23andMe is seeking an exceptional and highly collaborative Director, Sr. Privacy and Product Counsel to join our team!

Who We Are

Since 2006, 23andMe’s mission has been to help people access, understand, and benefit from the human genome. We are a group of passionate individuals pushing the boundaries of what’s possible to help turn genetic insight into better health and personal understanding.

About This Role

With a thorough understanding of 23andMe’s business and strategic priorities, you will collaborate with the General Counsel and Privacy Officer on strategy for the Privacy and Product counseling team, and manage the team’s execution which includes supporting and identifying the implications of new, cutting-edge product, marketing, research and other initiatives on privacy and data use, technology architecture and standards, and data governance, to ensure 23andMe maintains its focus on transparency and leadership in privacy and data protection. You will apply your technology, e-commerce and/or healthcare knowledge and experience to provide guidance on the product development lifecycle, working with cross-functional stakeholders in a fast-paced environment. You will support the continued growth of 23andMe’s comprehensive privacy and data protection program and provide thought leadership on privacy strategies, and work closely with internal and external parties on product, compliance, policy and government affairs matters.

This role will be based in our Sunnyvale, CA headquarters and report to the VP, General Counsel and Privacy Officer.

What You’ll Do

• Support the Privacy and Product counseling team in their partnerships with Product, Marketing, Research, Security, IT and other business teams to develop, implement, oversee and monitor 23andMe’s privacy and data protection policies and procedures. 
• Lead product counseling and cross-functional projects, including as related to data protection compliance, data governance, and privacy by design for new product launches and existing or additional initiatives.
• Responsible for assessment of how current and proposed laws impact business processes, reporting, record keeping, or other activities. Identify needs for introduction of new business processes and for consultations or training.
• Collaborate with contracts and procurement teams on vendor management program, including responsibility for creating policies, processes and templates and reviewing and negotiating contracts to support transactions involving customer, patient and/or research participant data.
• Develop strategies, tools, resources and frameworks enabling data use and healthcare delivery innovation while ensuring adherence to privacy best practices.
• Responsible for privacy and data protection risk assessments/audits and proactively monitoring and identifying opportunities, issues and risks. Develop appropriate mitigation plans in support of company risk management and internal audit deliverables.
• Member of the data protection governance committee, and responsible for incident response and resolution.
• Represent 23andMe’s privacy and data protection interests with external parties.
• Develop and monitor performance metrics and plans for continuous improvement.
• Manage, motivate and develop the Privacy and Product Counsel team, fostering a collaborative and inclusive work environment.

What You’ll Bring

• JD with excellent academic credentials and a member of the State Bar of California.
• 10+ years of privacy experience in a law firm, in-house or other legal role with a track record of providing practical business-friendly advice. CIPP/US/E certification preferred.
• 5+ years product counseling experience for innovative technology companies.
• People management experience  -- proven experience managing, motivating, and developing a high-performing legal team
• Expert knowledge of data protection and information security laws, rules and regulations in the US and globally, including CPRA, GIPA, and other state consumer and health privacy laws, GDPR, GINA, HIPAA, COPPA, and relevant rules and regulatory guidance related to mobile applications, as well as industry leading privacy and data protection practices and standards.
• Significant experience in successfully implementing and delivering on privacy-focused projects with efficiency, including data map, data privacy impact assessments and third party risk assessments, as well as in negotiating complex agreements involving personal data. 
• Knowledge of online and offline advertising and marketing rules and regulations, including state consumer protection statutes, CAN-SPAM, TCPA and FTC guidelines pertaining to areas relevant to 23andMe’s business, such as consumer advertising.
• Experience with data security, data breach, and data loss prevention tools and statutes.
• Experience and skill in responding to press inquiries and speaking on privacy matters.
• Experience with project management methodologies and tools is a strong plus.
• Demonstrated analytical skills as well as the ability to take disparate information and make strategic recommendations quickly.
• Demonstrated leadership with evidence of increasing management responsibility.
• Ability to develop and deliver presentations to senior management and influence others.
• Exceptional attention to detail and ability to get things done.
• Ego-free, team-first mentality.
• Exceptional verbal and written communicator.
• Excellent interpersonal skills, including relationship-building and collaboration.
• Ability to work from 23andMe’s office in Sunnyvale, CA three days per week.

About Us

23andMe, headquartered in Sunnyvale, CA, is a leading consumer genetics and research company. Founded in 2006, the company’s mission is to help people access, understand, and benefit from the human genome. 23andMe has pioneered direct access to genetic information as the only company with multiple FDA authorizations for genetic health risk reports. The company has created the world’s largest crowdsourced platform for genetic research, with 80 percent of its customers electing to participate. The platform also powers the 23andMe Therapeutics group, currently pursuing drug discovery programs rooted in human genetics across a spectrum of disease areas, including oncology, respiratory, and cardiovascular diseases, in addition to other therapeutic areas. More information is available at www.23andMe.com.

At 23andMe, we value a diverse, inclusive workforce and we provide equal employment opportunity for all applicants and employees. All qualified applicants for employment will be considered without regard to an individual’s race, color, sex, gender identity, gender expression, religion, age, national origin or ancestry, citizenship, physical or mental disability, medical condition, family care status, marital status, domestic partner status, sexual orientation, genetic information, military or veteran status, or any other basis protected by federal, state or local laws.  If you are unable to submit your application because of incompatible assistive technology or a disability, please contact us at [email protected]. 23andMe will reasonably accommodate qualified individuals with disabilities to the extent required by applicable law.

Please note: 23andMe does not accept agency resumes and we are not responsible for any fees related to unsolicited resumes. Thank you.