Senior Director, Head of Cybersecurity & Privacy Legal

We are looking for a Senior Director, Head of Cybersecurity & Privacy Legal to lead our global data security and privacy legal function. Reporting directly to the Deputy General Counsel for Commercial Legal, you will be the primary legal architect for how we protect data across the entire Zscaler platform.  This role is ideally Hybrid out of our San Jose, CA Headquarters, but can be fully remote for the right candidate.

This is a high-impact senior leadership role where you will develop and execute a global legal strategy for cybersecurity, data security and privacy that aligns with Zscaler’s rapid growth and product innovation. You will be a trusted advisor to senior leaders across the organization, including the executive team and board of directors. 

What you’ll do (Role Expectations)

As a key partner to our Security, Compliance, IT, and other internal teams, you will 

• Provide expert guidance on a wide range of data security, cybersecurity, privacy, and compliance matters, ensuring that legal requirements are integrated seamlessly into our technical operations
• Lead the legal side of incident management and response, providing strategic advice and legal guidance on all types of incidents to ensure the company navigates complex security events with precision and speed
• Provide strategic guidance and recommendations for implementing Privacy/Security by Design across our expanding platform
• Manage and mentor the existing privacy team consisting of four experienced privacy lawyers

What We’re Looking for (Minimum Qualifications)

• J.D. from an accredited law school and an active license to practice law in the United States
• 15+ years of experience practicing law with a deep focus on data security, cybersecurity, and privacy within the SaaS, Software, Tech, and/or Cybersecurity sectors
• Significant experience managing cyber incident response, in close partnership with Security professionals
• Significant experience negotiating the security and privacy components of complex inbound and outbound commercial contracts
• Experience advising executive leadership and boards of directors on cybersecurity and privacy matters
• Experience providing guidance and implementing Privacy/ Security by Design across a technology company
• Experience managing a global team of lawyers and guiding cross-functional initiatives in a SaaS, Software, Tech, and/or Cybersecurity company
• A deep understanding of cloud architecture and how data flows through a modern SaaS ecosystem
• A deep understanding of global privacy and AI laws, regulations, and certifications including GDPR, CCPA/CPRA, EU AI Act, and other international cybersecurity, data protection, privacy and AI frameworks
• A pragmatic approach to law that prioritizes business enablement; you are someone who finds creative paths to growth while rigorously managing risk

What Will Make You Stand Out (Preferred Qualifications)

• Experience working with EU Works Councils and other global regulatory agencies/bodies
• Experience with AI governance and machine learning data ethics
• Experience with risk mitigation frameworks and corporate governance models for the enterprise-wide deployment of generative AI, large language models (LLMs), and automated decision-making systems
• Relevant certifications such as CISM, CISSP, and/or CIPP

#LI-Remote #LI-NH1