CrawlJobs Logo

Lead Counsel - Data Protection

United States, Austin 170000.00 - 237000.00 USD / Year · Job Posted January 30, 2026
Apply Position
Job Link Share

Job Description

Meta is looking for a Lead Counsel (Data Protection) to advise on data protection issues primarily related to human resources and security-related matters. You will help drive high-profile, internal initiatives across the business involving complex legal and regulatory issues. This requires business acumen, a substantive knowledge of US privacy laws, and the capacity to both work independently and with large multi-stakeholder teams. We are looking for someone articulate and analytical, who is diligent, proactive, collaborative, and who has demonstrated exceptional legal and business judgment and strategic thinking. You should be enthusiastic about technology and its potential for positive impact in peoples’ lives.

Job Responsibility

  • Support Meta’s global privacy program, including by developing and improving privacy frameworks and processes to ensure we meet our obligations under global privacy laws
  • Support business teams in evaluating the impact of privacy laws, regulatory guidance, enforcement actions, and other obligations on new and existing HR and security processes and internal tools and features
  • Develop and maintain subject-matter expertise in relevant areas
  • Support members of the legal, policy, and business teams on privacy matters, including in areas related to data subject rights, recruitment, and use of AI in the workplace
  • Engage with privacy regulators in connection with new privacy features and initiatives

Requirements

  • Juris Doctor (JD) or equivalent law degree from an accredited institution
  • Active and in good standing bar license in at least one U.S. state or equivalent foreign bar license
  • 5+ years of legal experience as a practicing attorney, including at a law firm, in-house, or in government
  • Working knowledge of global privacy laws, regulations, privacy programs and industry guidelines
  • Effective communication, legal writing, and interpersonal skills
  • Demonstrated business judgment, client counseling, and strategic thinking skills
  • Experience working on multiple projects in a deadline-focused environment, delivering practical advice under pressure
  • Experience taking on projects involving different subject matters, and working with cross-functional organizations to drive alignment
  • Proven track record of delivering results with large-scale, cross-functional projects in a fast-paced environment
  • Experience making decisions in the face of ambiguity and evolving priorities

Nice to have

  • Employment law or HR experience
  • Experience of working on privacy and data protection issues arising in the context of areas such as HR data practices, security, incident response, or privacy program implementation/management
  • Experience supporting a global team at an Internet services and technology company

What we offer

  • bonus
  • equity
  • benefits

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Lead Counsel - Data Protection

8 matching positions

Director & Associate General Counsel – Data Protection Team Lead

We are looking for a senior-level legal leader within the EU Data Legal team. Th...
Location
Location
Ireland , Dublin
Salary
Salary:
Not provided
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Solicitor or barrister (qualified to practice law in at least one EU jurisdiction or the UK)
  • 10+ years of relevant post-qualification legal experience in data protection law, including EU/UK and, ideally, US regime
  • Experience of managing teams of legal professionals
  • Proven experience in designing, building, and executing complex, cross-jurisdictional legal programs in a fast-paced environment, ideally with tech industry experience
  • Experience in complex multi-jurisdictional incident response, including leading on responses to regulatory inquiries from EU and UK regulators
  • Demonstrated strategic leadership in areas such as continuous process improvement, AI adoption, and efficient resource management
  • Demonstrated ability to make and defend difficult and sensitive judgment calls on precedent-setting legal and compliance positions
  • Demonstrated ability to consult and coordinate with cross-functional partners to drive systemic, cross-functional change
Job Responsibility
Job Responsibility
  • Manage the privacy governance programs to support Meta group companies that offer services in the European region
  • Lead and direct improvements in processes and accountability documentation to address evolving legal requirements in a scalable and efficient way
  • Maintain a robust system and dedicated staffing for reporting relevant data security incidents across the EU and the UK
  • Lead on responses to regulatory enquiries from EU and UK regulators on data security incidents, requiring experienced senior judgment
  • Manage and direct legal advisory workstreams related to the personal data of Meta employees and contingent workers under EU, UK, and US law
  • Direct strategic programs for managing commercial contracts related to data use and data sharing, including driving efficiency initiatives like templatised contracts and the use of novel AI solutions
  • Manage a dedicated project management function to support the EU Data Legal team, driving initiatives to scale workflows and reduce lawyer time on non-legal tasks
  • Drive initiatives to share best practices in scale and efficiency to other EU legal teams
  • Ensure consistency and quality of legal advice provided by the team across all workstreams
  • Exercise excellent people skills, be a team player with a bias to action, and be motivated by the opportunity to solve complex, high-risk, multi-jurisdictional compliance matters
Read More
Arrow Right

Lead Counsel, Data Privacy

You will join as Senior Lead Counsel, Data & Privacy, with primary responsibilit...
Location
Location
United States , San Francisco; New York
Salary
Salary:
180000.00 - 270000.00 USD / Year
airwallex.com Logo
Airwallex
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • U.S. legal qualification (or foreign equivalent) and active license to practice in at least one US jurisdiction
  • 8 years of experience in an in‑house legal department and/or in private practice advising on technology, data and privacy issues related to technical platforms and products
  • Strong knowledge of US federal and state privacy and data‑security laws (such as CCPA/CPRA and GLBA/Reg P) and how they intersect with payments and broader financial‑services regulation, plus working knowledge of GDPR and Canadian/South American privacy requirements (such as LGPD)
  • Experience providing guidance on US related privacy adtech requirements and technologies, including varying consent frameworks under US state privacy laws, and operationalizing consent management requirements
  • Demonstrated experience partnering with technical teams (Product, Engineering, Information Security) to translate legal and regulatory requirements into practical technical designs, controls, and processes
  • Demonstrated experience advising on emerging US and global AI legal requirements and AI‑governance best practices, and experience advising on AI/ML tools, vendors, or products from a privacy and data‑protection perspective
  • Experience providing data and privacy legal support during security or privacy incidents, including incident assessment, notification analysis, and remediation planning
  • Excellent written and verbal communication skills, with the ability to explain complex legal concepts to non‑lawyers and senior executives, and to drive clear decisions in ambiguous, time‑sensitive situations
  • High degree of ownership, resilience, and pragmatism
  • comfortable working in a fast‑paced, high‑growth fintech environment and managing multiple complex matters in parallel
Job Responsibility
Job Responsibility
  • Serve as lead data and privacy counsel for the US and Americas region, providing risk‑based, business‑oriented advice on US, Canada, and South American, data protection, AI and cybersecurity issues (including cross‑border access and national‑security‑adjacent topics), grounded in global data protection regulation and frameworks
  • Spearhead AI governance development and implementation globally, providing guidance on relevant global and US AI frameworks and executing a fit-for-purpose AI governance approach at Airwallex, including developing and implementing AI policies, procedures, privacy-related AI mitigations, and accountability frameworks
  • Develop and help execute privacy and data protection compliance programs for the Americas, specifically focused on compliance with US federal and state consumer financial privacy frameworks (GLBA, FCRA, CalFIPA) compliance, Executive Order 14117, and comprehensive state privacy compliance
  • Partner closely with Product, Engineering, Information Security, Regulatory Legal, Regulatory Compliance, Commercial Legal and Risk to embed privacy‑ and security‑by‑design in product development, technical architecture, UX, and go‑to‑market, including by spearheading DPIAs/PIAs, AI risk assessments, and other privacy impact assessments
  • Draft, review, and negotiate complex data protection and data‑sharing terms (including DPAs, cross‑border transfer terms, and AI‑related clauses) with customers, vendors, financial partners, and other third parties, acting as an escalation point for high‑risk matters
  • Coordinate and oversee international data flows touching the Americas, ensuring appropriate transfer tools and governance (e.g. SCCs or equivalent), and supporting initiatives on data localisation, storage, and access controls
  • Co‑lead the privacy and data‑protection workstream for security and data incidents related to the Americas with Information Security and other stakeholders, including triage, investigation, regulatory and customer notifications, remediation, and lessons learned
  • Advise on high‑risk or novel processing activities (e.g. new AI use cases, advanced analytics, innovative platform and embedded‑finance data models), helping structure appropriate safeguards, governance, and documentation
  • Support interactions with US and Americas regulators and policymakers on privacy, cybersecurity, data‑access and related topics, in close coordination with Regulatory Legal and Regulatory Compliance
  • Help build and refine tools and processes for privacy workflows (e.g., intake, assessment, DPIA/PIA/DPIA for AI, ROPA, DSRs), including the use of specialist tooling, metrics, and dashboards to track and evidence compliance
What we offer
What we offer
  • Offers Equity
  • Offers Bonus
  • medical, dental, and vision insurance
  • a 401(k) plan
  • short-term and long-term disability
  • basic life insurance
  • well-being benefits
  • 20 paid days of vacation
  • 12 paid days of company holidays
  • Fulltime
Read More
Arrow Right

Lead Counsel, Data Privacy

You will join as Senior Lead Counsel, Data & Privacy, with primary responsibilit...
Location
Location
United States
Salary
Salary:
160000.00 - 250000.00 USD / Year
airwallex.com Logo
Airwallex
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • U.S. legal qualification (or foreign equivalent) and active license to practice in at least one US jurisdiction
  • 8 years of experience in an in‑house legal department and/or in private practice advising on technology, data and privacy issues related to technical platforms and products
  • Strong knowledge of US federal and state privacy and data‑security laws (such as CCPA/CPRA and GLBA/Reg P) and how they intersect with payments and broader financial‑services regulation, plus working knowledge of GDPR and Canadian/South American privacy requirements (such as LGPD)
  • Experience providing guidance on US related privacy adtech requirements and technologies, including varying consent frameworks under US state privacy laws, and operationalizing consent management requirements
  • Demonstrated experience partnering with technical teams (Product, Engineering, Information Security) to translate legal and regulatory requirements into practical technical designs, controls, and processes
  • Demonstrated experience advising on emerging US and global AI legal requirements and AI‑governance best practices, and experience advising on AI/ML tools, vendors, or products from a privacy and data‑protection perspective
  • Experience providing data and privacy legal support during security or privacy incidents, including incident assessment, notification analysis, and remediation planning
  • Excellent written and verbal communication skills, with the ability to explain complex legal concepts to non‑lawyers and senior executives, and to drive clear decisions in ambiguous, time‑sensitive situations
  • High degree of ownership, resilience, and pragmatism
  • comfortable working in a fast‑paced, high‑growth fintech environment and managing multiple complex matters in parallel
Job Responsibility
Job Responsibility
  • Serve as lead data and privacy counsel for the US and Americas region, providing risk‑based, business‑oriented advice on US, Canada, and South American, data protection, AI and cybersecurity issues (including cross‑border access and national‑security‑adjacent topics), grounded in global data protection regulation and frameworks
  • Spearhead AI governance development and implementation globally, providing guidance on relevant global and US AI frameworks and executing a fit-for-purpose AI governance approach at Airwallex, including developing and implementing AI policies, procedures, privacy-related AI mitigations, and accountability frameworks
  • Develop and help execute privacy and data protection compliance programs for the Americas, specifically focused on compliance with US federal and state consumer financial privacy frameworks (GLBA, FCRA, CalFIPA) compliance, Executive Order 14117, and comprehensive state privacy compliance
  • Partner closely with Product, Engineering, Information Security, Regulatory Legal, Regulatory Compliance, Commercial Legal and Risk to embed privacy‑ and security‑by‑design in product development, technical architecture, UX, and go‑to‑market, including by spearheading DPIAs/PIAs, AI risk assessments, and other privacy impact assessments
  • Draft, review, and negotiate complex data protection and data‑sharing terms (including DPAs, cross‑border transfer terms, and AI‑related clauses) with customers, vendors, financial partners, and other third parties, acting as an escalation point for high‑risk matters
  • Coordinate and oversee international data flows touching the Americas, ensuring appropriate transfer tools and governance (e.g. SCCs or equivalent), and supporting initiatives on data localisation, storage, and access controls
  • Co‑lead the privacy and data‑protection workstream for security and data incidents related to the Americas with Information Security and other stakeholders, including triage, investigation, regulatory and customer notifications, remediation, and lessons learned
  • Advise on high‑risk or novel processing activities (e.g. new AI use cases, advanced analytics, innovative platform and embedded‑finance data models), helping structure appropriate safeguards, governance, and documentation
  • Support interactions with US and Americas regulators and policymakers on privacy, cybersecurity, data‑access and related topics, in close coordination with Regulatory Legal and Regulatory Compliance
  • Help build and refine tools and processes for privacy workflows (e.g., intake, assessment, DPIA/PIA/DPIA for AI, ROPA, DSRs), including the use of specialist tooling, metrics, and dashboards to track and evidence compliance
What we offer
What we offer
  • Offers Equity
  • Offers Bonus
  • medical, dental, and vision insurance
  • a 401(k) plan
  • short-term and long-term disability
  • basic life insurance
  • well-being benefits
  • 20 paid days of vacation
  • 12 paid days of company holidays in a calendar year
  • Fulltime
Read More
Arrow Right

Legal Counsel & Data Protection Officer

As our Legal Counsel & Data Protection Officer (DPO), you will provide legal gui...
Location
Location
Salary
Salary:
Not provided
efficy.com Logo
efficy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Qualified lawyer with solid experience in commercial and corporate law
  • Strong expertise in GDPR and data protection regulations
  • Comfortable reviewing and negotiating complex commercial contracts
  • Organised, proactive, and solution-oriented with strong business acumen
  • Fluent in English (additional European languages are a plus)
  • Passionate about enabling business growth while ensuring compliance
  • Confident working cross-functionally and advising senior stakeholders
Job Responsibility
Job Responsibility
  • Draft, review, and negotiate customer agreements, NDAs, framework agreements, supplier contracts, and partner agreements
  • Conduct ongoing legal monitoring and assess the impact of new legislation
  • Ensure company-wide compliance with applicable legal requirements
  • Manage debt collection processes and handle customer disputes or litigation
  • Maintain corporate governance documentation, including board registrations and legal filings
  • Act as the primary legal advisor for all departments, providing practical and business-oriented guidance
  • Execute all statutory DPO duties in accordance with GDPR and applicable legislation
  • Act as the main point of contact for supervisory authorities and data subjects
  • Monitor compliance with data protection laws and internal policies
  • Lead privacy risk assessments across business activities
What we offer
What we offer
  • Strategic dual role with high visibility across the organization
  • Direct impact on legal governance and data protection strategy
  • Career growth opportunities and internal mobility
  • Modern offices in 11 European locations
  • Fun team events & continuous learning
  • Competitive salary with bonus system
  • Hybrid working policy
Read More
Arrow Right

Counsel, Privacy, Ai, And Data Protection

The Counsel for Privacy, AI, and Data Protection serves as the enterprise subjec...
Location
Location
United States , Lexington
Salary
Salary:
150000.00 - 175000.00 USD / Year
valvolineglobal.com Logo
Valvoline Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Juris Doctor (JD) degree from an accredited law school and active license to practice law in at least one U.S. jurisdiction
  • Minimum of 8-12 years of legal experience, with significant focus on privacy, data protection, cybersecurity, and/or technology law
  • Demonstrated expertise in U.S. and global privacy laws and frameworks (e.g., GDPR, CCPA/CPRA) and strong familiarity with emerging AI regulatory requirements
  • Experience advising on AI/ML technologies, data-driven business models, or digital products, including governance and risk management considerations
  • Proven experience building or supporting global privacy programs and operationalizing compliance frameworks (e.g., DPIAs, DSARs, data mapping)
  • Strong experience partnering with Product, Engineering, IT, and Security teams to translate legal requirements into practical solutions
  • Demonstrated ability to operate independently, manage complex cross-functional initiatives, and provide strategic, risk-based legal advice
  • Excellent communication, negotiation, and stakeholder engagement skills, with the ability to influence senior leaders
  • Ability to travel (approximately 10-20%) to support global business initiatives and team engagement
  • Collaborate effectively across global time zones, providing support to regional stakeholders and participating in meetings outside standard business hours as needed to support a globally distributed organization
Job Responsibility
Job Responsibility
  • Accountable for the design, implementation, and ongoing effectiveness of Valvoline's global privacy program, including governance structure, policies, and operational processes
  • Owns enterprise interpretation and application of global privacy laws (e.g., GDPR, CCPA/CPRA), establishing company-wide standards and guidance
  • Accountable for core privacy program operations, including DPIAs/PIAs, DSAR processes, data mapping, and records of processing activities, ensuring they are scalable, auditable, and consistently executed
  • Establishes and monitors program KPIs and metrics to measure compliance, maturity, and operational effectiveness
  • drives remediation where gaps exist
  • Leads integration of privacy-by-design principles into business processes, systems, and product development, ensuring consistent adoption across functions
  • Accountable for the enterprise AI governance framework, including policy development, risk classification models, and required controls
  • Owns the legal review and risk determination framework for AI/ML use cases, including defining approval thresholds and escalation criteria
  • Ensures AI initiatives meet regulatory, ethical, and internal governance standards, providing final legal guidance on high-risk or ambiguous use cases
  • Translates global AI regulatory developments into enforceable internal requirements, ensuring timely adoption across the enterprise
What we offer
What we offer
  • Health insurance plans (medical, dental, vision)
  • Health Savings Account (with an employer-base deposit and match)
  • Flexible spending accounts
  • Competitive 401(k) with generous employer base deposit and match
  • Incentive opportunity
  • Life insurance
  • Short- and long-term disability insurance
  • Paid vacation and holidays
  • Employee Assistance Program
  • Employee discounts
  • Fulltime
Read More
Arrow Right

Counsel, Privacy, AI, and Data Protection

Why Valvoline Global Operations? At Valvoline Global Operations, we're proud to ...
Location
Location
United States , Lexington
Salary
Salary:
150000.00 - 175000.00 USD / Year
valvoline.com Logo
Valvoline
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Juris Doctor (JD) degree from an accredited law school and active license to practice law in at least one U.S. jurisdiction
  • Minimum of 8–12 years of legal experience, with significant focus on privacy, data protection, cybersecurity, and/or technology law
  • Demonstrated expertise in U.S. and global privacy laws and frameworks (e.g., GDPR, CCPA/CPRA) and strong familiarity with emerging AI regulatory requirements
  • Experience advising on AI/ML technologies, data-driven business models, or digital products, including governance and risk management considerations
  • Proven experience building or supporting global privacy programs and operationalizing compliance frameworks (e.g., DPIAs, DSARs, data mapping)
  • Strong experience partnering with Product, Engineering, IT, and Security teams to translate legal requirements into practical solutions
  • Demonstrated ability to operate independently, manage complex cross-functional initiatives, and provide strategic, risk-based legal advice
  • Excellent communication, negotiation, and stakeholder engagement skills, with the ability to influence senior leaders
  • Ability to travel (approximately 10–20%) to support global business initiatives and team engagement
  • Collaborate effectively across global time zones, providing support to regional stakeholders and participating in meetings outside standard business hours as needed to support a globally distributed organization
Job Responsibility
Job Responsibility
  • Accountable for the design, implementation, and ongoing effectiveness of Valvoline's global privacy program, including governance structure, policies, and operational processes
  • Owns enterprise interpretation and application of global privacy laws (e.g., GDPR, CCPA/CPRA), establishing company-wide standards and guidance
  • Accountable for core privacy program operations, including DPIAs/PIAs, DSAR processes, data mapping, and records of processing activities, ensuring they are scalable, auditable, and consistently executed
  • Establishes and monitors program KPIs and metrics to measure compliance, maturity, and operational effectiveness
  • drives remediation where gaps exist
  • Leads integration of privacy-by-design principles into business processes, systems, and product development, ensuring consistent adoption across functions
  • Accountable for the enterprise AI governance framework, including policy development, risk classification models, and required controls
  • Owns the legal review and risk determination framework for AI/ML use cases, including defining approval thresholds and escalation criteria
  • Ensures AI initiatives meet regulatory, ethical, and internal governance standards, providing final legal guidance on high-risk or ambiguous use cases
  • Translates global AI regulatory developments into enforceable internal requirements, ensuring timely adoption across the enterprise
What we offer
What we offer
  • Health insurance plans (medical, dental, vision)
  • Health Savings Account (with an employer-base deposit and match)
  • Flexible spending accounts
  • Competitive 401(k) with generous employer base deposit and match
  • Incentive opportunity
  • Life insurance
  • Short- and long-term disability insurance
  • Paid vacation and holidays
  • Employee Assistance Program
  • Employee discounts
  • Fulltime
Read More
Arrow Right

UK Data Protection Officer

Through the effective day-to-day management of the UK Data Protection team, and ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
socialvalueportal.com Logo
Social Value Portal Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in Privacy and Data Protection
  • Previous DPO experience
  • Degree level educated
  • Excellent written and oral communications skills
  • The ability to prioritise work and deliver results in a pressurised environment, through tactical and strategic planning
  • The ability to manage significant client contact, providing expert advice which demonstrates judgement and an understanding of the business
  • A demonstrated ability to develop strong relationships with internal clients
  • The ability to provide support to more senior roles in developing key client relationships through the design of leading-edge technologies
  • Self-motivated, with an ability to work with high degree of autonomy and to be results-driven with a flexible approach to working
  • The ability to work collaboratively with a broad range of constituencies
Job Responsibility
Job Responsibility
  • Ensure that the UK entities' legal and regulatory obligations for data privacy and protection across their licensed footprint are mapped to a comprehensive set of activities, processes and controls to enable compliance
  • Ensure that the global Horizon Scanning framework is embedded in the UK DP team's BAU with appropriate contributions to formal UK Compliance reporting including to the Change Committee
  • Manage the UK DP team, tracking and monitoring the effectiveness of delivery against key activities, in line with internal SLAs, to ensure regulatory compliance
  • Keep workloads and resource needs under close observation and proactively identify problems or inhibitors and escalate where appropriate for resolution
  • Identify development opportunities for direct reports and support the team pastorally
  • Engage closely with internal stakeholders in Infosec, IT and co-sourcing relationships in Claims to support the effective and efficient delivery of DSARs, e-discovery requests, and subpoenaed information as required
  • Oversee any externally outsourced DP provision for the UK entities in jurisdictions where they operate, working with regional DPOs as required where resources are shared
  • Where appropriate and within your expertise, provide advice and guidance on technical DP matters including DP contract clauses where the contract is governed by English law
  • Retain external advisors when needed to ensure appropriate levels of specialism are enlisted when required
  • Ensure UK DP-owned actions arising from all applicable audit, assurance and testing activities are completed on time
  • Fulltime
Read More
Arrow Right

Senior Legal Counsel - Data Privacy & Compliance

We’re hiring a Senior Legal Counsel dedicated to Data Privacy & Compliance - som...
Location
Location
United Kingdom , Dunstable
Salary
Salary:
Not provided
whitbreadinns.co.uk Logo
Whitbread Inns
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep expertise in UK data protection law (EU desirable)
  • Experience handling large volumes of consumer and/or employee data (B2C essential)
  • Strong policy‑writing skills — capable of building frameworks from scratch and owning them
  • Experience in drafting and implementing procedures, controls and compliance programmes
  • Comfortable engaging with senior stakeholders and influencing across the business
  • Ability to operate with a high level of autonomy and enthusiasm
  • Private‑practice background welcome
  • in‑house experience is a bonus, not a requirement
Job Responsibility
Job Responsibility
  • Lead on UK data protection compliance, advising across Whitbread’s end‑to‑end consumer and employee data lifecycle
  • Develop, maintain and embed group‑wide policies, procedures and data governance frameworks
  • Manage and optimise our relationship with the UK’s outsourced DPO
  • Provide best‑practice guidance to operations in Ireland, Germany and China
  • Deliver DPIAs, ROPAs, DSAR handling, and data‑related litigation management
  • Advise on CRM, digital marketing, cookies, and marketing consent
  • Draft and negotiate data processing/sharing agreements
  • Guide IT teams to ensure privacy is embedded from the very beginning of any change or initiative
  • Own and evolve a broad compliance portfolio, including: Code of Conduct governance and communication
  • Competition law risk and training
What we offer
What we offer
  • bonus
  • 10% matched pension
  • health care
Read More
Arrow Right