Counsel, Privacy, Ai, And Data Protection

• Accountable for the design, implementation, and ongoing effectiveness of Valvoline's global privacy program, including governance structure, policies, and operational processes
• Owns enterprise interpretation and application of global privacy laws (e.g., GDPR, CCPA/CPRA), establishing company-wide standards and guidance
• Accountable for core privacy program operations, including DPIAs/PIAs, DSAR processes, data mapping, and records of processing activities, ensuring they are scalable, auditable, and consistently executed
• Establishes and monitors program KPIs and metrics to measure compliance, maturity, and operational effectiveness
• drives remediation where gaps exist
• Leads integration of privacy-by-design principles into business processes, systems, and product development, ensuring consistent adoption across functions
• Accountable for the enterprise AI governance framework, including policy development, risk classification models, and required controls
• Owns the legal review and risk determination framework for AI/ML use cases, including defining approval thresholds and escalation criteria
• Ensures AI initiatives meet regulatory, ethical, and internal governance standards, providing final legal guidance on high-risk or ambiguous use cases
• Translates global AI regulatory developments into enforceable internal requirements, ensuring timely adoption across the enterprise
• Partners cross-functionally but retain accountability for the legal sufficiency and defensibility of AI governance practices
• Accountable for identifying and assessing enterprise-level legal risks related to data protection, cybersecurity, and AI
• Owns legal guidance on cross-border data transfers and data governance structures, including approval of compliant transfer mechanisms
• Serves as the lead legal advisor during data incidents, accountable for legal risk assessment, privilege strategy, and notification obligations
• Oversees legal support for regulatory inquiries, audits, and investigations, ensuring consistency and defensibility of the company's position
• Drives alignment with Information Security and Compliance, while maintaining ownership of legal risk positions and interpretations
• Accountable for establishing legal standards and required clauses for data protection and AI in commercial agreements
• Provides final legal approval on complex or high-risk data-related contractual terms, including cross-border arrangements
• Oversees third-party privacy and AI risk assessment frameworks, ensuring vendors meet company standards
• Supports strategic initiatives and transactions, retaining accountability for privacy and AI risk positions
• Acts as the primary legal authority and advisor to senior leadership on privacy, cybersecurity, and AI matters
• Drives enterprise-wide understanding and adoption of privacy and AI requirements through training, frameworks, and practical tools
• Influences decision-making at the leadership level, particularly where legal risk and business strategy intersect
• Ensures alignment across Legal, Compliance, Risk, and business functions, while maintaining clear ownership of legal interpretations and positions

• Juris Doctor (JD) degree from an accredited law school and active license to practice law in at least one U.S. jurisdiction
• Minimum of 8-12 years of legal experience, with significant focus on privacy, data protection, cybersecurity, and/or technology law
• Demonstrated expertise in U.S. and global privacy laws and frameworks (e.g., GDPR, CCPA/CPRA) and strong familiarity with emerging AI regulatory requirements
• Experience advising on AI/ML technologies, data-driven business models, or digital products, including governance and risk management considerations
• Proven experience building or supporting global privacy programs and operationalizing compliance frameworks (e.g., DPIAs, DSARs, data mapping)
• Strong experience partnering with Product, Engineering, IT, and Security teams to translate legal requirements into practical solutions
• Demonstrated ability to operate independently, manage complex cross-functional initiatives, and provide strategic, risk-based legal advice
• Excellent communication, negotiation, and stakeholder engagement skills, with the ability to influence senior leaders
• Ability to travel (approximately 10-20%) to support global business initiatives and team engagement
• Collaborate effectively across global time zones, providing support to regional stakeholders and participating in meetings outside standard business hours as needed to support a globally distributed organization

Relevant certifications (e.g., CIPP/US, CIPP/E, CIPM, AIGP) preferred

• Health insurance plans (medical, dental, vision)
• Health Savings Account (with an employer-base deposit and match)
• Flexible spending accounts
• Competitive 401(k) with generous employer base deposit and match
• Incentive opportunity
• Life insurance
• Short- and long-term disability insurance
• Paid vacation and holidays
• Employee Assistance Program
• Employee discounts
• PTO Buy/Sell Options
• Tuition reimbursement
• Adoption assistance