Corporate Attorney

NetApp is seeking a Corporate Attorney with a primary focus on security, privacy, and procurement. This role will be responsible for advising on cybersecurity incident response, compliance with global cybersecurity laws, industry and government certifications, security-by-design initiatives, regulatory support, and procurement-related legal matters. The ideal candidate will develop and enhance NetApp's legal security framework in an evolving cybersecurity landscape.

This role is a hybrid position that requires two days a week in office at one of our NetApp offices:San Jose, CA; Washington D.C. metro area; Boulder, CO; or RTP, NC.

• Lead cybersecurity incident response efforts, working closely with Security, Engineering, Support, and Legal teams, as well as external counsel, to ensure effective investigation and mitigation
• Assist in the development and maintenance of a security incident and vulnerability response program, addressing threat detection, investigation, containment, and mitigation
• Guide NetApp in achieving and maintaining industry security certifications and standards (public and private sectors)
• Support NetApp's sales organization in navigating regulated markets with elevated cybersecurity requirements
• Partner with the public sector security legal team to address cyber-related federal regulations
• Ensure compliance with global cybersecurity laws such as NIS2 and DORA
• Collaborate with Security, Product, and Marketing teams to review security-related public statements.
• Provide security-by-design product counseling, ensuring legal compliance and best security practices from the outset
• Advise NetApp's commercial legal teams on cybersecurity-related contract negotiations for customers, partners, and vendors
• Support procurement and IT legal matters, advising on contractual obligations, risk mitigation, and regulatory compliance associated with vendor security policies and third-party security agreements.

• 8+ years of experience as a practicing cybersecurity attorney, preferably in the tech industry
• In-depth knowledge of security frameworks and compliance standards (e.g., NIST 800-53, NIST 800-71, ISO 27001, SOC 1, SOC 2)
• Strong understanding of U.S. cybersecurity laws (e.g., CFAA, CIS Act, ECPA) and familiarity with global cybersecurity standards
• Experience with procurement legal matters, including vendor security compliance and risk assessment
• Excellent communication and interpersonal skills to collaborate across multiple teams
• Ability to manage multiple priorities in a fast-paced environment

This is a unique opportunity to shape a brand-new role within NetApp and have a direct impact on the company's cybersecurity and procurement legal strategy. You'll work closely with cross-functional teams in a dynamic and innovative environment, addressing some of the most pressing security and procurement challenges in the industry. If you thrive in fast-moving, high-impact roles and are passionate about cybersecurity and procurement law, we encourage you to apply!

• BA/BS and JD from an accredited law school with 8+ years of relevant experience

#Sponsor