CrawlJobs Logo
Arrive Logo Arrive · Legal

Global Data Privacy Counsel

United States, Atlanta · Job Posted December 20, 2025
Apply Position
Job Link Share

Job Description

We are looking for a senior attorney with extensive experience in global data privacy, cybersecurity, commercial deals in the technology space, and regulatory matters to join our U.S. office within our global legal department as the Global Data Privacy Counsel and U.S. and Canada Privacy Officer. You will advise the business on complex privacy, data protection, cybersecurity, and emerging technology issues and play a leading role in designing, leading, and continuously improving our global data privacy program.

Job Responsibility

  • Serve as a trusted strategic legal advisor to executive leadership, business unit and function heads, and the governance committees on global privacy, data protection, and cybersecurity risks, as well as opportunities aligned with rapid business growth and innovation
  • Design, lead, and continuously evolve the global privacy and data protection program, ensuring it not only meets regulatory requirements but also supports scalable growth and competitive advantage in a fast-paced, high-growth environment
  • Partner closely with product, technology, payments, data, software and hardware sales, marketing, and strategy teams to embed privacy-by-design and data governance principles into all data-driven and payment-related initiatives
  • Advise on privacy, data protection, cross-border data processing, and emerging technologies (AI and machine learning), in connection with parking, public transport and other urban mobility technologies and data services (B2B, B2C), to help the company navigate these complex regulatory environments while accelerating innovation
  • Balance risk management with enabling agility—help business units achieve their ambitious growth objectives without compromising compliance or customer trust
  • Lead and manage a global, unified privacy and data protection team, including the EU Data Protection Officer and EU Privacy Program Manager, and serve as the global privacy and data protection leader responsible for harmonizing privacy and data protection practices across all regions
  • Act as the company’s U.S. and Canada Privacy Officer, overseeing all U.S.-specific and Canada-specific aspects of the global privacy and data protection program
  • Own enterprise-wide development, implementation, and continuous improvement of privacy and data protection policies, standards, and frameworks aligned with relevant global privacy and data protection-related regulations
  • Develop and maintain a privacy and data protection risk management framework and a dashboard of key privacy metrics to inform leadership decision making and monitor program effectiveness in a high-growth environment
  • Lead privacy and data protection audits and program assessments to ensure compliance and identify areas for improvement aligned with rapid company growth
  • Identify, assess, and manage emerging risks related to data privacy and data governance, providing timely reports and actionable insights to governance committees and senior leadership
  • Promote privacy-by-design methodologies in partnership with technology and product teams
  • Drive global privacy and data protection training and awareness programs, cultivating a culture of accountability and privacy-mindedness across diverse teams and geographies
  • Lead interactions with external counsel, auditors, and regulators to anticipate, influence, and respond to evolving privacy, data protection and cybersecurity regulations and issues
  • Facilitate and review privacy and data protection impact assessments (PIAs/DPIAs) for new products and strategic data-driven initiatives
  • Oversee compliance with cross-border data transfer, localization, and data sovereignty requirements, particularly in the context of large-scale data processing
  • Provide expert legal counsel and strategic advice on privacy and data protection-related provisions in commercial agreements (sales, third-party, etc.)—actively enabling and accelerating deals and sales while ensuring privacy and compliance are embedded in all business dealings, especially those with cross-border implications
  • Provide expert counsel on legal and ethical considerations related to AI, machine learning, and other emerging technologies, ensuring compliance with evolving AI governance frameworks and data ethics standards
  • Lead privacy risk assessments and governance frameworks for AI/ML projects to promote responsible and transparent AI
  • Support innovation while ensuring that AI-driven products and services meet high standards of privacy, security, and regulatory compliance
  • Lead and coordinate enterprise privacy incident response in collaboration with Information Security and senior leadership, minimizing legal risks and ensuring effective communication with internal and external stakeholders during an incident
  • Advise on proactive incident response plans to ensure efficiencies and collaboration across stakeholders while managing legal risk

Requirements

  • Juris Doctor degree from a reputable, accredited U.S. law school
  • Active license in good standing with one or more U.S. state bars (Georgia preferred)
  • 10+ years of progressive experience in data privacy and cybersecurity legal matters, with significant in-house experience at a high-growth, technology-driven company
  • Deep expertise and knowledge of and hands-on experience with U.S. and international data privacy, cybersecurity, and compliance laws and frameworks (including GDPR, CCPA/CPRA, PCI-DSS, ISO certifications, and other relevant global standards) and leading-edge AI regulations and frameworks
  • Demonstrated success in providing strategic legal counsel that balances risk management with enabling innovation and business growth, particularly in payments and data-driven initiatives
  • Proven experience leading global privacy and data protection programs, including managing privacy and data protection risk frameworks and governance
  • Experience managing external counsel, auditors, and regulators
  • Proven ability to lead, develop, and inspire diverse, global teams, including direct leadership experience with Data Protection Officers and other privacy professionals
  • Strong business acumen with the ability to translate complex legal concepts into clear, actionable advice that aligns with business objectives and supports deal-making and sales acceleration
  • Excellent communication and interpersonal skills, with the ability to influence stakeholders at all levels, including senior executives and cross-functional teams globally
  • Proficiency in using Governance, Risk, and Compliance (GRC) systems to manage privacy programs is a plus
  • A collaborative, flexible, and pragmatic mindset, eager to work across cultures and geographies in a fast-paced, high-growth environment
  • Written and verbal fluency in English required
  • additional language skills are a valuable asset

Nice to have

  • Proficiency in using Governance, Risk, and Compliance (GRC) systems to manage privacy programs is a plus
  • additional language skills are a valuable asset
Arrive - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Global Data Privacy Counsel

8 matching positions

Counsel – Privacy & Data Protection

Mastercard’s global Commercial and New Payment Flows (CNPF) Privacy team is seek...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
mastercard.com Logo
Mastercard
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Qualified lawyer with a strong academic foundation and solid legal training
  • Additional certifications (e.g., IAPP) are a plus
  • Keen interest in global data privacy developments and a working knowledge of privacy and data protection frameworks (e.g., GDPR
  • familiarity with others like CCPA is helpful but can be learned on the job) with some practical experience applying them, previous inhouse or technology/privacy exposure is beneficial
  • Familiarity with financial services, payments, or digital products is preferred, or a strong willingness to learn about these sectors
  • Experience with privacy platforms such as OneTrust is an advantage
  • Curiosity about digital technologies and an interest in how they intersect privacy and data governance
  • Proactive, practical, and eager to translate legal requirements into clear, usable guidance with support from senior team members
  • Strong verbal and written communication skills, with the ability to simplify complex information for non-legal audiences
  • Highly organized, detail-oriented, and able to manage multiple tasks in a fast-paced environment
Job Responsibility
Job Responsibility
  • Provide day to day privacy support to business teams, handling product queries and operational issues, and escalating complex matters where needed
  • Support the CNPF privacy team, including Move (Mastercard Send and Cross Border Services), by preparing guidance, assessments, and initial reviews for product initiatives and market expansion
  • Advise across the broader CNPF space (including B2B payments and SME solutions) on data use, AI enabled products, data flows, and controller/processor roles in multi party ecosystems
  • Embed Privacy by Design into the product lifecycle through initial impact assessments, risk screenings, and alignment with Mastercard’s privacy and AI governance frameworks
  • Assist with responses to government data requests, RFIs, and CDD inquiries by gathering inputs, preparing drafts, and ensuring compliance with internal and legal requirements
  • Support contracting by drafting and reviewing standard data protection terms, preparing for negotiations, and escalating higher risk issues
  • Monitor regulatory developments and contribute to legal scans, providing clear, practical summaries of key impacts
  • Help build privacy awareness across the business, including developing training materials and supporting capability building efforts
  • Collaborate across teams to ensure consistent application of privacy requirements and effective follow through on actions
  • Fulltime
Read More
Arrow Right

Lead Counsel, Data Privacy

You will join as Senior Lead Counsel, Data & Privacy, with primary responsibilit...
Location
Location
United States , San Francisco; New York
Salary
Salary:
180000.00 - 270000.00 USD / Year
airwallex.com Logo
Airwallex
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • U.S. legal qualification (or foreign equivalent) and active license to practice in at least one US jurisdiction
  • 8 years of experience in an in‑house legal department and/or in private practice advising on technology, data and privacy issues related to technical platforms and products
  • Strong knowledge of US federal and state privacy and data‑security laws (such as CCPA/CPRA and GLBA/Reg P) and how they intersect with payments and broader financial‑services regulation, plus working knowledge of GDPR and Canadian/South American privacy requirements (such as LGPD)
  • Experience providing guidance on US related privacy adtech requirements and technologies, including varying consent frameworks under US state privacy laws, and operationalizing consent management requirements
  • Demonstrated experience partnering with technical teams (Product, Engineering, Information Security) to translate legal and regulatory requirements into practical technical designs, controls, and processes
  • Demonstrated experience advising on emerging US and global AI legal requirements and AI‑governance best practices, and experience advising on AI/ML tools, vendors, or products from a privacy and data‑protection perspective
  • Experience providing data and privacy legal support during security or privacy incidents, including incident assessment, notification analysis, and remediation planning
  • Excellent written and verbal communication skills, with the ability to explain complex legal concepts to non‑lawyers and senior executives, and to drive clear decisions in ambiguous, time‑sensitive situations
  • High degree of ownership, resilience, and pragmatism
  • comfortable working in a fast‑paced, high‑growth fintech environment and managing multiple complex matters in parallel
Job Responsibility
Job Responsibility
  • Serve as lead data and privacy counsel for the US and Americas region, providing risk‑based, business‑oriented advice on US, Canada, and South American, data protection, AI and cybersecurity issues (including cross‑border access and national‑security‑adjacent topics), grounded in global data protection regulation and frameworks
  • Spearhead AI governance development and implementation globally, providing guidance on relevant global and US AI frameworks and executing a fit-for-purpose AI governance approach at Airwallex, including developing and implementing AI policies, procedures, privacy-related AI mitigations, and accountability frameworks
  • Develop and help execute privacy and data protection compliance programs for the Americas, specifically focused on compliance with US federal and state consumer financial privacy frameworks (GLBA, FCRA, CalFIPA) compliance, Executive Order 14117, and comprehensive state privacy compliance
  • Partner closely with Product, Engineering, Information Security, Regulatory Legal, Regulatory Compliance, Commercial Legal and Risk to embed privacy‑ and security‑by‑design in product development, technical architecture, UX, and go‑to‑market, including by spearheading DPIAs/PIAs, AI risk assessments, and other privacy impact assessments
  • Draft, review, and negotiate complex data protection and data‑sharing terms (including DPAs, cross‑border transfer terms, and AI‑related clauses) with customers, vendors, financial partners, and other third parties, acting as an escalation point for high‑risk matters
  • Coordinate and oversee international data flows touching the Americas, ensuring appropriate transfer tools and governance (e.g. SCCs or equivalent), and supporting initiatives on data localisation, storage, and access controls
  • Co‑lead the privacy and data‑protection workstream for security and data incidents related to the Americas with Information Security and other stakeholders, including triage, investigation, regulatory and customer notifications, remediation, and lessons learned
  • Advise on high‑risk or novel processing activities (e.g. new AI use cases, advanced analytics, innovative platform and embedded‑finance data models), helping structure appropriate safeguards, governance, and documentation
  • Support interactions with US and Americas regulators and policymakers on privacy, cybersecurity, data‑access and related topics, in close coordination with Regulatory Legal and Regulatory Compliance
  • Help build and refine tools and processes for privacy workflows (e.g., intake, assessment, DPIA/PIA/DPIA for AI, ROPA, DSRs), including the use of specialist tooling, metrics, and dashboards to track and evidence compliance
What we offer
What we offer
  • Offers Equity
  • Offers Bonus
  • medical, dental, and vision insurance
  • a 401(k) plan
  • short-term and long-term disability
  • basic life insurance
  • well-being benefits
  • 20 paid days of vacation
  • 12 paid days of company holidays
  • Fulltime
Read More
Arrow Right

Lead Counsel, Data Privacy

You will join as Senior Lead Counsel, Data & Privacy, with primary responsibilit...
Location
Location
United States
Salary
Salary:
160000.00 - 250000.00 USD / Year
airwallex.com Logo
Airwallex
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • U.S. legal qualification (or foreign equivalent) and active license to practice in at least one US jurisdiction
  • 8 years of experience in an in‑house legal department and/or in private practice advising on technology, data and privacy issues related to technical platforms and products
  • Strong knowledge of US federal and state privacy and data‑security laws (such as CCPA/CPRA and GLBA/Reg P) and how they intersect with payments and broader financial‑services regulation, plus working knowledge of GDPR and Canadian/South American privacy requirements (such as LGPD)
  • Experience providing guidance on US related privacy adtech requirements and technologies, including varying consent frameworks under US state privacy laws, and operationalizing consent management requirements
  • Demonstrated experience partnering with technical teams (Product, Engineering, Information Security) to translate legal and regulatory requirements into practical technical designs, controls, and processes
  • Demonstrated experience advising on emerging US and global AI legal requirements and AI‑governance best practices, and experience advising on AI/ML tools, vendors, or products from a privacy and data‑protection perspective
  • Experience providing data and privacy legal support during security or privacy incidents, including incident assessment, notification analysis, and remediation planning
  • Excellent written and verbal communication skills, with the ability to explain complex legal concepts to non‑lawyers and senior executives, and to drive clear decisions in ambiguous, time‑sensitive situations
  • High degree of ownership, resilience, and pragmatism
  • comfortable working in a fast‑paced, high‑growth fintech environment and managing multiple complex matters in parallel
Job Responsibility
Job Responsibility
  • Serve as lead data and privacy counsel for the US and Americas region, providing risk‑based, business‑oriented advice on US, Canada, and South American, data protection, AI and cybersecurity issues (including cross‑border access and national‑security‑adjacent topics), grounded in global data protection regulation and frameworks
  • Spearhead AI governance development and implementation globally, providing guidance on relevant global and US AI frameworks and executing a fit-for-purpose AI governance approach at Airwallex, including developing and implementing AI policies, procedures, privacy-related AI mitigations, and accountability frameworks
  • Develop and help execute privacy and data protection compliance programs for the Americas, specifically focused on compliance with US federal and state consumer financial privacy frameworks (GLBA, FCRA, CalFIPA) compliance, Executive Order 14117, and comprehensive state privacy compliance
  • Partner closely with Product, Engineering, Information Security, Regulatory Legal, Regulatory Compliance, Commercial Legal and Risk to embed privacy‑ and security‑by‑design in product development, technical architecture, UX, and go‑to‑market, including by spearheading DPIAs/PIAs, AI risk assessments, and other privacy impact assessments
  • Draft, review, and negotiate complex data protection and data‑sharing terms (including DPAs, cross‑border transfer terms, and AI‑related clauses) with customers, vendors, financial partners, and other third parties, acting as an escalation point for high‑risk matters
  • Coordinate and oversee international data flows touching the Americas, ensuring appropriate transfer tools and governance (e.g. SCCs or equivalent), and supporting initiatives on data localisation, storage, and access controls
  • Co‑lead the privacy and data‑protection workstream for security and data incidents related to the Americas with Information Security and other stakeholders, including triage, investigation, regulatory and customer notifications, remediation, and lessons learned
  • Advise on high‑risk or novel processing activities (e.g. new AI use cases, advanced analytics, innovative platform and embedded‑finance data models), helping structure appropriate safeguards, governance, and documentation
  • Support interactions with US and Americas regulators and policymakers on privacy, cybersecurity, data‑access and related topics, in close coordination with Regulatory Legal and Regulatory Compliance
  • Help build and refine tools and processes for privacy workflows (e.g., intake, assessment, DPIA/PIA/DPIA for AI, ROPA, DSRs), including the use of specialist tooling, metrics, and dashboards to track and evidence compliance
What we offer
What we offer
  • Offers Equity
  • Offers Bonus
  • medical, dental, and vision insurance
  • a 401(k) plan
  • short-term and long-term disability
  • basic life insurance
  • well-being benefits
  • 20 paid days of vacation
  • 12 paid days of company holidays in a calendar year
  • Fulltime
Read More
Arrow Right

Lead Privacy Counsel, Infrastructure & Data Governance

We are seeking a strategic, pragmatic, and proactive Privacy Counsel to join our...
Location
Location
United States
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • J.D. degree and membership in a state bar with good standing (or foreign equivalent)
  • 8+ years of relevant legal experience, including substantial experience advising on global privacy and data governance matters as in-house counsel
  • Demonstrated experience building and maintaining privacy compliance infrastructure, including data mapping, records of processing activities, governance frameworks, risk rubrics, and operational privacy processes
  • Demonstrated ability to operate independently, take ownership of complex cross-functional initiatives, and drive practical, scalable outcomes in a fast-paced environment
  • Ability to drive impact, outcomes and engagement using limited resources to get results
  • Established ability to balance multiple projects simultaneously and build consensus across cross-functional teams
  • Excellent written and verbal communication with ability to distill nuanced concepts into concise messages, write and edit for a variety of audiences (ranging from junior engineers to senior executives), and deliver polished presentations
Job Responsibility
Job Responsibility
  • Lead the development, implementation, and ongoing maintenance of Mozilla's core privacy compliance infrastructure, including enterprise data mapping and records of processing activities
  • Independently drive complex cross-functional privacy initiatives and operationalize scalable governance processes with minimal oversight
  • Evaluate and advise on evolving U.S., European, and international privacy and AI related regulatory developments and industry guidelines relevant to enterprise operations and internal data governance
  • Design and operationalize scalable global privacy compliance processes, controls, and documentation frameworks across Mozilla's internal systems and enterprise functions
  • Manage and advise on third-party privacy risk assessments, including vendor DPIAs, LIAs,TIAs, and related due diligence processes, using a scalable approach to manage and mitigate risk
  • Support and help manage Mozilla's privacy Mozilla's privacy incident response program, including triage, risk assessment, escalation management, documentation, and remediation coordination
  • Develop scalable training, intake, and operational processes to improve organizational privacy maturity and reduce friction for internal stakeholders, including by maintaining and implementing a robust privacy risk framework
  • Provide privacy advice in M&A transactions and post-close integration activities
What we offer
What we offer
  • Generous performance-based bonus plans to all eligible employees
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting (regardless of whether you contribute)
  • Quarterly all-company wellness days where everyone takes a pause together
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Fulltime
Read More
Arrow Right

Senior Counsel, Privacy, AI & Data Responsibility

Mastercard is committed to balancing innovation with legal compliance and has em...
Location
Location
United States of America , Purchase; Arlington
Salary
Salary:
204000.00 - 325000.00 USD / Year
mastercard.com Logo
Mastercard
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Law degree required
  • Membership to a Bar (if permitted by law)
  • Solid expertise in AI legal frameworks
  • Strong understanding of global data protection laws (e.g., GDPR, CCPA)
  • Track record dealing with Artificial Intelligence projects, products or solutions
  • Good understanding of AI technologies, incl. Generative and Agentic AI
  • Ability to translate complex technical concepts into practical legal solutions
  • Ability to collaborate across functions and influence stakeholders
  • Exceptional interpersonal skills with proven experience in relationship building and partnering
  • Superior time management, planning, and organizational skills
Job Responsibility
Job Responsibility
  • Partner with the AI and Data Office to enable AI efforts, including big bets from a privacy and AI legal perspective
  • Work with business stakeholders to implement legal, technical, operational and administrative requirements for Mastercard's AI solutions and uses stemming from evolving AI regulations globally
  • Provide AI legal and privacy expertise to key initiatives furthering Mastercard AI Governance
  • Develop and review documentation on Mastercard's Responsible AI
  • Monitor regulatory guidance and enforcement on AI laws to assess evolving impact on Mastercard’s AI Compliance Program
  • Collaborate with Public Policy and Government Affairs on engagement efforts on evolving AI regulatory and policy initiatives
What we offer
What we offer
  • Insurance (including medical, prescription drug, dental, vision, disability, life insurance)
  • Flexible spending account and health savings account
  • Paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave)
  • 80 hours of Paid Sick and Safe Time
  • 25 days of vacation time and 5 personal days, pro-rated based on date of hire
  • 10 annual paid U.S. observed holidays
  • 401k with a best-in-class company match
  • Deferred compensation for eligible roles
  • Fitness reimbursement or on-site fitness facilities
  • Eligibility for tuition reimbursement
  • Fulltime
Read More
Arrow Right

Counsel, Privacy, Ai, And Data Protection

The Counsel for Privacy, AI, and Data Protection serves as the enterprise subjec...
Location
Location
United States , Lexington
Salary
Salary:
150000.00 - 175000.00 USD / Year
valvolineglobal.com Logo
Valvoline Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Juris Doctor (JD) degree from an accredited law school and active license to practice law in at least one U.S. jurisdiction
  • Minimum of 8-12 years of legal experience, with significant focus on privacy, data protection, cybersecurity, and/or technology law
  • Demonstrated expertise in U.S. and global privacy laws and frameworks (e.g., GDPR, CCPA/CPRA) and strong familiarity with emerging AI regulatory requirements
  • Experience advising on AI/ML technologies, data-driven business models, or digital products, including governance and risk management considerations
  • Proven experience building or supporting global privacy programs and operationalizing compliance frameworks (e.g., DPIAs, DSARs, data mapping)
  • Strong experience partnering with Product, Engineering, IT, and Security teams to translate legal requirements into practical solutions
  • Demonstrated ability to operate independently, manage complex cross-functional initiatives, and provide strategic, risk-based legal advice
  • Excellent communication, negotiation, and stakeholder engagement skills, with the ability to influence senior leaders
  • Ability to travel (approximately 10-20%) to support global business initiatives and team engagement
  • Collaborate effectively across global time zones, providing support to regional stakeholders and participating in meetings outside standard business hours as needed to support a globally distributed organization
Job Responsibility
Job Responsibility
  • Accountable for the design, implementation, and ongoing effectiveness of Valvoline's global privacy program, including governance structure, policies, and operational processes
  • Owns enterprise interpretation and application of global privacy laws (e.g., GDPR, CCPA/CPRA), establishing company-wide standards and guidance
  • Accountable for core privacy program operations, including DPIAs/PIAs, DSAR processes, data mapping, and records of processing activities, ensuring they are scalable, auditable, and consistently executed
  • Establishes and monitors program KPIs and metrics to measure compliance, maturity, and operational effectiveness
  • drives remediation where gaps exist
  • Leads integration of privacy-by-design principles into business processes, systems, and product development, ensuring consistent adoption across functions
  • Accountable for the enterprise AI governance framework, including policy development, risk classification models, and required controls
  • Owns the legal review and risk determination framework for AI/ML use cases, including defining approval thresholds and escalation criteria
  • Ensures AI initiatives meet regulatory, ethical, and internal governance standards, providing final legal guidance on high-risk or ambiguous use cases
  • Translates global AI regulatory developments into enforceable internal requirements, ensuring timely adoption across the enterprise
What we offer
What we offer
  • Health insurance plans (medical, dental, vision)
  • Health Savings Account (with an employer-base deposit and match)
  • Flexible spending accounts
  • Competitive 401(k) with generous employer base deposit and match
  • Incentive opportunity
  • Life insurance
  • Short- and long-term disability insurance
  • Paid vacation and holidays
  • Employee Assistance Program
  • Employee discounts
  • Fulltime
Read More
Arrow Right

Counsel, Privacy, AI, and Data Protection

Why Valvoline Global Operations? At Valvoline Global Operations, we're proud to ...
Location
Location
United States , Lexington
Salary
Salary:
150000.00 - 175000.00 USD / Year
valvoline.com Logo
Valvoline
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Juris Doctor (JD) degree from an accredited law school and active license to practice law in at least one U.S. jurisdiction
  • Minimum of 8–12 years of legal experience, with significant focus on privacy, data protection, cybersecurity, and/or technology law
  • Demonstrated expertise in U.S. and global privacy laws and frameworks (e.g., GDPR, CCPA/CPRA) and strong familiarity with emerging AI regulatory requirements
  • Experience advising on AI/ML technologies, data-driven business models, or digital products, including governance and risk management considerations
  • Proven experience building or supporting global privacy programs and operationalizing compliance frameworks (e.g., DPIAs, DSARs, data mapping)
  • Strong experience partnering with Product, Engineering, IT, and Security teams to translate legal requirements into practical solutions
  • Demonstrated ability to operate independently, manage complex cross-functional initiatives, and provide strategic, risk-based legal advice
  • Excellent communication, negotiation, and stakeholder engagement skills, with the ability to influence senior leaders
  • Ability to travel (approximately 10–20%) to support global business initiatives and team engagement
  • Collaborate effectively across global time zones, providing support to regional stakeholders and participating in meetings outside standard business hours as needed to support a globally distributed organization
Job Responsibility
Job Responsibility
  • Accountable for the design, implementation, and ongoing effectiveness of Valvoline's global privacy program, including governance structure, policies, and operational processes
  • Owns enterprise interpretation and application of global privacy laws (e.g., GDPR, CCPA/CPRA), establishing company-wide standards and guidance
  • Accountable for core privacy program operations, including DPIAs/PIAs, DSAR processes, data mapping, and records of processing activities, ensuring they are scalable, auditable, and consistently executed
  • Establishes and monitors program KPIs and metrics to measure compliance, maturity, and operational effectiveness
  • drives remediation where gaps exist
  • Leads integration of privacy-by-design principles into business processes, systems, and product development, ensuring consistent adoption across functions
  • Accountable for the enterprise AI governance framework, including policy development, risk classification models, and required controls
  • Owns the legal review and risk determination framework for AI/ML use cases, including defining approval thresholds and escalation criteria
  • Ensures AI initiatives meet regulatory, ethical, and internal governance standards, providing final legal guidance on high-risk or ambiguous use cases
  • Translates global AI regulatory developments into enforceable internal requirements, ensuring timely adoption across the enterprise
What we offer
What we offer
  • Health insurance plans (medical, dental, vision)
  • Health Savings Account (with an employer-base deposit and match)
  • Flexible spending accounts
  • Competitive 401(k) with generous employer base deposit and match
  • Incentive opportunity
  • Life insurance
  • Short- and long-term disability insurance
  • Paid vacation and holidays
  • Employee Assistance Program
  • Employee discounts
  • Fulltime
Read More
Arrow Right

Associate General Counsel, Privacy

Shopify's Regulatory and Privacy Legal team is the front line for every regulato...
Location
Location
United Kingdom;Ireland;United States
Salary
Salary:
Not provided
shopify.com Logo
Shopify
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Qualifying law degree and license to practice in the US, Canada, Ireland or the UK
  • 8+ years of relevant legal experience
  • Substantial experience advising on privacy and data protection matters, including both GDPR and CCPA
  • Technical curiosity
  • Experience managing outside counsel
  • Privacy certification (CIPP/US, CIPP/E, CIPM) is a plus but not required
Job Responsibility
Job Responsibility
  • Provide privacy counsel on complex product launches, new features, and strategic partnerships
  • Partner on managing regulatory relationships and responses for privacy-specific inquiries
  • Drive cross-functional privacy initiatives
  • Advise on data protection aspects of commercial agreements
  • Partner with Privacy Engineering and Trust on incident response, data governance, and compliance infrastructure
  • Maintain subject matter expertise in evolving global privacy law
  • Fulltime
Read More
Arrow Right