Senior Corporate Counsel - Information & Product SecuritySan Mateo, Los Angeles, or San Diego (hybrid) - will require weekly onsite work*

As a Senior Corporate Counsel passionate about Information and Product Security, you will play a vital role in ensuring the legal compliance and protection of our company's sensitive information, intellectual property, customer data, as well as our products & services. As SIE’s primary cybersecurity attorney, your role involves offering legal guidance and support to our Information Security team, who lead all aspects of cybersecurity functions across SIE’s diverse range of offerings. You will also collaborate closely with other legal, technology, and business units to ensure the implementation of robust security measures and risk mitigation strategies.

Responsibilities:

• Legal Compliance: Stay abreast of relevant laws, regulations, and industry standards related to information security and cybersecurity. Advise and support the company in developing and implementing policies and procedures to align with these legal requirements.
• Support Corporate Information Security: Lead legal support for all of SIE’s corporate information technologies on cybersecurity matters.
• Support Product, Service and Network Security: Lead legal support for SIE’s products (e.g., PlayStation 5), services (e.g., PlayStation Plus), and PlayStation Network on cybersecurity matters.
• Incident Responses: Work closely with the Incident Response team to manage and coordinate legal aspects of any cybersecurity incidents or breaches. Provide mentorship on notification requirements, regulatory compliance, and potential legal actions. Collaborate with Information Security leaders and key stakeholders to improve continually SIE’s incident response processes and procedures.
• Risk Assessment and Mitigation: Assess legal risks associated with information security and cybersecurity practices and develop strategies to mitigate potential liabilities. Offer legal guidance on risk management and incident prevention.
• Contracts and Agreements: Review, draft, and negotiate contracts with clients, vendors, and partners related to information security and cybersecurity matters, ensuring the protection of our company's interests, and maintaining compliance with applicable laws and regulations.
• Support SIE’s Bug Bounty Program: Provide legal support to the operation of SIE’s program to review and remediate reported security vulnerabilities in SIE’s products and services.
• Data Privacy: Collaborate with the Privacy team to ensure alignment between information security and privacy practices. Provide legal counsel on data protection and privacy laws to ensure the appropriate handling and safeguarding of personal and sensitive data.
• Regulatory Compliance: Monitor and interpret information security and cybersecurity regulations, and other relevant laws. Develop and implement compliance programs to ensure adherence to these regulations.
• Training & Education: Conduct training sessions and workshops for employees on legal aspects of information security and cybersecurity. Promote a culture of security awareness throughout the organization.
• Litigation Support: Provide legal support in any information security or cybersecurity-related litigation, including drafting responses, working with external counsel, and representing the company's interests.

Qualifications:

• Juris Doctor (J.D.) degree from an accredited law school and admission to the bar in the relevant jurisdiction.
• Minimum of 12 years of overall experience practicing law and 6 years of experience as an attorney with a focus on information security, cybersecurity, and data privacy matters in a technology-related company or law firm.
• Proven understanding of information security and cybersecurity laws, regulations, and industry standards.
• Shown experience in negotiating sophisticated contracts and agreements related to information security and cybersecurity.
• Familiarity with data protection laws, including GDPR, CCPA, and HIPAA.
• Experience in incident response, risk management, and regulatory compliance in the cybersecurity domain.
• Excellent communication and interpersonal skills, with the ability to work collaboratively with cross-functional teams.
• Confirmed ability to provide clear and practical legal advice to non-legal partners.
• Strong analytical and problem-solving skills, with a keen attention to detail.
• CISSP, CIPP, or other relevant certifications are a plus.

*PlayStation offers a global hybrid office/remote working model — Flex Modes — which aims to combine the flexibility of remote working with the magic of in-person collaboration. The model is built upon the principle of working together in-person as work requires, with the freedom to work remotely otherwise.

#LI-SF1
#LI-HYBRID