Analyze existing legal security commitments and compare them against actual product security practices to identify gaps and risks.
Conduct interviews with legal, security, and product stakeholders to document current security posture and contractual commitments across products.
Develop and maintain a comprehensive matrix mapping product security controls to contract terms, legal exhibits, and public-facing statements.
Draft and propose updates to security-related contract language, including security exhibits, standard customer terms, and negotiation fallback positions.
Partner cross-functionally with legal, product, and security teams to align public website security content with verified security practices.
Translate technical security controls and practices into clear, defensible legal language suitable for customer contracts and public documentation.
Create and manage a project plan with real-time progress tracking, weekly status reports for stakeholders, monthly leadership briefings, and an end-of-project executive summary with findings and recommendations.
Requirements
Mid-career experience in legal, audit, or compliance roles within technology or cybersecurity environments.
Proven legal and audit expertise with the ability to interpret and assess complex contractual and compliance documentation.
Foundational knowledge of information security principles and best practices.
Experience drafting and negotiating technology product security terms.
Strong project management and stakeholder communication skills.
Ability to analyze complex legal documents and translate security controls into defensible contract language.