Privacy Law Job Listings

Background Pink

Privacy Law Job Listings - TeachPrivacy Training 01

 

PRIVACY LAW JOB LISTINGS

This page gathers privacy job listings. Check links for further details, including salary, qualifications, location, and responsibilities. We advise you to apply even if you don’t quite meet requirements for years of experience, as employers often don’t adhere strictly to such requirements. Please write to us if you know of privacy law job listings we should include.

NOTE: As we often don’t know when positions are filled, not all positions listed on this page are still open.  Posted dates are approximations.

*  *  *

A + E Global Media – Director, Privacy Counsel

Responsibilities:

  • Handle operational and transactional privacy program aspects in relation to A+E Global Media’s consumer websites and applications.
  • Ensure overall compliance with privacy and data protection laws, as well as industry best practices, to build consumer trust by embedding privacy-first design into products and services.
  • Support and monitor the operational aspects of A+E Global Media’s privacy program across consumer web sites and mobile/CTV apps to ensure that processes and practices meet applicable legal requirements, including privacy policies, data subject rights (DSR) requests, consent management platform (CMP) and privacy signals, vendor due diligence, and data maps.
  • Work closely with members of the privacy legal team, as well as other members of the broader legal team, and business partners throughout the organization, to manage and evolve a first-party data strategy and to meet ad sales, marketing, and other business goals.
  • Draft and negotiate Data Processing Agreements (DPAs) and privacy and data protection terms in contracts, especially with regard to ad sales and marketing agreements.
  • Identify and communicate potential privacy risks across the organization and stay informed of, and communicate, pertinent changes to, or developments in, privacy laws, regulations, standards, and guidance.

Posted April 04, 2025

VeraSafe – Privacy Counsel

Responsibilities:

  • Assessing client information systems for compliance with data protection laws and regulations
  • Drafting data protection agreements, addenda, and amendments
  • Advising clients on privacy-related product improvements
  • Researching legal issues and composing legal opinions/memoranda
  • Writing privacy law related articles and blog posts
  • Assisting in the development of in-house legal templates
  • Contributing to the development of internal procedures and methodologies
  • Collaborating with a team of intellectual peers who value cooperation and community.

Posted April 03, 2025

Foundation Medicine – Director, Privacy Counsel

Responsibilities:

  • Serve as a privacy subject matter expert to FMI for all privacy-related matters, with only limited need for consultation with outside counsel.
  • Maintain current knowledge of applicable privacy laws in the US (state and federal) and ex-US (e.g., European Union and foreign national laws), including in the areas of health information privacy, consumer privacy, genetic testing, DNA analysis, and human subjects research.
  • Advise FMI on matters related to informed consent, HIPAA authorization, and research protocols.
  • Advise FMI on de-identification, pseudonymization, and anonymization standards and requirements.
  • Support investigation, analysis, remediation, and notification of privacy and security incidents.
  • Support legal colleagues in drafting, reviewing, and negotiating data use and data protection terms in commercial agreements, vendor agreements, data sharing agreements (e.g., BAAs, DPAs, DUAs), research agreements, clinical trial agreements, and other collaboration agreements.
  • Work in strong partnership and collaboration with other members of the privacy team, and the broader legal and compliance department, to continually advance and maintain an effective and dynamic privacy program, including assisting with the development of policies and procedures, privacy training, and awareness activities.
  • Participate in certain internal FMI committees as a standing team member.
  • Prepare materials and make presentations, as necessary or requested.
  • Independently triage workflow, set clear priorities and expectations with stakeholders, and efficiently deliver results.

Posted April 03, 2025

NCR Voyix – Senior Privacy Counsel

Responsibilities:

  • Providing practical and business-focused legal advice on privacy and data protection requirements globally (including US Federal and State laws, GDPR, CCPA, and LGPD).
  • Exercising risk-based judgment on privacy concerns related to product and services offerings, including conducting privacy impact assessments and providing guidance on privacy by design.
  • Drafting and negotiating agreements containing privacy and security clauses with customers, suppliers, and partners.
  • Developing and delivering training on subjects related to data privacy and data protection.
  • Leading privacy due diligence in evaluating potential acquisitions and support the integration of acquired businesses into privacy program.
  • Collaborating with others to prepare, update and enforce policies and procedures related to data privacy and data protection.
  • Supporting the NCR Voyix incident response process for events involving regulated personal data.
  • Providing proactive guidance and support on various new compliance requirements.

Posted April 01, 2025

SHEIN Technology Inc. – Senior Privacy Counsel

Responsibilities:

  • Advise marketing, operations, information technology, and human resources teams on compliance with data protection laws, regulations, and practices in the Americas, focusing particularly on US privacy laws (ex: CCPA, COPPA, etc.), PIPEDA, and LGPD.
  • Conduct internal privacy assessments and compliance examinations, including privacy impact assessments, transfer impact assessments, and third-party risk management reviews.
  • Design, implement and maintain external privacy notices and related disclosures, as well as enterprise-wide data protection policies, procedures, and standards.
  • Advise on discussions with supervisory, regulatory, and data protection authorities.
  • Maintain and update form data protection agreements, related questionnaires, and assessments.
  • Assist marketing, information technology, security, human resources, and procurement teams in drafting, reviewing, and negotiating data protection related agreements.
  • Provide legal and strategic advice and guidance in support of cross-border data flows and related projects across SHEIN.
  • Foster a culture of privacy compliance and privacy by design.
  • Monitor legal and regulatory developments in data protection to anticipate emerging trends, spot issues, and help SHEIN make informed strategic decisions.

Posted April 01, 2025

SpaceX – Counsel, Data Protection & Privacy

Responsibilities:

  • Advise on and manage compliance with data protection laws in markets where we operate around the world
  • Drive initiatives to meet data protection best practices and regulatory requirements, in partnership with other attorneys, and the customer success, IT, and security teams
  • Maintain subject matter expertise in multiple areas of privacy, evaluating the impact of relevant global requirements and regulatory guidance
  • Respond to inquiries from data protection regulators
  • Negotiate data privacy and security provisions with suppliers, partners, and enterprise customers
  • Assist with incident response and related regulatory engagement
  • Communicate, educate, and train employees on data protection and privacy issues

Posted March 31, 2025

Postman – Privacy Counsel

Responsibilities:

  • Provide expert guidance on privacy compliance for marketing campaigns and operations, including email campaigns, digital advertising, and data analytics.
  • Counsel marketing and sales teams on the collection, use, and sharing of customer data, ensuring compliance with GDPR, CCPA, and other global privacy laws.
  • Work with engineering and operations teams to develop and implement privacy processes and controls for marketing, sales, and product initiatives.

Posted March 30, 2025

Raytheon – Associate Director, Data Privacy & Cyber Counsel

Responsibilities:

  • Provide day-to-day legal support to the Raytheon organization on all aspect of Data Privacy and Cybersecurity law
  • Assist with the development, implementation, and maintenance of data privacy and cybersecurity policies, standard work, playbooks, guidance, templates, and develop and deliver general awareness and targeted training
  • Partner with various stakeholders across the company to provide real-time, compliant Data Privacy and Cybersecurity advice to support business needs
  • Collaborate closely with enterprise-wide colleagues including the RTX Chief Privacy Counsel and Chief Cybersecurity Counsel
  • Assist the Risk Monitor and Analytics team with metrics building, risk monitoring and control review
  • Conduct privacy impact assessments and regular compliance-related risk assessments and develop and implement action plans
  • Review and negotiate Data Privacy and Cybersecurity contracts terms for supplier and customer contracts
  • Provide legal advice and counsel on the data privacy and cybersecurity aspects of mergers, acquisitions, and divestitures (MA&D), including on MA&D agreements, representations and warranties, and diligence
  • Manage the Raytheon Data Protection Officer (DPO) network and data privacy compliance manager

Posted March 29, 2025

Wabtec Corporation – Senior Director, Privacy Counsel

Responsibilities:

  • Develop and implement a global data privacy strategy that aligns with the company’s objectives, relevant laws and regulations, and industry best practices, including by drafting data privacy policies and procedures and internal and external facing privacy notices.
  • Collaborate with cross-functional teams, including HR, IT, and legal, to assess privacy and security risks and regulatory requirements and ensure a unified approach to data privacy.
  • Draft, review, and negotiate privacy and cybersecurity terms in contracts, data processing agreements, and other privacy-related agreements.
  • Conduct data protection impact assessments (DPIA) and regularly review and update risk assessments to identify and mitigate data protection risks.
  • Monitor relevant privacy and data protection laws and enforcement activities to ensure ongoing compliance, track emerging risks, and assess applicability of new laws to Wabtec.
  • Serve as a point of contact for data privacy inquiries and data subject requests from employees and external parties, including global data protection authorities.
  • Conduct third-party vendor reviews to assess vendor compliance with data privacy regulations.
  • Educate and train employees on data privacy and cybersecurity, in order to foster a culture of security and privacy within Wabtec.
  • Advise business units in assessing and responding to data privacy risks.
  • Work with IT to develop and implement an information security program, including assessing cybersecurity measures and response protocols.
  • Support the Legal response to cybersecurity incidents, including investigation, mitigation, notification, and remediation.

Posted March 29, 2025

Vimeo – Senior Privacy Counsel

Responsibilities:

  • Develop, implement, and oversee Vimeo’s privacy program, ensuring compliance with global data protection laws including GDPR, CCPA, and other relevant regulations.
  • Provide expert legal guidance on privacy and data protection matters related to product development, marketing, and third-party partnerships.
  • Draft, update, and enforce internal and external privacy policies, data protection agreements, and other legal documentation to reflect evolving legal requirements and industry best practices. Collaborate with product, engineering, and security teams to ensure privacy-by-design principles are embedded into product development and business operations. Develop and lead privacy training programs to promote a strong culture of data protection.
  • Partner with security and compliance teams to manage data breaches and security incidents, ensuring regulatory compliance and risk mitigation.
  • Stay up-to-date with global privacy laws and regulations and offer proactive guidance to internal stakeholders on potential implications. Engage with regulators when necessary and advocate for Vimeo’s interests in privacy matters.
  • Supervise and provide guidance to the Privacy Program Manager, ensuring successful execution of privacy initiatives.

Posted March 28, 2025

BBB National Programs – Senior Counsel, Youth Privacy & Technology

Responsibilities:

  • Onboard and advise participants in CARU’s COPPA Safe Harbor program including, but not limited to, reviewing privacy policies, and analyzing and ensuring ongoing compliance with COPPA and other applicable laws and best practices
  • Provide guidance and support on child-related technology and security legal issues to stakeholders
  • Review and assess COPPA Safe Harbor participant certification responses against program requirements
  • Collaborate with team members to monitor and research non-compliant companies and/or online services, initiate compliance remediation, and prepare public dispositional documents and/or reports for CARU’s self-regulatory investigatory purposes
  • Maintain ongoing communication with COPPA safe harbor participants through written compliance alerts, tips and webinars

Posted March 28, 2025

VIZIO – Senior Privacy Counsel

Responsibilities:

  • Provide counseling to stakeholders on legal requirements and best practices for privacy issues relating to retail sales and e-commerce, including but not limited to mobile app privacy, customer loyalty programs, online marketing, TCPA, CAN-SPAM, cookie compliance, geolocation, health-related advertising, financial data privacy, and children’s privacy,
  • Develop, manage, and improve internal compliance policies and practices relating to data governance.
  • Monitor and update external privacy policies and disclosures to align with business practices and regulatory requirements.
  • Assist in conducting and managing internal assessments of the Company’s privacy controls.
  • Coordinate with business stakeholders, outside consultants, and counterparty representatives to manage external assessments of Company’s business partners.
  • Provide counseling on safeguards relating to sensitive personal information categories.
  • Collaborate with other attorneys to review data privacy terms in Company agreements, which may include content licensing agreements, advertising services agreements, data licensing agreements, or other professional services contracts.
  • Evaluate issues from legal and business perspectives with a practical, business-oriented approach to problem solving, as well as handle complex business and legal issues in a fast-paced, agile, and evolving technology-driven business environment.
  • Maintain and continuously improve working knowledge of applicable state, federal, and global privacy laws, regulations, and industry standards.

Posted March 26, 2025

Walker & Dunlop – Vice President & Associate General Counsel, Technology and Data Privacy

Responsibilities:

  • Serve as the subject matter expert for domestic and international privacy, data licensing and AI implementation matters.
  • Build out operational and compliance related requirements regarding internal and external data usage, including managing external privacy providers and software vendors and leading process enhancements.
  • Collaborate and coordinate closely with our in-house technology and cybersecurity team, including the Chief Information Security Officer, to address privacy and data governance risks.
  • Lead negotiations for complex technology related contracts and agreements, including SaaS, data and software licensing and confidentiality agreements.
  • Balance business and contract goals against legal, business, policy and reputational risks.
  • Present and defend positions and views to business team members as well as counterparties.

Posted March 26, 2025

Medidata Solutions – Senior Counsel, Privacy & AI

Responsibilities:

  • Commercial Support: Partner with Medidata’s commercial team on matters relating to data privacy during contract negotiations with Medidata’s customers and partners.
  • Product Counseling: Advise Medidata’s R&D and Product teams on privacy-by-design best practices, including providing actionable advice on data privacy, data use, and data security requirements.
  • Privacy & AI Governance Program Support: Provide counsel and support to Medidata’s Privacy & AI Governance Program, including policy reviews, policy updates, assessment management, and audit support.
  • Cross-Functional Support: Coordinate with cross-functional partners such as our information security and global compliance teams on privacy related issue management.
  • Awareness: Maintain awareness of global privacy laws and regulations, and proactively advise Medidata’s business teams on the impact of developments in the law.
  • Regulatory Affairs: Engage and support Medidata’s leadership in privacy-focused industry groups.

Posted March 22, 2025

World – Senior Counsel, Privacy

Responsibilities:

  • Drive development and execution of the company’s strategies to address new and evolving global privacy requirements.
  • Lead on drafting new and updated privacy policies across the full range of TFH’s products.
  • Respond to and manage privacy related regulatory investigations.
  • Oversee the privacy policy safeguard life cycle end-to-end.
  • Maintain subject matter expertise in new and evolving areas of global privacy law and regulatory pressures.
  • Develop resources and tools that enable counsel across the company to provide durable and consistent advice on privacy issues.
  • Drive high-profile and high-impact projects involving privacy analysis with cross-functional stakeholders across the project’s business, policy, legal, communications, security, and other departments.

Posted March 21, 2025

Datadog – Privacy Counsel

Responsibilities:

  • Provide legal advice on privacy, data protection, and AI governance to teams across Datadog, including legal, product, engineering, information security, employment, and marketing
  • Develop and mature Datadog’s privacy program by updating policies and notices, advising on data subject requests, conducting privacy and AI risk assessments, and embedding privacy-by-design principles into our product development and business processes
  • Draft and negotiate privacy, data, and AI-related contracts with customers and vendors, acting as an escalation point for our commercial legal team
  • Play a crucial role in responding to privacy and security incidents, including our regulatory response and customer communications, by partnering with our security incident response, customer trust, engineering, and trust and safety teams
  • Monitor and assess global privacy, data protection, cybersecurity, and AI laws, conducting gap analyses and implementing requirements to ensure Datadog’s compliance

Posted March 19, 2025

Cardinal Health – Privacy Counsel

Responsibilities:

  • Serve as a functional expert working closely with and advising business leaders, commercial counsel, and other colleagues on privacy issues, including data protection, data retention, data usage, data security and data breaches
  • Review and negotiation of data privacy agreements, data processing agreements, business associate agreements and other similar privacy-related provisions
  • Advise on incident response and data breach reporting processes in coordination with the VP of Privacy
  • Collaborate with IT Security teams to ensure alignment between IT security and privacy compliance programs
  • Provide guidance, direction, and practical translation of privacy requirements to cross-functional teams on complex projects
  • Assist with the management of legislative and regulatory inquiries, investigations or administrative actions related to privacy and data security
  • Review policies and procedures to ensure compliance with applicable data privacy laws and regulations
  • Advise on the design and provision of the privacy training program
  • Remain up to date on legislative developments in Privacy at the state, federal and international level that may affect Cardinal Health
  • Support acquisitions, divestitures, and joint ventures as they relate to privacy matters

Posted March 19, 2025

ServiceNow  – Corporate Counsel, Privacy

Responsibilities:

  • Provide advice and guidance to various departments, including governance, risk and compliance, sales, product teams, procurement, and human resources, as part of the Global Privacy team.
  • Assist the commercial legal and procurement legal team by reviewing and negotiating privacy-related agreements, (e.g. DPAs, SCCs, International Data Transfer Agreements), in support of global sales and procurement transactions.
  • Advise on existing and emerging privacy laws in the US and across AMS generally.
  • Assist in privacy guidance to the business in relation to AI/ML and other emerging technologies.
  • Assist in the development of the company’s privacy practices in light of changes in the law in all Global territories, working in coordination with the Global Privacy team.
  • Assist in the creation and maintenance of privacy related notices, policies, standards, guidelines and processes, including carrying out privacy reviews and privacy impact assessments.
  • Assist in carrying out data transfer impact assessments and providing guidance in relation to international data transfer and data localization developments.
  • Assist in pursuing and maintaining privacy related Certifications and Standards.
  • Support privacy training for various groups within the company.
  • Advise on product related legal issues.

Posted March 18, 2025

Erie Insurance Group  – Counsel II – Data Privacy and Technology

Responsibilities:

  • Assists with the organization and direction of the company’s legal activities.
  • Assists in directing the defense of the company against suits or claims, and assists in initiating legal actions to support the company’s claims against others.
  • Provides legal counsel and guidance to officers and other personnel on corporate and operational matters involving legal problems.
  • Prepares or reviews proposed contracts, leases and other formal agreements and legal instruments in order to safeguard the company’s interests. Reviews drafts of ERIE’s insurance policies, forms and endorsements.
  • Drafts and revises insurance contracts and related documents to ensure conformity with applicable statutes, regulations, administrative orders, circulars, bulletins and other applicable legal authority.
  • Researches and interprets statutes, regulations, case law, insurance department bulletins and other applicable legal authority. Provides legal advice and guidance to various departments of the company.
  • Provides legal research, advice and guidance on insurance claims.
  • Reviews proposed and existing legislation affecting the Erie Insurance Group and advises and consults with General Counsel, Deputy General Counsel and Senior Counsel on the position of the company with regard to such matters.
  • Counsels and advises corporate personnel on legal issues including, but not limited to, those related to real and personal property, taxes, advertising, trademarks, copyright and promotion programs, contracts, personnel matters, public relations, underwriting and claims interpretation.
  • Participates in trade associations and regulatory and legislative hearings and meetings as directed or requested.

Posted March 18, 2025

Axiom – Data Privacy & Cybersecurity Lawyer

Responsibilities:

  • Provide legal advice and counsel on privacy compliance requirements and opportunities for improvement of privacy policies
  • Work with and advise business and compliance clients directly, as well as providing guidance and practical solutions
  • Maintain strong, collaborative relationships with internal business partners and stakeholders.
  • Experience providing legal advice regarding privacy, privacy impact assessments, data-sharing, and related issues

Posted March 15, 2025

AbbVie – Senior Counsel, Legal Privacy & Data Security

Responsibilities:

  • Strategic and day-to-day legal support for business functions (both aesthetics and therapeutics).
  • Monitor and advise on compliance and implementation positions for emerging data privacy laws.
  • Support global privacy contracts and M&A legal teams regarding data privacy legal questions, contract reviews, and negotiations.
  • Draft, review, negotiate, and manage data privacy and protection terms for a variety of transactional agreements, including master services agreements, professional services and consulting agreements, statements of work, BAAs, business technology agreements, and supply agreements.
  • Support the AbbVie privacy compliance office regarding the operation of AbbVie’s global privacy program.
  • Monitor and advise on the implications of privacy laws on artificial intelligence and emerging technologies.
  • Legal support for information security risk management team, including data breach analysis and response, third party risk management, and insider risk.
  • Draft and review privacy notice, consent, and contract templates, both globally and regionally.
  • Manage and supervise external privacy counsel work.

Posted March 13, 2025

Thomson Reuters – Assistant General Counsel, Privacy & Cybersecurity

Responsibilities:

  • Lead a team of attorneys and privacy professionals;
  • Monitor and track current and emerging data protection regulations and translate legal terms into business requirements, guidance, and advice;
  • Assist in the design, maintenance, and implementation of the Thomson Reuters Privacy Program, including drafting privacy policies and establishing related processes;
  • Collaborate with product and business teams to identify legal and privacy risks in product and system development and provide risk-mitigation counseling, including advising on privacy-by-design, reviewing PIAs, and conducting risk assessments;
  • Provide legal counsel to cybersecurity teams, including during investigations to ensure they are conducted and documented appropriately to minimize risks, protect individual privacy, and fulfill legal obligations arising from incidents;
  • Assist contracting teams in drafting, maintaining, and negotiating data protection agreements;
  • Otherwise provide legal counsel to the company and assist the Thomson Reuters Privacy Office in discharging its duties.

Posted March 12, 2025

Potomac Law – Privacy and Data Security Lawyer

Responsibilities:

  • Advising on compliance across all aspects of global privacy law and regulation, including data protection, data retention, data security and data breach rules.
  • Updating privacy policies, negotiating and drafting master services agreements in accordance with global privacy requirements and providing support to the development of guidelines, training and tools to support privacy accountability and compliance.
  • Working with and advising business and compliance clients directly, as well as providing guidance and practical solutions.

Posted March 11, 2025

Liberty Mutual Insurance – Privacy Counsel

Responsibilities:

  • Conducting legal research and analysis on existing and developing privacy laws and monitor and review new laws and regulations, including emerging requirements relating to Artificial Intelligence; identify and summarize relevant issues.
  • Supporting cross-company global projects involving personal information.
  • Provide advice and counsel to stakeholders and business partners on privacy matters, including advice on implementation of new requirements.
  • Understand data privacy regulatory landscape and support business operations to ensure compliance with best practices and data protection laws, including minimizing any potential risk.
  • Conducting privacy impact assessments and monitoring risk mitigation measures.
  • Drafting and reviewing legal documents including third party vendor agreements to include privacy controls, data transfer agreements, and privacy notices and policies.
  • Supporting third party risk management processes related to privacy.
  • Drafting privacy notices and privacy policies.
  • Assist with responses to subject access requests.
  • Assisting with data classification and electronic record management efforts related to applications involving personal data.
  • Identifying privacy training needs of Company personnel; develops and delivers training through various mechanisms including written materials, classroom, and presentations.

Posted March 10, 2025

Cimpress Technology – Privacy Counsel, Technology

Responsibilities:

  • Providing pragmatic and actionable legal advice on U.S. privacy laws, including CCPA/CPRA, and their intersection with product development, digital advertising, and data processing activities.
  • Providing advice on privacy compliance for cookies, analytics, and tracking technologies, ensuring alignment with U.S. regulatory requirements.
  • Leading cross-functional privacy compliance projects, including building privacy operations processes such as DSAR, implementing privacy frameworks within Cimpress business units, and data mapping initiatives.
  • Supporting the design, implementation, and enhancement of privacy programs, including the operationalization of privacy principles and processes.
  • Working closely with global privacy team members to support the implementation and management of international privacy programs within the business units.
  • Conducting training and raising awareness on privacy compliance topics for teams across Cimpress and the business units.
  • Collaborating with product, developers, engineers, HR, and other teams to embed practical privacy solutions into operations and software development lifecycles.
  • Staying up to date on evolving U.S. privacy laws and enforcement trends, communicating potential impacts to stakeholders.
  • Participating and leading Incident response investigations and notifications to authorities

Posted March 07, 2025

Great Minds – Senior Counsel – Privacy

Responsibilities:

  • Provide legal guidance on compliance with education-focused privacy laws, including FERPA, COPPA, SOPIPA, state student privacy laws, and applicable regulations.
  • Partner with product and business teams to ensure privacy principles are embedded into curriculum development and digital platforms.
  • Draft, review, and negotiate privacy and data security terms in contracts with schools, districts, vendors, and technology partners.
  • Develop and implement policies and best practices for handling student and educator data in compliance with legal and ethical standards.
  • Monitor and interpret emerging privacy laws and regulatory trends, advising leadership on their impact on K-12 education.
  • Conduct internal privacy risk assessments and develop frameworks for data governance, security, and incident response.
  • Provide training and guidance to internal teams on privacy compliance, data protection, and best practices for handling student and educator data.

Posted March 06, 2025

Baker Hughes  – Privacy Counsel

Responsibilities:

  • Managing and supporting incident response from a privacy perspective (including Data Loss Prevention – DLPs).
  • Managing data privacy aspects of Data Subject Access Requests (DSARs) and support data owners with responding to DSARs.
  • Supporting Data Transfer Impact Assessments for cross-border personal data transfers.
  • Conducting Privacy Impact Assessments as required.
  • Supporting Segments, Regions and relevant Functions with the effective implementation of the Data Privacy Program.
  • Managing and/or support enterprise-wide projects that have a data privacy aspect/impact.
  • Developing and delivering privacy compliance training.
  • Supporting data privacy audits (both internal and external audits).
  • Monitoring data privacy regulatory developments (horizon scanning) and contribute to the update of the team’s regulatory developments tracker.
  • Supporting the review and update of privacy policies and procedures.

Posted March 04, 2025

KAYAK  – Senior Privacy and Security Counsel

Responsibilities:

  • Lead and enforce a global privacy program, aligning with senior partners and global cross-functional teams.
  • Partner with Commercial, Partnerships, Engineering, Product, and Security teams to provide guidance on privacy laws and global regulations (e.g., GDPR, CPRA, FTC).
  • Counsel on product, privacy, and regulatory matters, serving as an expert on global privacy, data, product design, and information security.
  • Identify and mitigate risks in product, regulatory, privacy, and AI spaces while building scalable innovation processes.
  • Draft and negotiate detailed privacy agreements, including those with AI components or integration partnerships.
  • Write public-facing product and privacy disclosures, disclaimers, and terms of use.
  • Maintain expertise in global privacy and consumer protection laws relevant to our brands

Posted March 04, 2025

Univision  – Senior Director, Privacy Counsel

Responsibilities:

  • Manage a best-in-class privacy framework for a growing digital/streaming business, directly advising senior business leaders and engineering teams
  • Expand and refine effective, practical controls for data collection, management, use, and storage/retention in alignment with global laws
  • Conduct Privacy Impact Assessments to analyze risks in new or updated products, platforms, and infrastructure, simultaneously building a digital library of product and legal documentation
  • Draft and negotiate appropriate privacy terms in various agreements with appropriate data use rights, including Data Protection Agreements and complex ad tech agreements
  • Provide guidance on information incident management, participate on our Information Incident Response Team, and coordinate tabletop exercises
  • Monitor developments in privacy laws, regulations, and privacy-enhancing technologies and brief senior leadership on potential business impacts or opportunities

Posted March 03, 2025

Neurocrine Biosciences  – Senior Privacy Counsel

Responsibilities:

  • Design, implement, and maintain a comprehensive privacy program aligned with U.S. and international regulations, including but not limited to GDPR, UK GDPR, HIPAA, Switzerland’s FADP, TCPA, CAN-SPAM, and various U.S. state privacy laws
  • Develop and enforce company-wide privacy policies, standards, and procedures
  • Develop and deliver privacy training programs to educate employees on data protection obligations and best practices
  • Monitor developments in privacy laws and regulations globally, providing actionable guidance to the business on maintaining compliance
  • Ensure appropriate processes are in place for compliance with data protection regulations, including data subject rights, data processing activities, and cross-border data transfers
  • Conduct privacy impact assessments (PIAs) and data protection impact assessments (DPIAs)
  • Identify and remediate privacy risks, working collaboratively with relevant stakeholders
  • Serve as a key advisor to cross-functional teams, including IT, HR, marketing, and R&D, on privacy-related matters
  • Collaborate with legal counsel and external stakeholders on privacy issues and incidents
  • Lead and/or collaborate with colleagues on the investigation and resolution of any privacy incidents, including regulatory notifications and root-cause analyses
  • Provide regular updates to the leader and senior management on privacy compliance status, risks, and initiatives
  • Other duties as assigned

Posted March 01, 2025

Asana  – Lead Privacy Counsel

Responsibilities:

  • Provide clear and practical advice to various teams throughout Asana on privacy and data protection laws, privacy-by-design, and data governance.
  • Develop and implement strategies around compliance with new and developing privacy and cybersecurity laws.
  • Help the business achieve their goals by advising on global compliance needs for customers in regulated industries like financial services, healthcare, and government.
  • Support Asana’s efforts towards achieving FedRAMP.
  • Keep up to date with new and existing data protection regulations and regimes, including but not limited to GDPR, LGPD, state privacy laws, privacy related AI regulations, and data transfer mechanisms.
  • Conduct DPIAs, privacy assessments, legitimate interest assessments, and other assessments for internal data processing activities and third-party vendors.
  • Be an ambassador for Asana’s privacy, data governance, and regulatory compliance program by delivering training and building out documentation and other programming.
  • Support global incident response and mature documentation and procedures.
  • Contribute to Asana’s global growth by supporting global privacy, data protection, and data governance initiatives.

Posted March 01, 2025

Clarivate  – Privacy Legal Counsel

Responsibilities:

  • Serve as privacy lead for the Academic and Government business segment of Clarivate
  • Serve as primary contact for privacy and data protection related inquiries from internal stakeholders and customers
  • Provide actionable advice and legal counsel on privacy and data protection requirements and privacy-by-design best practices to product teams
  • Draft and negotiate privacy related provisions in commercial agreements, including data processing agreements
  • Operate across a range of privacy laws and frameworks, including GDPR, COPPA, CCPA/CPRA and other U.S. state privacy laws, PIPEDA
  • Work collaboratively and cross-functionally with colleagues and stakeholders to drive privacy-forward solutions for long term strategic efficiency
  • Assist the business in improving processes and systems to meet or exceed privacy and data protection compliance requirements, with an eye toward scalable and sustainable practice
  • Provide employee training and raise awareness on privacy and data protection obligations
  • Stay abreast of global privacy and data protection laws, regulations, and enforcement actions

Posted March 01, 2025

Alliant – The Audience Company  – Counsel, Privacy, Security & Data Governance

Responsibilities:

  • Monitor for current and emerging regulatory developments (CCPA/CPRA; other State privacy and data broker laws; FCRA, FTC marketing guidance and more) and translate legal terms into data governance and privacy business requirements, providing regular updates to leadership and stakeholders.
  • Establish and manage data governance rules to work cross team to operationalize to enable principles such as privacy by design; data minimization; data suppressions, consent, DPIAs etc. as required.
  • Oversee data lifecycle management and ensure compliance, including data ingestion, classification, retention, and disposal processes.
  • Define and implement processes, workflows, and training material to equip support teams with the tools needed to maintain compliance.
  • Assist the team to record data protection impact assessments where required, and to identify and implement privacy controls and safeguards to mitigate risks.
  • Draft privacy notices and review consumer-facing material, including marketing and communications campaigns, for compliance with applicable privacy and data governance and protection requirements.
  • Maintain and update records of processing activities and data maps for all personal data processing activities, ensuring adherence to data protection laws, regulations, and standards.
  • Provide counsel and oversight to ensure preparedness for managing potential data security incidents and other events in compliance with regulatory and disclosure requirements including leading incident investigations, conducting data breach analysis and response efforts, investigations and managing third-party and insider risk assessments.

Posted March 01, 2025

Medidata Solutions  – Senior Counsel, Privacy & AI

Responsibilities:

  • Commercial Support: Partner with Medidata’s commercial team on matters relating to data privacy during contract negotiations with Medidata’s customers and partners.
  • Product Counseling: Advise Medidata’s R&D and Product teams on privacy-by-design best practices, including providing actionable advice on data privacy, data use, and data security requirements.
  • Privacy & AI Governance Program Support: Provide counsel and support to Medidata’s Privacy & AI Governance Program, including policy reviews, policy updates, assessment management, and audit support.
  • Cross-Functional Support: Coordinate with cross-functional partners such as our information security and global compliance teams on privacy related issue management.
  • Awareness: Maintain awareness of global privacy laws and regulations, and proactively advise Medidata’s business teams on the impact of developments in the law.
  • Regulatory Affairs: Engage and support Medidata’s leadership in privacy-focused industry groups.

Posted February 28, 2025

Lowes  – Senior Corporate Counsel – Privacy, Compliance, and AI Governance

Responsibilities:

  • Privacy Program Development: Lead the design and implementation of a robust privacy program that aligns with business objectives and regulatory requirements, ensuring effective risk management and operational excellence.
  • Compliance Oversight: Monitor and ensure compliance with applicable privacy laws and regulations, including GDPR, CCPA, and other relevant frameworks. Develop policies and procedures to maintain compliance.
  • AI Governance: Provide legal guidance on the ethical and compliant use of AI technologies, advising on risk assessments, data usage, and regulatory considerations.
  • Product Counsel Participation: Collaborate with cross-functional teams, including product development, engineering, and data science, to integrate privacy-by-design principles into the product lifecycle.
  • Privacy Operations Management: Oversee day-to-day privacy operations, including data subject requests, privacy impact assessments, and incident response planning.
  • Training and Awareness: Develop and deliver training programs on privacy compliance and best practices to foster a culture of privacy within the organization.
  • Stakeholder Engagement: Serve as a key point of contact for privacy-related inquiries, working closely with internal stakeholders, senior management, and external partners.
  • Regulatory Liaison: Engage with regulatory bodies and industry groups to stay abreast of changes in privacy laws and emerging trends, representing the company’s interests.

Posted Feb. 26, 2025

Generac  – Corporate Counsel – Regulatory & Data Privacy

Responsibilities:

  • Provide actionable, risk-based advice on global product and data privacy regulation
  • Develop and implement policies and processes to champion best practices and product and data privacy regulatory compliance
  • Direct and oversee outside counsel in matters of product regulation and data privacy
  • Partner with other members of the Legal Department, and business and functional team, to provide strategic, business-oriented legal guidance to aid the successful execution of initiatives
  • Perform other responsibilities as assigned

Posted Feb. 25, 2025

VF Corporation  – Senior Counsel, Privacy & Cyber Security

Responsibilities:

Your primary responsibility as Senior Counsel, Cyber Security & Privacy, is to provide in-house privacy and cybersecurity expertise; including, support of the Cyber Security Program throughout VF and its brands, with a focus on the Americas region as well as global coordination with other VF regions. This also includes strategic direction of the Americas Privacy Operations and Compliance Program to ensure an enterprise-wide approach to consumer and employee privacy that reflects compliance with law, strong data ethics and a commitment to transparency and integrity.

Posted Feb. 20, 2025

Kerwin Associates  – Associate General Counsel, Product, Privacy and AI

Responsibilities:

  • Be an integral member of company-wide and legal team leadership, helping scale the business and the legal function at Anaconda.
  • Serve as the subject matter expert for product, privacy, AI and IP matters while building out a high-impact legal team supporting the same.
  • Product: Lead, manage, and build out a high-impact Product Legal function alongside Product and Engineering leadership, including building out a product counseling and engineering advising processes that is scalable and strategic and deeply operational in nature.
  • Privacy: Build out operational and compliance related requirements regarding internal and external data usage, including managing external privacy providers and software vendors, leading process enhancements, and serving as the go-to escalation point for privacy related issues.
  • AI: Provide internal and external thought leadership regarding Anaconda’s AI usage among a variety of stakeholders, helping propel smart AI usage given Anaconda’s products offering that serve as the foundational platform for AI
  • IP: Own IP strategy, including developing a defined point of view on issues related to our open source community, our patent and trademark portfolio, and ways to communicate and operationalize the same.
  • Commercial: Partner closely with commercial legal to ensure product legal approach matches commercial legal approach and that data expertise on our commercial team is leveraged, integrated and organized effectively.
  • Partner closely with our Security and IT teams, including on all things data and data flows, risk-appropriate guidance, incident response, policies and procedures, compliance offerings, risk management, and other areas of shared interest and responsibility.

Posted Feb. 19, 2025

Barnes & Noble Education  – Vice President, Associate General Counsel and Chief Privacy Officer

Responsibilities:

  • Advise on North American privacy and data protection laws, including CCPA, as amended, PIPEDA, HIPAA, and GDPR and other relevant laws, rules and regulations pertaining to consumer privacy, data security and emerging technologies such as artificial intelligence.
  •  Provide legal guidance on AI-related issues, including compliance with laws regulating automated decision-making, algorithmic transparency, and the use of artificial intelligence for consumer profiling and inference generation.
  •  Draft, review, and negotiate legal agreements with privacy and artificial intelligence implications, including data protection agreements, data protection impact assessments, technology contracts, artificial intelligence development/vendor agreements and other relevant documents
  •  Comprise part of triage incident response team and manage responses to cybersecurity incidents, investigations, and compliance matters in collaboration with the Chief Information Officer, Chief Information Security Officer, and Information Security Team.
  •  Monitor and analyze legal developments in privacy and artificial intelligence to identify potential risks and opportunities, ensuring the organization remains proactive in adapting to regulatory changes.
  •  Develop and update corporate policies related to privacy, cybersecurity, records retention, the ethical use of artificial intelligence technologies, and data governance.

Posted Feb. 18, 2025

World  – Deputy General Counsel, Global Privacy

Responsibilities:

  • Member of legal leadership, helping to build and support the strategy for the legal team in collaboration with other legal leads.
  • Lead and help develop our Privacy Legal team, responsible for privacy, security and AI related legal guidance, in partnership with other legal teams.
  • Responsible for compliance efforts with globally privacy and data protection regulations around the world, through the development and maintenance of a global privacy program, including training, auditing, reporting, and more.
  • Establish and maintain relationships with regulatory, governmental, industry, and peer groups on privacy and data security issues.
  • Oversee Privacy related regulatory investigations response work, in partnership with the Market Operations Legal and Regulatory and Litigation teams.
  • Work closely with legal subject matter experts to ensure privacy regulatory compliance.
  • Act as legal POC for the Information Security team, including on incident response matters.
  • Help scale the legal organization by developing innovative processes in partnership with other legal teams to support privacy initiatives in a fast-moving Engineering, Product, and Design teams.
  • Stay abreast of emerging legal trends and best practices in the tech industry, and provide thought leadership within the legal team and the company.
  • Inspire and energize the Privacy team, empowering each teammate to do the best work of their lives.

Posted Feb. 18, 2025

Snap Inc.  – Counsel, Privacy & Cybersecurity

Responsibilities:

  • Partner closely with Snap’s Engineering Security team to provide legal and strategic advice on a range of matters, including vendor due diligence and third party privacy and security assessments, governance, risk and compliance, and privacy and security incident response
  • Collaborate with stakeholders to help create, improve, and enforce Snap’s data security policies, standards, and practices, assuring they meet global legal requirements
  • Ensure Snap’s data processing globally complies with all applicable privacy laws, including the EU General Data Protection Regulation (GDPR) and state and federal consumer protection and privacy laws
  • Partner with Product Counsel on complex issues as they emerge in the development of new products and technologies, including privacy, data security, and encryption
  • Help continue to improve over time Snap’s privacy-by-design requirements, working closely with Snap’s Privacy Engineering team
  • Analyze potential legal risks and regulatory requirements for new products and technologies
  • Conduct privacy due diligence reviews, privacy impact assessments, and integration plans for potential acquisitions and partnerships
  • Help draft public-facing descriptions of new products and technologies
  • Track and analyze proposed, pending and new domestic and global privacy, data security, and consumer legislation that could impact the business and recommend any potential or necessary modifications to practices, as well as advise Policy team on lobbying priorities
  • Conduct periodic privacy and security trainings across the company

Posted Feb. 15, 2025

Department of Justice – Commissioner for Data Protection

Responsibilities:

The mission of the Data Protection Commission (“the DPC”) is “Safeguarding data protection rights by driving compliance through guidance, supervision and enforcement”. The DPC is the national independent authority in Ireland responsible for upholding the fundamental right of individuals in the European Economic Area (EEA) to have their personal data protected. Accordingly, the DPC is the Irish supervisory authority responsible for monitoring the application of the General Data Protection Regulation (GDPR), which has applied from the 25th of May 2018. The GDPR provides for higher standards of data protection for individuals and imposes more detailed obligations on bodies in the public and private sectors that process personal data.

There are currently two Commissioners for Data Protection, who were appointed by Government with effect from 20 February 2024. It is intended to appoint one further Commissioner, on the conclusion of this competition. The successful candidate will be appointed as Commissioner for Data Protection for a 5-year term in accordance with the governing legislation.

Posted Feb. 14, 2025

SpaceX  – Counsel, Data Protection & Privacy

Responsibilities:

  • Advise on and manage compliance with data protection laws in markets where we operate around the world
  • Drive initiatives to meet data protection best practices and regulatory requirements, in partnership with other attorneys, and the customer success, IT, and security teams
  • Maintain subject matter expertise in multiple areas of privacy, evaluating the impact of relevant global requirements and regulatory guidance
  • Respond to inquiries from data protection regulators
  • Negotiate data privacy and security provisions with suppliers, partners, and enterprise customers
  • Assist with incident response and related regulatory engagement
  • Communicate, educate, and train employees on data protection and privacy issues

Posted Feb. 14, 2025

CLEAR  – Privacy Counsel

Responsibilities:

  • Own privacy and data protection-related inquiries from external stakeholders, senior leadership, and across the company, providing strategic and practical advice on legal requirements and compliance
  • Provide counsel on regulatory developments, including the ongoing monitoring and tracking of trends in privacy and security laws, enforcement, regulations, and public policy
  • Design, implement and enhance the company’s privacy framework, including policies, processes and procedures, and conduct awareness and training efforts to enhance team members’ understanding of data privacy obligations and compliance, data privacy policies, data handling practices and procedures
  • Scope international privacy compliance requirements to support our expanding business, and collaborate with technology and product stakeholders to ensure that CLEAR meets those requirements
  • Own implementation of compliant solutions to existing and new legislative and regulatory developments to ensure ongoing compliance
  • Oversee drafting, review, and negotiation of data protection templates and assist as needed with other privacy-related contractual terms with vendors, partners, and customers

Posted Feb. 14, 2025

KAYAK  – Senior Privacy and Security Counsel

Responsibilities:

  • Lead and enforce a global privacy program, aligning with senior partners and global cross-functional teams.
  • Partner with Commercial, Partnerships, Engineering, Product, and Security teams to provide guidance on privacy laws and global regulations (e.g., GDPR, CPRA, FTC).
  • Counsel on product, privacy, and regulatory matters, serving as an expert on global privacy, data, product design, and information security.
  • Identify and mitigate risks in product, regulatory, privacy, and AI spaces while building scalable innovation processes.
  • Draft and negotiate detailed privacy agreements, including those with AI components or integration partnerships.
  • Write public-facing product and privacy disclosures, disclaimers, and terms of use.
  • Maintain expertise in global privacy and consumer protection laws relevant to our brands

Posted Feb. 11, 2025

Mastercard  – Senior Counsel

Responsibilities:

  • Engage with business and legal stakeholders to conduct privacy by design reviews for new features of the Dynamic Yield personalization platform and decision engine, and accelerate Mastercard’s initiatives related to digital commerce.
  • Support synergies between personalization platform and other Mastercard technology such as loyalty products and services while: (i) ensuring compliance with corporate standards and privacy and data protection laws including GDPR, GLBA, HIPAA and CCPA, (ii) coordinating with regional counsel to ensure compliance with other laws, and (iii) engaging with outside counsel when needed.
  • Draft and negotiate data processing terms and agreements with vendors and customers, including in relation to international data transfers, consent and notice representations and other liabilities.
  • Review privacy policies and documentation practices, and overall data practices.
  • Identify business requirements resulting from new and evolving privacy laws and regulations and provide guidance and thought leadership on topics relevant to the Services organization, including but not limited to cookie regulations and artificial intelligence.
  • Educate the business on legal developments and controls for the further development of products and services within the Services organization.
  • Document and update a range of stakeholders including executives on identified privacy compliance gaps and recommended remedial measures.

Posted Feb. 07, 2025

Medidata Solutions  – Senior Counsel, Privacy & AI

Responsibilities:

  • Commercial Support: Partner with Medidata’s commercial team on matters relating to data privacy during contract negotiations with Medidata’s customers and partners.
  • Product Counseling: Advise Medidata’s R&D and Product teams on privacy-by-design best practices, including providing actionable advice on data privacy, data use, and data security requirements.
  • Privacy & AI Governance Program Support: Provide counsel and support to Medidata’s Privacy & AI Governance Program, including policy reviews, policy updates, assessment management, and audit support.
  • Cross-Functional Support: Coordinate with cross-functional partners such as our information security and global compliance teams on privacy related issue management.
  • Awareness: Maintain awareness of global privacy laws and regulations, and proactively advise Medidata’s business teams on the impact of developments in the law.
  • Regulatory Affairs: Engage and support Medidata’s leadership in privacy-focused industry groups.

Posted Feb. 07, 2025

Lenovo  – Senior Counsel, Legal, Privacy

Responsibilities:

  • Conduct privacy impact assessments to products and services offered by the PC business division before launches.
  • Monitor, analyze, and report on privacy and data protection legal, regulatory and policy developments related to PC products and advise on requirements and standards that may affect the PC business division, customer relationships, and its supply chain globally.
  • Lead and/or support important projects to design and execute Lenovo’s privacy and data protection policies and data governance strategies to meet global legal requirements, industry standards, and customer requirements, especially in the areas of emerging technologies, products, and services.
  • Provide advice and counsel on privacy and data protection incident investigations and response and mitigation workstreams in partnership with Lenovo’s security teams and other stakeholders.
  • Provide advice and counsel for customer, supplier, and partner agreements.
  • Design and provide privacy and data protection education and awareness trainings to ensure privacy by design in development of PC products.
  • Collaborate with regional privacy counsels for local compliance of products that are launched globally.

Posted Feb. 05, 2025

Aramark  – VP and Assistant General Counsel, Privacy and Technology

Responsibilities:

  • Manage and collaborate with attorneys and other legal and compliance professionals working on privacy, data security and IT legal matters. Provide professional development and growth opportunities and promote employee engagement related to privacy protocols, data security best practices and IT contracting.
  • Ensure implementation of an efficient contracting process and other systems to interface between the IT group, Aramark’s businesses, and the privacy, data security and IT legal team.
  • Draft and negotiate technology contracts, including cloud computing agreements, software licenses, data protection agreements, and other IT contracts and vendor agreements.
  • Provide legal support on cybersecurity and incident response investigations to Aramark’s Chief Information Officer, Chief Information Security Officer and Cyber Security Incident Response Team.
  • Provide legal support to business units and corporate functions on all aspects of global privacy and security requirements, including consumer privacy, PCI-DSS compliance and other industry standards, international and inter-affiliate transfers of personal data, CCPA and other state privacy law compliance, GDPR compliance, “big data” use, marketing, records retention and data protection, and mobile privacy.
  • Review and draft language for RFPs, contracts and other legal documents related to privacy and data security requirements; negotiate arrangements related to the use and collection of personal information.
  • Review corporate initiatives involving international and inter-affiliate transfers of personal data to ensure compliance with applicable law.
  • Assess and monitor organizational risk; create policies, procedures and training to promote awareness of privacy, security and records management requirements.
  • Collaborate with stakeholders to deliver a comprehensive approach for Information Governance.

Posted Feb. 05, 2025

Dentsply Sirona  – Director, Americas Privacy & Global Cybersecurity Counsel

Responsibilities:

  • Helps set privacy vision and strategy for the global privacy compliance program overall to align with business objectives and regulatory requirements.
  • Establishes and communicates priorities for Dentsply Sirona’s Americas privacy compliance program on a quarterly and annual basis, as well as monitors and reports on progress toward those goals.
  • Creates and maintains rationalized framework for privacy and cybersecurity compliance including tracking and analysing new privacy and cybersecurity regulations applicable to Dentsply Sirona’s Americas operations.
  • Maintains and updates policies and procedures in response to new regulations, annually or more frequently as required, in partnership with the DPO.
  • Working closely with Information Security, Procurement and Legal, develops and implements policies and procedures to effectively manage third party risk, including creating and maintaining contract template language, negotiation playbooks, serving as a point of escalation for privacy and cybersecurity questions, and advising on privacy and cybersecurity requirements for third-party audits and assessments.
  • Sets training and awareness strategy and cadence for the Americas region based on regulatory requirements and compliance priorities, including leading the privacy strategy and content development for internal web pages and resources, creating and managing a privacy coordinator network for the Americas region, and hosting and presenting materials for regular engagement with the Americas privacy coordinator network.
  • Designs and delivers privacy compliance training to the Americas region as well as globally as appropriate.
  • Manages incident response process and events in the Americas region, including ensuring that procedures exist within the Americas region to promptly report data incidents to the privacy team, reviewing the Dentsply Sirona cybersecurity response plan and procedures to ensure that regional regulatory requirements are addressed appropriately, annually reviewing and refreshing incident response procedures and related documentation, maintaining breach notification requirements, and engaging in other incident response readiness activities.

Posted Feb. 01, 2025

*  *  *

Looking for an older job listing? In an effort to keep this page as up-to-date as possible, we have moved Job Listings older than the date above to our Condensed Job Listings page. We hope this comprehensive list will allow you to see the many different career opportunities that exist in Privacy and Data Security Law.