Red Hat Inc. Raleigh , NC 27611

Posted 2 months ago

About the job

The Red Hat Legal team is looking for an experienced, motivated, and highly qualified Corporate Attorney, focused on Product and Information Security to join us. In this role, you will assist in the implementation, management, and continuous improvement of Red Hat's product and information security programs. You'll work in close partnership with key business teams, particularly our Products and Technologies (PnT) and IT teams, to help them navigate and implement globally consistent security processes, standards, and programs. You will play a key role in supporting the development of policies, procedures, protocols, assessments, and regulatory reporting requirements related to Red Hat's product, information, cloud, and application security, including analyzing regulatory and industry guidance and providing recommendations to address potential security risks and regulatory requirements for Red Hat's existing and proposed offerings.

As a Corporate Attorney, you will have the opportunity to quickly become a strategic partner to the business and an integral member of the Legal team. You should have a passion for collaborating on cybersecurity, information security, and data protection issues, managing multiple complex matters at the same time, and providing practical, often nuanced, security guidance to an entrepreneurial and rapidly expanding organization across geographies, cultures, and functions. Your work location will be flexible, but Raleigh, NC, Boston, MA, and Washington, D.C. areas are preferred.

What you will do

  • Provide strategic security-related legal advice and guidance to Red Hat's Legal, Product Security, and IT teams, including product managers and engineers, cloud architects, corporate communication functions, and privacy program managers, on compliance with applicable product and information security regulations and standards, security-by-design concepts, secure development life cycle practices, software supply chain issues, security frameworks, telemetry processes, and industry certifications

  • Partner with the Red Hat's Product Security team on a variety of key areas essential to Red Hat's success, including advising on current and emerging regulatory and industry guidelines and frameworks related to software development and life cycle management, e.g., NIST Cybersecurity Framework and European Network and Information Security Agency (ENISA) initiatives, and services like FedRAMP, SOC 2, Cybersecurity Maturity Model Certification (CMMC), and ISO vulnerability disclosure standards, responses, and notifications, and enhancement of product security policies, standards, and procedures

  • Review security advisories and updates, related press releases, and certification and attestation communications

  • Advise on security-related regulatory responsibilities and assist with investigations of product and information security incidents and other activities, as requested

  • Work closely with Red Hat's Public Policy team to monitor and evaluate emerging legislative and policy initiatives in this area

  • Work closely with the Information Security and Data Protection teams, as requested

  • Assist with negotiating customer and vendor agreements, particularly those involving managed services, IT, and information security; serve as a security subject matter expert and respond to customer security questions and requests

  • Support members of the Legal team in areas of system and software design related to security

  • Create, maintain, and provide security-related awareness training, contract templates, playbooks, and governance documents; participate in periodic internal and external audits, reviews, and assessments of Red Hat's offerings and controls and implement appropriate risk mitigations and lessons learned

  • Promote the importance of a solid culture of security, provide regular updates to senior management, and lead or support security-related initiatives, as necessary

What you will bring

  • Juris Doctor (J.D.) degree plus admission to practice law in at least one jurisdiction

  • 3+ years of product or information security experience in a law firm, government entity, or in-house team; solid expertise in and working knowledge of global security standards and frameworks like NIST-related cyber guidance, ISO, FedRAMP, HIPAA, or PCI and experience supporting the development of cloud applications and related software offerings are a plus

  • Experience negotiating customer and vendor agreements related to information security requirements

  • Comfortable analyzing product and cybersecurity concepts and methodologies with the ability to effectively communicate technical concepts and implement pragmatic solutions in support of the creation, enhancement, and implementation of robust and globally consistent policies, procedures, controls, and systems for Red Hat's product and information security programs

  • Good analytical abilities to quickly understand complex cybersecurity concepts and regulatory requirements and support the development and appropriate communication of security bulletins, remedial measures, and controls

  • Demonstrated ability to establish and maintain appropriate working relationships with all levels of an organization and external contacts, and to work effectively in a professional team environment

  • Excellent writing and interpersonal skills, sound judgment, and ability to inspire and collaborate with others in a growing global business

  • Proactive approach to recognizing business and compliance needs, anticipating issues, and applying thorough and thoughtful analysis with exceptional sense of judgment in determining recommended steps and actions relative to product and information security matters


About Red Hat

Red Hat is the world's leading provider of enterprise open source software solutions, using a community-powered approach to deliver reliable and high-performing Linux, hybrid cloud, container, and Kubernetes technologies. Red Hat helps customers integrate new and existing IT applications, develop cloud-native applications, standardize on our industry-leading operating system, and automate, secure, and manage complex environments. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. As a strategic partner to cloud providers, system integrators, application vendors, customers, and open source communities, Red Hat can help organizations prepare for the digital future.


  • Comprehensive medical, dental, and vision coverage

  • Flexible Spending Account - healthcare and dependent care

  • Health Savings Account - high deductible medical plan

  • Retirement 401(k) with employer match

  • Paid time off and holidays

  • Paid parental leave plans for all new parents

  • Leave benefits including disability, paid family medical leave, and paid military leave

  • Additional benefits including employee stock purchase plan, family planning reimbursement, tuition reimbursement, transportation expense account, employee assistance program, and more!

Note: These benefits are only applicable to full time, permanent associates at Red Hat located in the United States.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Legal Office Administrator

Epiq Systems, Inc.

Posted 4 days ago

VIEW JOBS 8/10/2022 12:00:00 AM 2022-11-08T00:00 <p>It's fun to work at a company where people truly believe in what they are doing!</p><p>Job Description:</p><p>Job Summary:</p><p>A Legal Office Administra is part of a team that provides various administrative support to our clients which may include; copy, print, mail, hospitality, facilities and receptionist services.</p><p>Essential Job Responsibilities</p><ul><li><p>Mail Services includes metering, sorting, and distributing mail and accountable packages per schedule</p></li><li><p>Copy Services includes accurately producing copy, print and scan projects per written instructions</p></li><li><p>Reception includes answering incoming telephone calls and routing to the appropriate person, will greet and announce visitors in a friendly and professional manner</p></li><li><p>Hospitality Services includes coordinator and upkeep of client conference rooms, common areas and kitchens. Inspect and ensure that all rooms are clean, stocked with supplies and ready for continual use. Organize and distribute client kitchen supplies. Maintain inventory control and order supplies as needed.</p></li><li><p>Floor Coordination includes the upkeep of copy rooms and stocking of general supplies, delivery of paper, and basic daily maintenance</p></li><li><p>Facilities Services may include hanging pictures, small office moves, cleaning services and communication with key client contacts regarding building/equipment concerns.</p></li></ul><p>Qualifications &amp; Requirements</p><ul><li><p>High School Diploma or GED</p></li><li><p>Minimum of 1 year work experience in a customer services field</p></li><li><p>Ability to multitask with attention to detail</p></li><li><p>Ability to resolve issues with professionalism and tact</p></li><li><p>Ability to lift or move 40 lbs. or greater</p></li><li><p>Ability to grasp, lift or carry packages on a standard wheeled cart with a load capacity of 75 lbs.</p></li><li><p>Ability to walk, bend, kneel, stand or sit for an extended period of time</p></li><li><p>Successful candidates must be fully vaccinated from COVID-19 as a condition of employment prior to the start date</p></li></ul><p>If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!</p><p>It is Epiq's policy to comply with all applicable equal employment opportunity laws by making all employment decisions without unlawful regard or consideration of any individual's race, religion, ethnicity, color, sex, sexual orientation, gender identity or expressions, transgender status, sexual and other reproductive health decisions, marital status, age, national origin, genetic information, ancestry, citizenship, physical or mental disability, veteran or family status or any other basis protected by applicable national, federal, state, provincial or local law. Epiq's policy prohibits unlawful discrimination based on any of these impermissible bases, as well as any bases or grounds protected by applicable law in each jurisdiction. In addition Epiq will take affirmative action for minorities, women, covered veterans and individuals with disabilities. If you need assistance or an accommodation during the application process because of a disability, it is available upon request. Epiq is pleased to provide such assistance and no applicant will be penalized as a result of such a request. Pursuant to relevant law, where applicable, Epiq will consider for employment qualified applicants with arrest and conviction records.</p><br> Epiq Systems, Inc. Raleigh NC


Red Hat Inc.