CrawlJobs Logo
Valvoline Logo Valvoline · Legal

Counsel, Privacy, AI, and Data Protection

United States, Lexington Employment contract 150000.00 - 175000.00 USD / Year · Job Posted May 28, 2026
Apply Position
Job Link Share

Job Description

Why Valvoline Global Operations? At Valvoline Global Operations, we're proud to be The Original Motor Oil, but we've never rested on being first. Founded in 1866, we introduced the world's first branded motor oil, staking our claim as a pioneer in the automotive and industrial solutions industry. Today, as an affiliate of Aramco, one of the world's largest integrated energy and chemicals companies, we are driven by innovation and committed to creating sustainable solutions for a better future. With a global presence, we develop future-ready products and provide best-in-class services for our partners around the world. For us, originality isn't just about where we began; it's about where we're headed and how we'll lead the way. We are originality in motion. Our corporate values—Care, Integrity, Passion, Unity, and Excellence—are at the heart of everything we do. These values define how we operate, how we treat one another, and how we engage with our partners, customers, and the communities we serve. At Valvoline Global, we are united in our commitment to: Treating everyone with care; Acting with unwavering integrity; Striving for excellence in all endeavors; Delivering on our commitments with passion; Collaborating as one unified team. When you join Valvoline Global, you'll become part of a culture that celebrates creativity, innovation, and excellence. Together, we're shaping the future of automotive and industrial solutions. Valvoline Global Operations Headquarters is located in Lexington, KY. We prefer local candidates willing to work an in-office work schedule (3 days per week). *We're also open to candidates working in a remote capacity. The Counsel for Privacy, AI, and Data Protection serves as the enterprise subject matter authority and accountable legal owner for Valvoline Global Operations' global privacy, data protection, and AI governance programs. This role is responsible for establishing and maintaining scalable, compliant, and business-enabling frameworks that govern the organization's use of data and artificial intelligence across all regions. Operating with significant independence, this role translates complex and evolving regulatory requirements into actionable enterprise policies, standards, and risk-based guidance. The position has direct accountability for the effectiveness, maturity, and continuous improvement of privacy and AI governance programs, influencing senior leadership decisions and enabling responsible innovation while protecting the organization from regulatory, legal, and reputational risk.

Job Responsibility

  • Accountable for the design, implementation, and ongoing effectiveness of Valvoline's global privacy program, including governance structure, policies, and operational processes
  • Owns enterprise interpretation and application of global privacy laws (e.g., GDPR, CCPA/CPRA), establishing company-wide standards and guidance
  • Accountable for core privacy program operations, including DPIAs/PIAs, DSAR processes, data mapping, and records of processing activities, ensuring they are scalable, auditable, and consistently executed
  • Establishes and monitors program KPIs and metrics to measure compliance, maturity, and operational effectiveness
  • drives remediation where gaps exist
  • Leads integration of privacy-by-design principles into business processes, systems, and product development, ensuring consistent adoption across functions
  • Accountable for the enterprise AI governance framework, including policy development, risk classification models, and required controls
  • Owns the legal review and risk determination framework for AI/ML use cases, including defining approval thresholds and escalation criteria
  • Ensures AI initiatives meet regulatory, ethical, and internal governance standards, providing final legal guidance on high-risk or ambiguous use cases
  • Translates global AI regulatory developments into enforceable internal requirements, ensuring timely adoption across the enterprise
  • Partners cross-functionally but retain accountability for the legal sufficiency and defensibility of AI governance practices
  • Accountable for identifying and assessing enterprise-level legal risks related to data protection, cybersecurity, and AI
  • Owns legal guidance on cross-border data transfers and data governance structures, including approval of compliant transfer mechanisms
  • Serves as the lead legal advisor during data incidents, accountable for legal risk assessment, privilege strategy, and notification obligations
  • Oversees legal support for regulatory inquiries, audits, and investigations, ensuring consistency and defensibility of the company's position
  • Drives alignment with Information Security and Compliance, while maintaining ownership of legal risk positions and interpretations
  • Accountable for establishing legal standards and required clauses for data protection and AI in commercial agreements
  • Provides final legal approval on complex or high-risk data-related contractual terms, including cross-border arrangements
  • Oversees third-party privacy and AI risk assessment frameworks, ensuring vendors meet company standards
  • Supports strategic initiatives and transactions, retaining accountability for privacy and AI risk positions
  • Acts as the primary legal authority and advisor to senior leadership on privacy, cybersecurity, and AI matters
  • Drives enterprise-wide understanding and adoption of privacy and AI requirements through training, frameworks, and practical tools
  • Influences decision-making at the leadership level, particularly where legal risk and business strategy intersect
  • Ensures alignment across Legal, Compliance, Risk, and business functions, while maintaining clear ownership of legal interpretations and positions

Requirements

  • Juris Doctor (JD) degree from an accredited law school and active license to practice law in at least one U.S. jurisdiction
  • Minimum of 8–12 years of legal experience, with significant focus on privacy, data protection, cybersecurity, and/or technology law
  • Demonstrated expertise in U.S. and global privacy laws and frameworks (e.g., GDPR, CCPA/CPRA) and strong familiarity with emerging AI regulatory requirements
  • Experience advising on AI/ML technologies, data-driven business models, or digital products, including governance and risk management considerations
  • Proven experience building or supporting global privacy programs and operationalizing compliance frameworks (e.g., DPIAs, DSARs, data mapping)
  • Strong experience partnering with Product, Engineering, IT, and Security teams to translate legal requirements into practical solutions
  • Demonstrated ability to operate independently, manage complex cross-functional initiatives, and provide strategic, risk-based legal advice
  • Excellent communication, negotiation, and stakeholder engagement skills, with the ability to influence senior leaders
  • Ability to travel (approximately 10–20%) to support global business initiatives and team engagement
  • Collaborate effectively across global time zones, providing support to regional stakeholders and participating in meetings outside standard business hours as needed to support a globally distributed organization

Nice to have

Relevant certifications (e.g., CIPP/US, CIPP/E, CIPM, AIGP) preferred

What we offer

  • Health insurance plans (medical, dental, vision)
  • Health Savings Account (with an employer-base deposit and match)
  • Flexible spending accounts
  • Competitive 401(k) with generous employer base deposit and match
  • Incentive opportunity
  • Life insurance
  • Short- and long-term disability insurance
  • Paid vacation and holidays
  • Employee Assistance Program
  • Employee discounts
  • PTO Buy/Sell Options
  • Tuition reimbursement
  • Adoption assistance
  • bonus eligible
Valvoline - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Counsel, Privacy, AI, and Data Protection

8 matching positions

Data Protection & AI Counsel

Our Privacy, AI & Data Protection Counsel position is a fantastic opportunity fo...
Location
Location
United Kingdom
Salary
Salary:
Not provided
wiz.io Logo
Wiz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience with a focus on privacy, data protection, and AI domains
  • Expertise in global privacy concepts and laws (specifically US, EU, UK privacy and data protection laws are a must)
  • General understanding and experience handling other global laws or ability to learn, understand and practically implement new laws quickly
  • Expertise in AI governance frameworks (e.g., EU AI Act, ISO, NIST AI RMF)
  • Expertise in security best practices
  • Ability to assess a wide variety of complex situations and questions quickly and provide practical, business oriented advice
  • Ability to multi-task and work in a fast paced environment with a “go-getter” and hands on approach
  • Proven ability to learn quickly about new technologies and what data protection risks and challenges these create for the business and understand how to practically mitigate and manage such risks
  • Proven ability to assess, mitigate, and manage risks related to AI deployment, data privacy, and regulatory compliance
  • A team-player, collaborative mindset, with experience collaborating with legal, compliance, and technical teams to implement Privacy-Enhancing Technologies (PETs) and ensure responsible AI deployment across the organization
Job Responsibility
Job Responsibility
  • Be part of Wiz’s global Data Protection team to advance Wiz’s global privacy, data protection, and AI compliance program, with a specific focus on third party risk management and mitigation, enterprise initiatives involving AI and data protection considerations and AI Governance
  • Work closely with the wider Wiz legal, compliance and security teams
  • Support the procurement legal team as the Subject Matter Expert for privacy, AI and data protection matters arising in Wiz’s vendor relationships and third-party contracts
  • Advising and assisting Wiz’s commercial procurement attorneys on negotiating DPAs, security addenda and AI provisions
  • Providing practical, business oriented solutions while protecting Wiz’s data and interests
  • Developing and maintaining internal resources and providing training and guidance to help the teams with their BAU work
  • Provide guidance to internal business stakeholders on managing privacy, data protection, and AI-related risks in vendor engagements and a wide variety of internal initiatives involving privacy, AI and data protection considerations, ensuring alignment with Wiz’s compliance framework and principles and applicable laws
  • Identify, assess, mitigate and track privacy, data protection and AI-related risks at the enterprise level to ensure compliance with regulatory and industry standards, and help drive programs that strengthen privacy and AI risk management across the company
  • Contribute to the building and maturity of Wiz’s AI Governance Program and track the evolving landscape of AI regulations and standards (e.g., EU AI Act, US states GenAI Laws) and provide practical guidance to different internal teams
Read More
Arrow Right

Data Protection & AI Counsel

Our Privacy, AI & Data Protection Counsel position is a fantastic opportunity fo...
Location
Location
Germany
Salary
Salary:
Not provided
wiz.io Logo
Wiz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience with a focus on privacy, data protection, and AI domains
  • Expertise in global privacy concepts and laws (specifically US, EU, UK privacy and data protection laws are a must, with a general understanding and experience handling other global laws or ability to learn, understand and practically implement new laws quickly)
  • Expertise in AI governance frameworks (e.g., EU AI Act, ISO, NIST AI RMF), and security best practices
  • Ability to assess a wide variety of complex situations and questions quickly and provide practical, business oriented advice
  • Ability to multi-task and work in a fast paced environment with a “go-getter” and hands on approach
  • Proven ability to learn quickly about new technologies and what data protection risks and challenges these create for the business and understand how to practically mitigate and manage such risks
  • Proven ability to assess, mitigate, and manage risks related to AI deployment, data privacy, and regulatory compliance
  • A team-player, collaborative mindset, with experience collaborating with legal, compliance, and technical teams to implement Privacy-Enhancing Technologies (PETs) and ensure responsible AI deployment across the organization
  • Ability to navigate evolving regulatory landscapes, emerging AI risks, and business needs
  • Ability to provide practical strategic insights and contributions to the long term growth and maturity of Wiz’s programs
Job Responsibility
Job Responsibility
  • Be part of Wiz’s global Data Protection team to advance Wiz’s global privacy, data protection, and AI compliance program, with a specific focus on third party risk management and mitigation, enterprise initiatives involving AI and data protection considerations and AI Governance
  • Work closely with the wider Wiz legal, compliance and security teams
  • Support the procurement legal team as the Subject Matter Expert for privacy, AI and data protection matters arising in Wiz’s vendor relationships and third-party contracts
  • Provide guidance to internal business stakeholders on managing privacy, data protection, and AI-related risks in vendor engagements and a wide variety of internal initiatives involving privacy, AI and data protection considerations, ensuring alignment with Wiz’s compliance framework and principles and applicable laws
  • Identify, assess, mitigate and track privacy, data protection and AI-related risks at the enterprise level to ensure compliance with regulatory and industry standards, and help drive programs that strengthen privacy and AI risk management across the company
  • Contribute to the building and maturity of Wiz’s AI Governance Program and track the evolving landscape of AI regulations and standards (e.g., EU AI Act, US states GenAI Laws) and provide practical guidance to different internal teams
Read More
Arrow Right

Product & Data Protection Counsel

Come join the company that is reinventing cloud security and empowering business...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
wiz.io Logo
Wiz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A minimum of 3 years of experience in an in-house product counsel role
  • Technical understanding of the development and functionality of SaaS products
  • Familiarity with privacy, data protection, and IP laws, as well as practical issues including AI, open source, and export control
  • Experience negotiating and drafting commercial agreements, including SaaS and integration agreements, with a focus on privacy and security terms
  • Excellent ability to communicate legal requirements to a non-legal audience and identify practical solutions
  • Proven ability to collaborate effectively with other teams, including Security, GRC, Product, and R&D
  • Strong operational and organizational skills with experience building and managing processes
  • Strong research and analytical skills
  • Fluency in English is a must
Job Responsibility
Job Responsibility
  • Work as part of the Wiz Product & Data Protection Team, with members based in Israel and the US
  • Act as a key partner and advisor to Wiz’s Product and R&D teams, advising on legal, commercial, regulatory, and data protection aspects throughout the product lifecycle
  • Assess, mitigate, and manage risks related to the product lifecycle and serve as a subject matter expert on product issues
  • Handle reviews of new product features and processing activities from a privacy, data protection, and compliance perspective
  • Review and negotiate product-related vendor and integration agreements
Read More
Arrow Right

Global Data Privacy Counsel

We are looking for a senior attorney with extensive experience in global data pr...
Location
Location
United States , Atlanta
Salary
Salary:
Not provided
arrive.com Logo
Arrive
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Juris Doctor degree from a reputable, accredited U.S. law school
  • Active license in good standing with one or more U.S. state bars (Georgia preferred)
  • 10+ years of progressive experience in data privacy and cybersecurity legal matters, with significant in-house experience at a high-growth, technology-driven company
  • Deep expertise and knowledge of and hands-on experience with U.S. and international data privacy, cybersecurity, and compliance laws and frameworks (including GDPR, CCPA/CPRA, PCI-DSS, ISO certifications, and other relevant global standards) and leading-edge AI regulations and frameworks
  • Demonstrated success in providing strategic legal counsel that balances risk management with enabling innovation and business growth, particularly in payments and data-driven initiatives
  • Proven experience leading global privacy and data protection programs, including managing privacy and data protection risk frameworks and governance
  • Experience managing external counsel, auditors, and regulators
  • Proven ability to lead, develop, and inspire diverse, global teams, including direct leadership experience with Data Protection Officers and other privacy professionals
  • Strong business acumen with the ability to translate complex legal concepts into clear, actionable advice that aligns with business objectives and supports deal-making and sales acceleration
  • Excellent communication and interpersonal skills, with the ability to influence stakeholders at all levels, including senior executives and cross-functional teams globally
Job Responsibility
Job Responsibility
  • Serve as a trusted strategic legal advisor to executive leadership, business unit and function heads, and the governance committees on global privacy, data protection, and cybersecurity risks, as well as opportunities aligned with rapid business growth and innovation
  • Design, lead, and continuously evolve the global privacy and data protection program, ensuring it not only meets regulatory requirements but also supports scalable growth and competitive advantage in a fast-paced, high-growth environment
  • Partner closely with product, technology, payments, data, software and hardware sales, marketing, and strategy teams to embed privacy-by-design and data governance principles into all data-driven and payment-related initiatives
  • Advise on privacy, data protection, cross-border data processing, and emerging technologies (AI and machine learning), in connection with parking, public transport and other urban mobility technologies and data services (B2B, B2C), to help the company navigate these complex regulatory environments while accelerating innovation
  • Balance risk management with enabling agility—help business units achieve their ambitious growth objectives without compromising compliance or customer trust
  • Lead and manage a global, unified privacy and data protection team, including the EU Data Protection Officer and EU Privacy Program Manager, and serve as the global privacy and data protection leader responsible for harmonizing privacy and data protection practices across all regions
  • Act as the company’s U.S. and Canada Privacy Officer, overseeing all U.S.-specific and Canada-specific aspects of the global privacy and data protection program
  • Own enterprise-wide development, implementation, and continuous improvement of privacy and data protection policies, standards, and frameworks aligned with relevant global privacy and data protection-related regulations
  • Develop and maintain a privacy and data protection risk management framework and a dashboard of key privacy metrics to inform leadership decision making and monitor program effectiveness in a high-growth environment
  • Lead privacy and data protection audits and program assessments to ensure compliance and identify areas for improvement aligned with rapid company growth
Read More
Arrow Right

Privacy Counsel

We are on the lookout for a Privacy Counsel to join Delivery Hero Data Protectio...
Location
Location
Germany , Berlin
Salary
Salary:
Not provided
deliveryhero.com Logo
Delivery Hero
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience (3+ years) in data protection / privacy or related areas
  • An educational background in law, at least bachelor's or comparable degree (e.g. German First States Examination)
  • Excellent English language skills
  • Strong communication and stakeholder management skills, with experience influencing across different cultures and functions
  • Proactive, taking ownership, anticipating challenges, and actively supporting initiatives forward
Job Responsibility
Job Responsibility
  • Provide legal advice on data protection matters under global frameworks such as the GDPR
  • Provide expert, risk-based privacy advice to the business on new products, initiatives, and operational changes
  • Provide guidance on employee data protection (Beschäftigtendatenschutz), including policies and processes for handling employee personal data
  • Support the data mapping process and documentation of data processing activities, including the performance of data protection impact assessments (DPIAs)
  • Develop, implement, and maintain global privacy and data protection policies, notices, and internal procedures
  • Support the team’s communications to the DH Group management board, supervisory board, and business leadership teams
  • Conduct privacy maturity audits, ensuring consistency in reporting and remediation efforts
  • Support fine-related or other legal proceedings and investigations, including the development of mitigation plans
  • Monitor ongoing developments around AI governance and contribute to the improvement of AI governance frameworks
What we offer
What we offer
  • Hybrid working model
  • 27 days holiday with an extra day on 2nd and 3rd year of service
  • 1.000 € Educational Budget
  • Language Courses
  • Parental Support
  • Access to the Udemy Business platform
  • Health Checkups
  • Meditation
  • Yoga
  • Gym & Bicycle Subsidy
  • Fulltime
Read More
Arrow Right

Cybersecurity & Data Privacy Associate

A US law firm is seeking a Cybersecurity & Data Privacy Associate to join its dy...
Location
Location
United Kingdom , London
Salary
Salary:
180000.00 - 280000.00 GBP / Year
https://www.douglas-scott.co.uk Logo
Douglas Scott
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • England & Wales-qualified lawyer or equivalent
  • strong academic background
  • experience in cybersecurity and data privacy
  • experience with GDPR and UK privacy compliance frameworks
  • understanding of NIS2, DORA, and operational resilience laws
  • knowledge of M&A due diligence and data privacy aspects of transactions
  • ability to draft privacy policies, data protection agreements, and notices
  • passion for cybersecurity, data protection, and emerging technology law
  • knowledge of AI governance and regulation.
Job Responsibility
Job Responsibility
  • Advising on cybersecurity preparedness and incident response
  • managing regulatory investigations and enforcement actions, particularly with UK/EU regulators
  • assisting clients with building GDPR and UK privacy compliance frameworks, including NIS2, DORA, and operational resilience laws
  • supporting M&A due diligence and data privacy aspects of transactions
  • drafting privacy policies, data protection agreements, and notices
  • providing counsel on AI governance and emerging tech issues.
What we offer
What we offer
  • Top of the market US market salary
  • year-end bonus
  • comprehensive benefits package, including technology allowances, gym benefits, private medical insurance, enhanced parental leave
  • hybrid working model
  • access to top-tier training, mentoring, and real-time feedback
  • dedicated support for lateral hires through the firm’s Skadden Integration+ program
  • opportunities to participate in pro bono work through the firm’s collaboration with LawWorks.
  • Fulltime
Read More
Arrow Right

Privacy & AI Analyst

As Privacy & AI Analyst at Perk, you’ll help shape the future of privacy and AI ...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
yokoy.io Logo
Yokoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Passion for Privacy & AI in the evolving tech space
  • 2-5 years of experience in privacy, data protection, AI governance, compliance, information security, or a related field, ideally in a technology or SaaS environment
  • Practical knowledge of key Privacy & AI regulations and frameworks
  • Proven track record owning privacy operations end‑to‑end with no to minimal supervision
  • Ability to grasp complex technical concepts
  • Excellent problem‑solving and sound risk judgment
  • Clear, concise communication tailored to technical and non‑technical audiences
  • Self‑starter, able to prioritize impact over effort
Job Responsibility
Job Responsibility
  • Help build and evolve Perk's privacy and AI governance programs
  • Identify and assess privacy and AI risks
  • Manage our privacy and AI tooling stack
  • Keep policies and guidelines updated
  • Handle day-to-day privacy inquiries
  • Run core accountability activities
  • Partner with the Privacy Counsel & DPO to turn regulatory updates into practical guidance
  • Track and report key program performance metrics
  • Keep our privacy and AI governance programs aligned to GDPR, the EU AI Act, and other applicable laws
  • Support ISO 27701/27001/42001/23894 internal and external audits
What we offer
What we offer
  • Competitive compensation and equity ownership
  • Generous allocation of vacation days plus public holidays
  • Choice of private healthcare or a gym allowance
  • Life Insurance
  • Perk events
  • Access to 12x therapy and 12x coaching sessions
  • Flexible compensation plan
  • 17 weeks’ paid parental leave
  • 16 paid hours per year for volunteering
  • Up to 20 "Work from Anywhere" days per year
  • Fulltime
Read More
Arrow Right

Privacy & AI Analyst

As Privacy & AI Analyst at Perk, you’ll help shape the future of privacy and AI ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
yokoy.io Logo
Yokoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Passion for Privacy & AI in the evolving tech space
  • 2-5 years of experience in privacy, data protection, AI governance, compliance, information security, or a related field, ideally in a technology or SaaS environment
  • Practical knowledge of key Privacy & AI regulations and frameworks
  • Proven track record owning privacy operations end‑to‑end with no to minimal supervision
  • Ability to grasp complex technical concepts
  • Excellent problem‑solving and sound risk judgment
  • Clear, concise communication tailored to technical and non‑technical audiences
  • strong drafting skills for policies, guidance, and training
  • Self‑starter, able to prioritize impact over effort
Job Responsibility
Job Responsibility
  • Help build and evolve Perk's privacy and AI governance programs
  • Identify and assess privacy and AI risks
  • Manage privacy and AI tooling stack
  • Keep policies and guidelines updated
  • Handle day-to-day privacy inquiries including DSR intake, responses, tracking, and escalation
  • Run core accountability activities like ROPAs, AI inventory, DPIAs/FRIAs, LIAs, TIAs, consent tracking, marketing opt-outs, and third-party due diligence
  • Partner with the Privacy Counsel & DPO to turn regulatory updates into practical, scalable guidance
  • Track and report key program performance metrics, trends, and risks
  • Keep privacy and AI governance programs aligned to GDPR, the EU AI Act, and other applicable laws
  • Support ISO 27701/27001/42001/23894 internal and external audits, evidence collection, and ongoing maintenance
What we offer
What we offer
  • 25 days of annual leave plus bank holidays
  • Competitive compensation and equity ownership
  • Private medical cover and voluntary dental insurance from Bupa
  • Discounted gym memberships with GymFlex
  • Company pension plan with Aviva
  • Life Insurance
  • Income protection
  • Tax-efficient cycle and electric car schemes with Cycle2Work & Octopus
  • Unforgettable Perk events
  • Access to 12x therapy and 12x coaching sessions via Spring Health
  • Fulltime
Read More
Arrow Right