Privacy Analyst – Independent Contractor

Privacy Analyst – Independent Contractor

at Aleada Consulting

Are you:

  • An experienced (1-3 years) compliance, risk management, legal, technology practitioner or a recent graduate with an interest in privacy and data protection
  • An excellent writer and communicator
  • A driven individual who pride themselves on service excellence, resourcefulness, and great project management skills
  • Passionate about privacy and data protection and want to learn more
  • Looking for flexibility and a career boost in the privacy and data protection field

The Role:

We are looking for a Privacy Analyst to join our growing team. We prefer Bay Area-based candidates, but this is not a requirement. Our successful candidate will:

  • Research answers to various global privacy issues (primarily regarding the General Data Protection Regulation and APAC)
  •  Build regulatory frameworks
  • Conduct gap assessments, PIA/DPIAs, and develop data inventories
  • Assist with client project management

We are also looking for individuals who values people, relationships, and a cooperative work culture. This is a part-time position, with full-time potential. Work will be completed remotely, with occasional in-person team and client meetings.

About Aleada Consulting:

We are a female and minority owned, boutique, privacy and data protection consulting firm.  Located in the Bay Area, we serve clients (from start-ups to Fortune 5 companies) around the globe.

As a young start-up, we pride ourselves on doing things differently. We understand law and technology, breaking down complex concepts into actionable business terms. We are efficient, skilled, and fun. We have outstanding clients and fascinating projects. Our services are diverse and constantly evolving. Every day, we help our clients to simplify and operationalize privacy and data protection so they can focus on their business. Join our team!

Security Operations Engineer - Logging/Splunk

Security Operations Engineer - Logging/Splunk

at GitHub (View all jobs)

United States

GitHub is looking for engineers to join our Security Operations team. You will focus on building and managing the systems and tools that enable our engineers to securely operate and scale the world's largest code hosting platform. Your primary focus will be on our security event log pipeline comprised of syslog, Splunk, Kafka, and AWS services. Beyond that, some of the other infrastructure the team manages include our Identity & Access Management systems, credential management services, vulnerability scanning tools, and network security devices.

The GitHub Security team is highly distributed and you must thrive in an environment of remote work and asynchronous communication. You're expected to have strong written communication skills and be able to develop working relationships with coworkers in locations around the globe. As a Security Operations Engineer at GitHub you'll always be challenged to solve interesting and novel problems that have real impact on how the world builds software.

Responsibilities:

  • Managing a reliable high-volume, high-availability Splunk deployment in support of various security and engineering use cases.
  • Partnering with security, infrastructure, application engineering, and data analytics teams to ensure logging standard and pipeline, log analysis and enrichment infrastructure are well-positioned to meet required use cases.
  • Develop and maintain security infrastructure through reusable code and tooling.
  • Use metrics and monitoring systems to ensure performance, scalability, and stability.
  • Find ways to use existing systems to improve the security of our platform.
  • Interact with other teams outside of the Security department to ensure the confidentiality, integrity, and availability of our infrastructure and data.

Minimum Qualifications:

  • Significant experience building and managing large, clustered Splunk installations.
  • Strong foundation in information security.
  • You have a track record of building infrastructure automation.
  • Proficiency in designing and maintaining AWS infrastructure to support logging and security use cases.
  • Experience with high-volume, high-availability logging pipelines.
  • Experience with Kafka and AWS S3/Kinesis for log transport and storage.
  • Experience with APIs, webhooks, and other technologies used to integrate security technology, enrich log data, and automate security workflows.
  • Proficiency in high-level languages such as Ruby, Python, and Bash.
  • A deep understanding of the Linux operating system, at both a high- and low-level.
  • Familiarity with configuration management software such as Puppet, Chef, Ansible, or Salt.
  • A tenacious ability to diagnose and fix performance and reliability problems.
  • You use a pragmatic approach to decision making and design choices. 

Preferred Experience:

  • You've built highly available systems at scale.
  • Splunk Architect or Splunk Administrator certification.
  • Capacity planning for large, multi-tier web systems.
  • Contributions to open source.
  • Experience with Elasticsearch.
  • Experience with SQL and Presto/Athena.
  • Experience with Kubernetes and Docker.
  • Experience with Linux kernel internals (TCP/IP stack, developing modules).

Who We Are:

GitHub is the best place to share code with friends, co-workers, classmates, and complete strangers. Over 24 million people use GitHub to build amazing things together across 67 million repositories. With the collaborative features of GitHub.com and GitHub Business, it has never been easier for individuals and teams to write faster, better code.

What We Value:

Collaboration: We believe the best work is done together. 
Empathy: We believe in putting people first. 
Quality: We believe in setting the standard for excellence. 
Positive Impact: We believe in making the world a better place through our work. 
Shipping: We believe in creating things for the people using them.

Why You Should Join:

At GitHub, we constantly strive to create an environment that allows our employees (Hubbers) to do the best work of their lives. We've designed one of the coolest workspaces in San Francisco (HQ), where over half of our Hubbers work, snack, and create daily. The other half of our Hubbers work remotely in 18 countries across the globe. Here is a complete list of where we can hire!

We are also committed to keeping Hubbers healthy, motivated, focused and creative. We've designed our top-notch benefits program with these goals in mind. In a nutshell, we've built a place where we truly love working, we think you will too.

GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!

Security Operations Engineer

Security Operations Engineer

at GitHub

United States

GitHub is looking for engineers to join our Security Operations Engineering organization. You will focus on the secure integration and instrumentation of systems and tools that enable our engineers to securely operate and scale the world's largest code hosting platform. Some of the security infrastructure and services you will help design, ship and maintain include secure provisioning and configuration management, Identity and Access Management, Gateway Access Services, Vulnerability Management and Incident Response.

The Security Operations Engineering team is highly distributed and you must thrive in an environment of remote work and asynchronous communication. You're expected to have strong written communication skills and be able to develop working relationships with coworkers in locations around the globe.

As a Security Operations Engineer at GitHub you'll always be challenged to solve interesting and novel problems that have real impact on how the world builds software. If you are passionate about Security and working with bright and highly productive teams this role could be a great match.

Responsibilities:

  • Develop, integrate and maintain secure infrastructure through reusable Ruby on Rails code and tooling.
  • Extensive experience integrating and automating services and operational tasks that consume and utilize APIs
  • Use metrics and security monitoring systems to ensure security is effective and maintained in a fashion that supports our performance, scalability and stability.
  • Find ways to use existing systems to improve security for our platform.
  • Partnering with security, infrastructure, application engineering, and data analytics teams to ensure infrastructure is well-positioned to meet required use cases.
  • Cultivate the open source projects developed by GitHub and build things you are proud to share.
  • Interact with other teams outside of the security organization to ensure the uptime and reliability of our infrastructure.

Minimum Qualifications:

  • You have a track record of building security and infrastructure systems and automation.
  • Ability to securely and proficiently work with high-level languages such as Ruby, Python, and Bash.
  • A deep understanding of the Linux operating system, at both a high- and low-level.
  • Familiarity with configuration/orchestration management software such as Puppet, Chef, Ansible, or Salt.
  • A tenacious ability to diagnose and fix security, performance and reliability problems.
  • You use a pragmatic approach to decision making and design choices.

Preferred Experience:

  • You've built highly available secure systems at scale.
  • Capacity planning for large, multi-tier web systems.
  • Interest in or experience with systems languages (C/C++, Go, Rust)
  • Contributions to open source.
  • Experience with Kubernetes and Docker.
  • Experience with Linux kernel internals (TCP/IP stack, developing modules).
  • Experience with ChatOps

Who We Are:

GitHub is the best place to share code with friends, co-workers, classmates, and complete strangers. Over 24 million people use GitHub to build amazing things together across 67 million repositories. With the collaborative features of GitHub.com and GitHub Business, it has never been easier for individuals and teams to write faster, better code.

What We Value:

Collaboration: We believe the best work is done together. 
Empathy: We believe in putting people first. 
Quality: We believe in setting the standard for excellence. 
Positive Impact: We believe in making the world a better place through our work. 
Shipping: We believe in creating things for the people using them.

Why You Should Join:

At GitHub, we constantly strive to create an environment that allows our employees (Hubbers) to do the best work of their lives. We've designed one of the coolest workspaces in San Francisco (HQ), where over half of our Hubbers work, snack, and create daily. The other half of our Hubbers work remotely in 18 countries across the globe. Here is a complete list of where we can hire!

We are also committed to keeping Hubbers healthy, motivated, focused and creative. We've designed our top-notch benefits program with these goals in mind. In a nutshell, we've built a place where we truly love working, we think you will too.

GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!

Engineering Manager - Security Incident Response Team (SIRT)

Engineering Manager - Security Incident Response Team (SIRT)

at GitHub

United States

GitHub Security is hiring an Incident Response (IR) Manager to lead and evolve the Security Incident Response Team (SIRT). You will foster an environment of excellence and mentorship to lead the detection and response to attacks on our infrastructure and users. The team and capability you manage and guide will focus on the investigative and response practices that help GitHub securely protect the world's largest code hosting platform. The leadership you bring will influence the IR capability of systems and infrastructure across GitHub’s Production and Corporate environments, identity & access management systems, and core security services for vulnerability management and security monitoring.

GitHub’s Security team is highly distributed and to be successful you must thrive in an environment of distributed work and asynchronous communication. Strong written communication skills are essential, as is the ability to develop strong working relationships with coworkers in locations around the globe. This role is not about dictating a team member's work directly, but rather guiding and serving to ensure the productivity and success the members and team. A primary goal of this job is to enable each team member to do the best work of their lives securing GitHub.

If you have a foundation in IR, information security and infrastructure, enjoy supporting humans across all experience levels from fresh-out-of-college associates to seasoned senior engineers, and want to help build a world class security team, then this might be the gig for you.

Responsibilities:

  • Design, implement and manage enterprise wide (end-to-end) Incident handling and coordination lifecycles, methodologies, and processes with the SIRT team and partners.
  • Influence implementation of IR capability across applications, core infrastructure to user endpoint.
  • Developing and driving adoption of security standards and requirements.
  • Manage the people and team to plan, balance, prioritize and execute on their day-to-day responsibilities, projects, and career development objectives.
  • Manage complex projects spanning teams in and outside of the Security department.
  • Participating in on-call rotation, incident handling and incident coordination.

Minimum Qualifications:

  • Experience with the entire IR lifecycle and collaborating with cross functional internal & external teams to improve organizational IR capability and capacity.
  • Several years experience effectively managing small to medium sized security teams.
  • Experience effectively managing and working with distributed and remote teams.
  • The ability to take a pragmatic approach to decision making while applying practical security design principles and practices.
  • Exceptional communication skills with a strong sense of empathy.
  • Proven technical project management experience guiding strategic and tactical technical decision making and execution.
  • Experience supporting governance and regulatory requirements.
  • Experience and interest in developing and maintaining processes and programmatic practices.
  • Demonstrative experience with core DFIR including system forensics, memory forensics, network analysis, malware analysis, cyber threat intelligence, or log analysis.
  • Practical experience with common security infrastructure such as log/SIEM analysis systems, firewalls, identity and access management, vulnerability management, etc.
  • Practical understanding of system/networking technologies and web based platforms (e.g. Linux, TCP/IP, Ruby on Rails, etc.)
  • Tenacious tinkering, spelunking and curiosity capacity.

Preferred Experience:

  • Proficiency in high-level languages such as Ruby, Python and Bash.
  • Familiarity with configuration management capabilities and software such as Puppet, Chef, Ansible, or Salt.
  • Experience with containerization or virtualization.
  • Can develop and maintain systems through reusable code and tooling.
  • Are an active contributor to open source security projects and/or security community initiatives.
  • Experience with systems languages (C/C++, Go, Rust).
  • Experience with Linux systems internals.

Who We Are:

GitHub is the best place to share code with friends, co-workers, classmates, and complete strangers. Over 24 million people use GitHub to build amazing things together across 67 million repositories. With the collaborative features of GitHub.com and GitHub Business, it has never been easier for individuals and teams to write faster, better code.

What We Value:

Collaboration: We believe the best work is done together.

Empathy: We believe in putting people first.

Quality: We believe in setting the standard for excellence.

Positive Impact: We believe in making the world a better place through our work.

Shipping: We believe in creating things for the people using them.

Why You Should Join:

At GitHub, we constantly strive to create an environment that allows our employees (Hubbers) to do the best work of their lives. We've designed one of the coolest workspaces in San Francisco (HQ), where over half of our Hubbers work, snack, and create daily. The other half of our Hubbers work remotely in 18 countries across the globe. Here is a complete list of where we can hire!

We are also committed to keeping Hubbers healthy, motivated, focused and creative. We've designed our top-notch benefits program with these goals in mind. In a nutshell, we've built a place where we truly love working, we think you will too.

GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!

Autodesk

Privacy Counsel

    San Francisco, CA

     

    Position Overview

    Looking for the opportunity to use your legal skills in a career that combines innovative technology and creativity, ultimately helping both creative and engineering types build a better world? If so, meet Autodesk. Learn more about why Autodesk is continually ranked a top place to work by Fortune, Forbes, Glassdoor, and others: Top 7 Reasons You Should Work at Autodesk.

    Data Privacy and Governance has become an increasingly important topic for global companies. Autodesk is committed to protecting the data and privacy of our global customers and employees.

    The Privacy Counsel will work closely with the San Francisco based Privacy Legal team, the Autodesk Data Protection Officer, Autodesk security and other governance teams to implement initiatives necessary for compliance with global privacy laws and regulations. The Corporate Counsel will develop strategies and initiatives to engage with key stakeholders and raise awareness of data privacy compliance and governance across the company.

    This position will be based in Autodesk’s San Francisco Office, and report to the Director, Senior Global Privacy and Data Security Counsel

    Responsibilities

    • Counsel business partners on domestic and international data privacy laws, regulations, and industry best practices, particularly related to software and cloud services
    • Act as subject matter expert and resource on issues related to privacy and data protection, in particular U.S., E.U., and Canadian privacy laws
    • Partner with members of the legal team, security team, data governance, and outside counsel to help ensure Autodesk’s compliance with laws, regulations, and customer contracts
    • Assist in developing and maintaining Autodesk’s privacy program, and related policies, procedures, documentation, and communication materials
    • Assist in developing training materials, and providing training to employees on privacy-related obligations
    • Provide guidance to legal and product management teams on issues pertaining to new and existing products/features throughout the entire development lifecycle
    • Draft and negotiate data protection terms in contracts and disclosures, including Privacy Policies and Terms of Service
    • Review issues related to analytics and big data collection, use and governance
    • Conduct due diligence and review privacy and data protection issues related to acquisition and integration activity
    • Review issues related to children and student privacy
    • Review data protection impact assessments and other internal privacy assessments
    • Respond to communications from Autodesk’s customers and employees regarding their individual rights, and Autodesk’s processing of their personal data
    • Collaborate with data governance and business teams to create records of processing

    Minimum Qualifications

    • 8+ years of relevant work experience in the area of data privacy and data governance
    • Expertise in global data protection law, including knowledge of the GDPR and national data protection laws
    • Experience with technology, cloud services, marketing and analytics laws and regulations
    • Experience working with product teams on PIAs and Privacy by Design
    • Excellent negotiation skills, with the ability and confidence to represent Autodesk in the area of data privacy
    • Ability to work and lead under pressure unruffled, exhibiting timely and quality decision making
    • Exceptional written, oral and interpersonal communication skills, capable of quickly gaining the respect of and interacting comfortably with and successfully collaborating with and influencing senior leaders
    • Strong work ethic, a self-starter, action-oriented and ensures accountability
    • Law degree and CIPP certification
    • Law firm experience
    • Language skills a plus