Privacy Attorney


Elastic is a search company built on a free and open heritage. Anyone can use Elastic products and solutions to get started quickly and frictionlessly. Elastic offers three solutions for enterprise search, observability, and security, built on one technology stack that can be deployed anywhere. From finding documents to monitoring infrastructure to hunting for threats, Elastic makes data usable in real time and at scale. Thousands of organizations worldwide, including Cisco, eBay, Goldman Sachs, Microsoft, The Mayo Clinic, NASA, The New York Times, Wikipedia, and Verizon, use Elastic to power mission-critical systems. Founded in 2012, Elastic is a distributed company with Elasticians around the globe and is publicly traded on the NYSE under the symbol ESTC. Learn more at

We have an exciting opportunity for an experienced in-house privacy counsel to join Elastic’s growing Global Data Privacy legal team!   The data privacy counsel will make a meaningful contribution to Elastic's notable growth and success by providing legal support on a wide range of interesting and complex global data protection and privacy related issues.  This is a fully remote position that will be ideal for a flexible and agile mid-level privacy attorney who is based in the United States or the UK.  

What You Will Be Doing:

  • Advise internal business teams (HR, Marketing, Field Sales, IT/Security) on strategically important data protection laws and regulations in the EU and the US.
  • Support our commercial business including managing sophisticated, strategic data protection agreements, including negotiation of DPAs for vendors and customers, including the new EU model clauses in compliance with global data privacy laws;
  • Complete a variety of operational tasks such as ROPAs and TIAs with a focus on scalability, simplicity and cross-functional collaboration; 
  • Build and scaling vendor on-boarding processes to ensure compliance with data protection requirements;
  • Help develop and mature Elastic’s global privacy programs, including GDPR, CCPA, HIPAA, ISO, and FedRAMP;
  • Build strong internal and external relationships; 
  • Help ensure adherence to global data protection and security laws, while enabling the development and execution of business initiatives;
  • Enable and guide colleagues in privacy related matters sharing expertise, insight and standard methodologies.

What You Bring Along:

  • You have at least 5 years of experience where your primary role was practicing data privacy law, including a minimum of 3 years as in-house dedicated privacy counsel at a global company, experience working with software and SaaS solutions and well versed in GDPR and U.S privacy law, including the CCPA. 
  • You have 5+ years of experience drafting and negotiating complex data protection agreements involving both customers and vendors including the GDPR’s standard contractual clauses and CCPA terms.
  • You have experience completing privacy operational tasks such as managing ROPA processes, subject access requests, data mapping, and are able to apply project management skills to implement and lead cross-functional projects.
  • You are extremely flexible professionally and can quickly adapt to diverse tasks and changing priorities, with a passion for privacy, learning and growth.
  • You are a great teammate and have a demonstrated ability to work on various privacy matters, while quickly adjusting to new tasks with patience and professionalism.

Moreover, you have/are:

  • Excellent written and oral communication skills; strong listening skills; solid legal judgment and a strong understanding of legal risk management.
  • A self-starting, proactive, driven, adaptable person who can, with poise and patience, prioritize and balance multiple projects and recalibrate advice in view of shifting priorities, legal developments, and risk tolerance.
  • Experience with, and a solid working knowledge of, sophisticated data protection issues and operational implementation of data protection procedures and processes.
  • An understanding of IT/Security infrastructure, network architecture and SaaS computing, and data analytics, anonymization and access controls.
  • Strong initiative, perseverance, resourcefulness, humility, compassion and professionalism.  
  • A JD from a top law school with top credentials.
  • A license to practice law in one of the 50 United States or UK equivalent.
  • Relevant privacy qualifications (confirmed - not pending - CIPM certification is a plus); 
  • Prior experience representing high-growth companies (strongly preferred).


Additional Information - We Take Care of Our People

As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.

We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.

  • Competitive pay based on the work you do here and not your previous salary
  • Health coverage for you and your family in many locations
  • Ability to craft your calendar with flexible locations and schedules for many roles
  • Generous number of vacation days each year
  • Double your charitable giving - We match up to $1500 (or local currency equivalent)
  • Up to 40 hours each year to use toward volunteer projects you love
  • Embracing parenthood with minimum of 16 weeks of parental leave

Different people approach problems differently. We need that. Elastic is committed to diversity as well as inclusion. We are an equal opportunity employer and committed to the principles of affirmative action. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status or any other basis protected by federal, state or local law, ordinance or regulation. If you require any reasonable accessibility support, please complete our Candidate Accessibility Request Form.

Applicants have rights under Federal Employment Laws, view posters linked below:
Family and Medical Leave Act (FMLA) Poster; Equal Employment Opportunity (EEO) Poster; and Employee Polygraph Protection Act (EPPA) Poster.

Please see here for our Privacy Statement.


Covid Policy Learn about Elastic's Culture

Notify Me of Open Positions

Sign in with your social account to receive emails when Elastic posts open positions you might be interested in:

Powered By Ongig