Senior Legal Counsel, Data Protection

LegalRemote, Washington D.C. Plano, Texas Durham, North Carolina Georgia


Splunk is here to build a safer and more resilient digital world. The world's leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. While customers love our technology, it's our people that make Splunk stand out as an amazing career destination and why we've won so many awards as a best place to work. If you become a Splunker, we want your whole, authentic self - what we call your "million data points". So bring your work experience, problem-solving skills, and talent, as well as your joy, your passion, and all the things that make you, you.
Role Summary
We seek an experienced Security and Incident Response Legal Counsel to join our Data Protection Legal team within our Innovation Legal group. The successful candidate will be an attorney with expertise in security advisory and incident response (cyber, physical, operational). You will work closely with members of Splunk’s Global Security team and Product & Technology teams to manage incident response, advise on numerous security / resilience issues, drive operational improvements, and create programs and resources for various partners within the business. The role will report to Splunk’s Director, Data Protection for Resilience, Trust, and Security. Splunk is based in the San Francisco Bay Area; for this position, we need an attorney based in the U.S. Eastern timezone, preferably licensed to practice law in the United States.
What you'll get to do
  • Manage legal-side handling of incidents, whether arising from cybersecurity events, physical security events, or operational events, and whether discovered through customer escalations or internal or external threat detections - in partnership with various incident command centers in the business. This includes:
    • identifying potential legal risks related to such incidents and how to mitigate them
    • explaining to internal team members what notifications may be required (whether to customers, regulators, and/or individuals)
    • directing the creation of, or creating, any legal work product required for the incident
    • reviewing, or preparing, draft notifications, internal guidelines, and public postings about such incidents
  • Advise on (including creating/reviewing/editing) public posts/resources regarding:
    • Product vulnerabilities and their ramifications as well as mitigations/remediations
    • Service outages and their causes and remediations
    • Splunk’s security profile, security commitments, and supporting operations
  • Continually propose/advise on operational recommendations/legal requirements - based on staying a subject matter expert on direct or indirect security / resilience regulatory and technical certification requirements (including SOC2, ISO, HIPAA, PCI-DSS, and U.S. and various global federal regulations and guidelines on security / resilience, relating to critical services providers, and for the public sector, financial services sector, and health sector), customer demands, and industry trends - for business units focused on the following:
    • Product security programs and efforts, including secure software development lifecycle (SDLC), change management, access and user management, password management and authentication controls, encryption and key management
    • Threat detection and monitoring programs, efforts, and tools, including Splunk tool development and use of third-party tools, as well as threat intelligence sharing arrangements
    • Vulnerability management programs and efforts, including penetration and other security testing, bug bounty programs, etc.
    • Corporate and product-specific security policies, standards, and procedures, as well as on internal security testing, training and awareness programs and campaigns
    • Other security functions including physical security, human resources security, security architecture, security engineering, and vendor security
  • Create resources and trainings for the Legal and Field Sales organizations on key security / resilience topics, trends, and operations
  • Partner with Data Protection Legal Commercial colleagues to:
    • Advise on customer inquiries and escalations on security / resilience topics
    • Identify and draft amendments to security contractual terms and new templates or clauses as required
    • Create and provide training to Commercial Legal and Field Sales organizations on security / resilience topics


Must-have Qualifications
  • 10 years minimum experience in managing legal-side incident response, including relating to security and operational issues
  • 6 years minimum experience building data protection / security / resilience programs and shepherding supporting operations with the business
  • 4 years minimum experience advising on drafting and negotiation of contractual provisions relating to data protection / security / resilience, such as in Data Processing Agreements and Information Security Addenda
  • Foundational knowledge of security / resilience regulatory and technical certification requirements (including SOC2, ISO, HIPAA, PCI-DSS, and U.S. and various global federal regulations and guidelines on security / resilience, relating to critical services providers, and for the public sector, financial services sector, and health sector)
  • Good grasp of the commercial requirements of key data protection / security / resilience compliance programs in the EU/US/APAC (GDPR, CCPA, NIS2, DORA);
  • Experience with SaaS, cloud computing, and enterprise software (in-house experience strongly preferred)
  • Great ability to provide legal advice and appropriate level of detail when communicating with internal business stakeholders
  • Be proactive and demonstrate initiative, resourceful, and strong work ethic
  • Strong written and verbal communication skills in English, with ability to speak and write clearly and concisely with a flexible style adaptable to different needs globally
  • Excellent legal drafting, project management, communication and stakeholder management skills
  • Solid competence in Google Docs, Sheets, Slides, Word, Excel and PowerPoint
  • High EQ and a strong history of successful cross-functional collaboration with others
  • A passion for security / resilience and an interest in keeping up with industry and regulatory guidelines or requirements that relate to Splunk’s products, including a fundamental understanding of how certain regulations apply to key service providers
  • Familiarity and interest in emerging technologies such as artificial intelligence, network and cyber security, infrastructure resiliency and cloud computing

Splunk is an Equal Opportunity Employer
At Splunk, we believe creating a culture of belonging isn’t just the right thing to do; it’s also the smart thing. We prioritize diversity, equity, inclusion, and belonging to ensure our employees are supported to bring their best, most authentic selves to work where they can thrive. Qualified applicants receive consideration for employment without regard to race, religion, color, national origin, ancestry, sex, gender, gender identity, gender expression, sexual orientation, marital status, age, physical or mental disability or medical condition, genetic information, veteran status, or any other consideration made unlawful by federal, state, or local laws. We consider qualified applicants with criminal histories, consistent with legal requirements.



Base Pay Range

SF Bay Area, Seattle Metro, and New York City Metro Area

Base Pay Range: $216,000.00 - 297,000.00 per year

California (excludes SF Bay Area), Washington (excludes Seattle Metro), Washington DC Metro, and Massachusetts

Base Pay Range: $194,400.00 - 267,300.00 per year

All other cities and states excluding California, Washington, Massachusetts, New York City Metro Area and Washington DC Metro Area.

Base Pay Range: $174,400.00 - 239,800.00 per year

Splunk provides flexibility and choice in the working arrangement for most roles, including remote and/or in-office roles. We have a market-based pay structure which varies by location. Please note that the base pay range is a guideline and for candidates who receive an offer, the base pay will vary based on factors such as work location as set out above, as well as the knowledge, skills and experience of the candidate. In addition to base pay, this role is eligible for incentive compensation and may be eligible for equity or long-term cash awards.

Benefits are an important part of Splunk's Total Rewards package. This role is eligible for a competitive benefits package which includes medical, dental, vision, a 401(k) plan and match, paid time off and much more! Learn more about our comprehensive benefits and wellbeing offering at

Thank you for your interest in Splunk!