leadership and teams as it relates to managing cybersecurity risks and compliance with global cybersecurity laws and regulations
Oversee outside counsel engagements relating to our cybersecurity program and matters
Ensure our cybersecurity systems and controls comply with global regulatory requirements and serve as a critical leader for our overall Regulatory Readiness processes
Review and provide guidance on security plans and audits, such as SOC2 and SOC3 certifications, as well as GRC programs and controls testing
Build, support, and improve incident detection and response processes
Provide support and counsel during cybersecurity-related investigations
Provide legal support to those teams protecting Meta and our users from abuse by malicious actors
Support the defense of Meta in legal and regulatory engagements and matters relating to cybersecurity
Support security programs concerning MFT security, our AI models and systems, Reality Labs and the metaverse, red teams, Bug Bounty, third party assessments, location-based risk, infrastructure and data centers, and subsea cables.
Minimum Qualifications: Minimum Qualifications:
J.D. (or foreign equivalent) and active membership in at least one bar jurisdiction
12+ years of legal experience, including substantial work in cybersecurity
10+ years people management experience including managing leaders and managing remotely across regions, proven track record of attracting, scaling and developing teams
Experience communicating effectively to all levels of the organization, including executives
Experience conducting and supporting global incident response processes and cybersecurity investigations
Global regulatory experience, including with GDPR, NIS/NIS-2, SEC, FTC, and state regulatory regimes
Preferred Qualifications: Preferred Qualifications:
Experience working with law enforcement and/or intelligence community authorities
Experience managing, investigating and/or prosecuting cybersecurity matters
In-house counsel experience
Experience working with regulators, data protection authorities, financial institutions, and/or Internet industry associations
Experience with cybersecurity standards, frameworks, risk assessments and certification processes, e.g., SOC 1, 2 & 3, ISO/IEC 27001, 27002 and 27005, NYDFS, and/or the NIST Cybersecurity Framework
Experience working on policy issues related to cybersecurity, investigations, and privacy
Public Compensation: $352,000/year to $407,000/year + bonus + equity + benefitsIndustry: InternetEqual Opportunity: Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment.Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at [email protected].