PRIVACY LAW JOB LISTINGS

This page gathers privacy job listings. Check links for further details, including salary, qualifications, location, and responsibilities. We advise you to apply even if you don’t quite meet requirements for years of experience, as employers often don’t adhere strictly to such requirements. Please write to us if you know of privacy law job listings we should include.

NOTE: As we often don’t know when positions are filled, not all positions listed on this page are still open. Posted dates are approximations.

* * *

Unum – AVP, Legal Counsel – Data Privacy & Cybersecurity

Responsibilities:

Enforces and defends Company’s interests in litigation and disputed matters related to data privacy and cybersecurity; selects, assists and supervises outside counsel.
Handles legal aspects of insurance regulatory matters pertaining to data privacy and cybersecurity, including breach response.
Provides legal support to designated business units, manages workflow from and relationships with all levels of management of each unit.
Prepares legally binding documents; drafts, negotiates and develops complex contracts and forms; may be responsible for state filings, approvals of contracts, rates and marketing materials, and systems implementation.
Monitors and keeps legal management team apprised of and solicits their input as appropriate on significant legal issues.
Analyzes and formulates company’s position on legislation/regulations.
Serves as a legal advisor to business units responsible for litigation, product development, claims, underwriting, sales, distribution, corporate, and marketing initiatives (etc.) for all product lines offered by all domestic (U.S.) companies.
Incorporates insurance, privacy, cybersecurity and artificial intelligence relevant laws and regulations to business plans and objectives.

Posted May 9, 2025

LinkedIn – Counsel – Privacy

Responsibilities:

Documentation and data governance: Work across the team to complete Data Protection Impact Assessments and Legitimate Interest Analysis and work closely with engineering teams to develop policies that can be coded into LinkedIn’s internal data management system to assist with compliance.
AI/GAI: Advise product counsel on privacy requirements regarding the use and development of cutting-edge Generative AI models and features.
Regulatory: (i) Support engagement with data protection regulators in the Americas and Asia; (ii) help drive resolution of escalated member requests for data access and deletion when a regulator is involved; and (iii) review privacy incidents to determine if breach notification may be warranted.
Transparency: Work with product counsel to develop clear and transparent disclosures for members to explain our data processing practices and their rights.
Privacy product consultation: Support privacy by design by analyzing and addressing the privacy impact of new products and features and advising product counsel on the same.

Posted May 7, 2025

Regeneron – Sr. Director, Assistant General Counsel, Privacy

Responsibilities:

Providing advice and counseling on a wide range of privacy and related issues including in the areas of patient support programs, market research, marketing campaigns, digital advertising, data analytics, and AI.
Strategically assessing potential privacy risks on new projects, including counseling on appropriate controls.
Supporting the operationalization of compliance with privacy laws globally.
Privacy governance including support of our governance bodies, and upkeep and development of policies, procedures, and guidance documents.
Leading and managing Privacy Office resources including external counsel, consultants, and certain internal resources.
Educating business clients through training and awareness programs.
Collaborating with our Government Affairs division on opportunities to influence legislation.

Posted May 7, 2025

National Basketball Association (NBA) – Senior Associate Counsel, Privacy

Responsibilities:

Support the development and implementation of the NBA’s privacy compliance program and provide legal advice related to the NBA’s data governance framework, including implementing appropriate data protection measures.
Work with senior leadership and other internal constituents across the organization regarding the management and/or use of data and helping to develop and implement privacy-related policies in compliance with applicable laws and regulations.
Negotiate and draft data processing, services, technology, and operator agreements with third-party providers.
Assist other members of the Legal Department to negotiate and draft data-related provisions of commercial and other agreements.
Support the NBA’s Marketing Department by drafting and negotiating agreements and advising on initiatives related to the promotion of the NBA and its affiliated leagues.
Perform special projects and other assignments as requested by the Legal Department’s senior leadership team.

Posted May 6, 2025

BioSpace – Director Privacy Counsel

Responsibilities:

Providing advice and counseling on a wide range of privacy and related issues such as advising on sensitive data, digital advertising, and use of emerging technologies/AI.
Strategically assess potential privacy risks on new projects, including risk-mitigation counseling and advising on appropriate controls.
Monitoring emerging regulations and supporting the operationalization of compliance with evolving laws.
Upkeep and development of internal policies, procedures, and guidance documents; educating business clients through training and awareness programs; Improving and counseling on privacy program operations.
Leading Regenerons Privacy Steward Council to drive initiatives that enhance data privacy across the organization.
Collaborating with our Government Affairs division on opportunities to influence legislation.
Assisting contracting teams in drafting, maintaining, and negotiating data processing agreements.
Participating in industry group meetings to stay updated on best practices and emerging trends.

Posted May 3, 2025

Samsung Electronics America – Senior Legal Counsel, Privacy Management

Responsibilities:

Counsel and support Samsung businesses on all privacy matters, ensuring compliance with CCPA, COPPA and other relevant state and federal privacy laws and regulations
Track and advise on legal, regulatory, and policy developments relating to data collection and use, online privacy, healthcare, tracking and analytics, advanced advertising, and related issues
Develop and implement comprehensive privacy policies and procedures
Conduct privacy impact assessments and other analyses of personal data usage
Collaborate with various departments to integrate privacy considerations into business processes and projects
Stay abreast of regulatory developments and enforcement actions related to privacy and data protection
Manage data breach response and notification processes
Provide training and raise awareness on privacy and data protection issues among employees
Represent the company in privacy-related matters and liaise with regulatory authorities
Drafting and negotiating vendor and customer contracts and counseling the business concerning privacy and information security issues

Posted May 3, 2025

Lensa – Associate General Counsel, Privacy – Remote

Responsibilities:

Assist the Privacy Senior Associate General Counsel supporting UnitedHealthcare and other privacy professional colleagues on a wide variety of privacy legal risk projects
Provide strategic privacy legal guidance and risk mitigation strategies to business leaders and cross-functional teams
Work closely and collaborate with business, legal, compliance and regulatory affairs colleagues across UnitedHealthcare to ensure regulatory and contractual obligations are met
Counsel and guide internal stakeholders on the development and implementation of policies, procedures, structures and processes to meet regulatory and contractual requirements
Assist in responding to inquiries from state and federal regulators, customers, policy makers, and other external stakeholders
Ensure new or amended privacy and security laws are reviewed for applicability and timely implemented
Develop and lead training and education on privacy and data security related topics
Establish and maintain key relationships with a variety of legal, compliance and regulatory affairs experts across all areas of UnitedHealthcare

Posted May 3, 2025

Morgan Stanley – Cyber & Privacy Counsel

Responsibilities:

Provide legal support and advice on cybersecurity, privacy, fraud and operational resilience matters impacting Morgan Stanley’s Wealth Management (WM), Institutional Securities Group (ISG), and Investment Management (IM) divisions, as well as enterprise-level business functions such as Human Resources, Operational Risk, Central Privacy Compliance (CPC), Firmwide Marketing, Firmwide AI, and Cyber, Data, Risk & Resilience.
Serve as a collaborative subject matter expert to other lawyers within the Legal and Compliance Division and provide advice to functional areas and regional business units on privacy and cybersecurity laws and requirements.
Partner closely with lead cyber & privacy counsel for WM, ISG, and IM divisions, as well as international data protection counsel, to provide strategic direction to Morgan Stanley’s business units and enterprise functions as they navigate complicated privacy and cybersecurity issues.
Advise on requirements and restrictions on the collection, use, storage and sharing of sensitive client, consumer and employee information, including with respect to Morgan Stanley’s use of artificial intelligence and machine learning technologies.
Assist in the maintenance and improvement the Firm’s cybersecurity and privacy law program, coordinating privacy, fraud, and cybersecurity legal requirements.
Work cross-functionally with Morgan Stanley’s CPC team and business unit-specific Risk Management teams to support maintenance notices, policies and procedures for privacy and information security, consistent with applicable international, federal and state laws, rules and guidance.
Partner with Morgan Stanley’s CPC Privacy Operations team to advise on Privacy Impact Assessments and data subject access rights requests.
Participate in projects addressing Morgan Stanley’s continued utilization of and leadership in artificial intelligence and machine learning.
Maintain current knowledge of applicable state, federal and international cybersecurity, privacy, fraud and system resilience laws and regulations, and work with internal stakeholders, law enforcement, and regulators to respond to and remediate incidents.
Maintain and disseminate monthly, enterprise-level communications to business, legal, risk, and compliance partners on emerging national and international trends and issues in cybersecurity and privacy law.

Posted May 1, 2025

GE Appliances – Senior Counsel – Data Privacy and Cybersecurity

Responsibilities:

Develop and implement a global privacy strategy that aligns with Company’s objectives, relevant laws and regulations, and industry best practices.
Lead the Company’s Privacy Committee and Executive Privacy Council.
Provide legal advice on privacy-related matters, including compliance with global privacy laws and regulations (e.g., GDPR, CCPA, HIPAA).
Draft and review privacy policies, procedures, internal and external facing privacy notices to ensure compliance with privacy and cybersecurity laws.
Serve as a point of contact for privacy and security-related customer and regulatory inquiries and investigations.
Develop data governance and classification standards with Company’s information technology team.
Collaborate with internal teams, such as legal, information technology, engineering, and business units, to resolve complex privacy and risk management issues and to assess cybersecurity measures and response protocols.
Stay informed of changes and developments in privacy laws, regulations, standards, and guidance, and communicate these changes effectively to relevant stakeholders.
Educate and train employees in data privacy and cybersecurity to foster a culture of security and privacy.
Facilitate Privacy Impact Assessments (PIAs) for new products, programs, agreements, and initiatives, and update risk assessments to identify and mitigate data protection risks.

Posted May 2, 2025

Walmart – Lead Counsel – Data Privacy, HIPAA, and State Health Privacy Laws

Responsibilities:

Provide expert advice on matters related to data privacy, HIPAA, and state health privacy laws.
Work with compliance to develop and implement policies and procedures to ensure compliance with applicable regulations.
Monitor changes in laws and regulations and update company policies accordingly.
Identify and assess risks related to data privacy and health information security.
Develop strategies to mitigate identified risks and ensure compliance with legal requirements.
Collaborate on the response to data breaches and other incidents involving health information.
Coordinate with relevant departments to investigate and resolve incidents promptly.
Draft and review company policies related to data privacy and health information security.
Ensure that all policies are aligned with current laws and best practices.
Collaborate with internal and external stakeholders, including regulatory bodies, to ensure compliance and address any concerns.

Posted April 30, 2025

JPMorganChase – Cybersecurity and Global Security Attorney – Assistant Vice President, Senior Counsel

Responsibilities:

Draft and negotiate cybersecurity and information security terms in supplier and client contracts.
Analyze and advise on cybersecurity and physical security regulations across jurisdictions.
Participate in advocacy and policy efforts.
Advise on cybersecurity incident response, crisis management, and regulatory engagement.
Provide day-to-day advice to the cybersecurity and technology controls organization and global security teams..
Identify issues, analyze problems, and provide practical solutions within risk tolerances.
Advise on global security issues, including physical and technical security, insider risk, global intelligence and strategic threats. .

Posted April 27, 2025

News Corp – Counsel, Privacy

Responsibilities:

Track and advise on international and domestic legal, regulatory and policy developments relating to data collection and use, online advertising, tracking and analytics and related issues.
Help implement and improve upon News Corp’s global data privacy requirements and related procedures, including notice and consent requirements, data transfer requirements, vendor due diligence, etc.
Complete and review privacy impact assessments, vendor questionnaires, records of processing activities, individual data rights requests, and similar data privacy compliance documentation.
Assist with drafting and negotiating privacy/data protection/security terms for third party agreements.
Counsel business and technology teams on privacy issues in connection with human resource management and business/consumer activities (e.g., online/digital advertising, marketing, digital and mobile initiatives).
Together with the Global Cybersecurity Team, assist with potential data breach incidents, any required breach notifications, and any required remediation.

Posted April 25, 2025

Edward Jones – Assoc General Counsel III-Privacy/Cybersecurity/RIM

Responsibilities:

Providing day-to-day thought leadership, legal guidance, and business support for key firm initiatives and strategic imperatives, in particular to support the firm’s cybersecurity, information governance, and digital and data functions.
Identifying and evaluating cybersecurity, information governance, emerging technology, and privacy risks, generally, and design and implement best-in-class, risk-aware strategies and processes to eliminate, mitigate, and control such risks.
Assisting in the development and management of enterprise-wide procedures to remove or mitigate constraints related to the development of new products and services and to ensure such products and services are developed consistent with firm privacy policies and legal obligations imposed by federal and state laws and regulations.
Co-creating relevant data and information security strategies to support the firm’s business ambitions and influence and lead horizontally (i.e., without direct authority) those strategic initiatives both within and outside the legal division.
Working closely with the Chief Information Security Officer (CISO) and security teams on data breach preparedness and response.
Fostering a culture of accountability and transparency, ensuring that privacy remains a core pillar of the firm’s innovation and growth strategy.

Posted April 25, 2025

Cencora – Senior Counsel – Data Governance, Privacy, and Cybersecurity

Responsibilities:

Advise clients on complex legal, regulatory, and policy questions in the areas of data privacy and protection (including federal and state laws and regulations in the general privacy and healthcare arena, particularly focusing on HIPAA, state privacy laws, Canadian provincial laws, etc.), cybersecurity (e.g., CMMC, NIST cybersecurity frameworks, ISO 27001, HITRUST, etc.), and artificial intelligence (including the NIST RMF, the growing body of state and local AI laws, etc.).
Draft, review, and/or negotiate various contracts, including healthcare- and HIPAA-related agreements and contract provisions dealing with privacy, cybersecurity, AI, and other data protection and operational continuity issues. This work also envisions creating template agreements and associated playbooks to expedite contracting issue management in privacy, cyber, and AI law arenas.
Assess and help mitigate harms associated with privacy and cybersecurity incidents through clear communication, disciplined issue escalation, and partnership with other privacy, cybersecurity, and business stakeholders.
Conduct reviews of new customer- and/or vendor- related technology proposals entailing privacy, cyber, and/or AI risks and offer pragmatic, creative solutions reflecting privacy and security by design concepts.
Demonstrate strong and calm decision-making capability and communication skills in the midst of time-sensitive incidents or high-risk business proposals requiring escalation to senior levels of leadership.
Manage competing projects and reviews with agility, effectively multi-tasking and prioritizing work to ensure that high value and/or high-risk business needs and projects are addressed in an efficient and strategically stream-lined way.

Posted April 25, 2025

Foundation Medicine – Director, Privacy Counsel

Responsibilities:

Serve as a privacy subject matter expert to FMI for all privacy-related matters, with only limited need for consultation with outside counsel.
Maintain current knowledge of applicable privacy laws in the US (state and federal) and ex-US (e.g., European Union and foreign national laws), including in the areas of health information privacy, consumer privacy, genetic testing, DNA analysis, and human subjects research.
Advise FMI on matters related to informed consent, HIPAA authorization, and research protocols.
Advise FMI on de-identification, pseudonymization, and anonymization standards and requirements.
Support investigation, analysis, remediation, and notification of privacy and security incidents.
Support legal colleagues in drafting, reviewing, and negotiating data use and data protection terms in commercial agreements, vendor agreements, data sharing agreements (e.g., BAAs, DPAs, DUAs), research agreements, clinical trial agreements, and other collaboration agreements.
Work in strong partnership and collaboration with other members of the privacy team, and the broader legal and compliance department, to continually advance and maintain an effective and dynamic privacy program, including assisting with the development of policies and procedures, privacy training, and awareness activities.
Participate in certain internal FMI committees as a standing team member.
Prepare materials and make presentations, as necessary or requested.
Independently triage workflow, set clear priorities and expectations with stakeholders, and efficiently deliver results.

Posted April 24, 2025

NCR Voyix – Senior Privacy Counsel

Responsibilities:

Providing practical and business-focused legal advice on privacy and data protection requirements globally (including US Federal and State laws, GDPR, CCPA, and LGPD).
Exercising risk-based judgment on privacy concerns related to product and services offerings, including conducting privacy impact assessments and providing guidance on privacy by design.
Drafting and negotiating agreements containing privacy and security clauses with customers, suppliers, and partners.
Developing and delivering training on subjects related to data privacy and data protection.
Leading privacy due diligence in evaluating potential acquisitions and support the integration of acquired businesses into privacy program.
Collaborating with others to prepare, update and enforce policies and procedures related to data privacy and data protection.
Supporting the NCR Voyix incident response process for events involving regulated personal data.
Providing proactive guidance and support on various new compliance requirements.

Posted April 22, 2025

Fox Corporation – Senior Counsel, Privacy and Data Security/Direct To Consumer Experience

Responsibilities:

Advise and counsel, manage initiatives, and generate required related work products in furtherance of compliance with privacy and data security laws and self-governing frameworks and standards
Provide compliance, contractual, and strategic guidance to internal clients, including identifying practical business solutions that balance the need to achieve business objectives while mitigating privacy and data security-related risks
Draft, review, and negotiate privacy and data security contract language in various commercial, technology, and other agreements
Draft privacy policies and other notices
Conduct internal privacy education and training
Respond to privacy rights requests
Provide support in connection with policy, government relations, legislation, and litigation related to privacy and data security
Partner with FOX colleagues and business leaders to implement principles, such as privacy by design into products and services
Communicate effectively, both orally and in writing, to confidently collaborate with client stakeholders and business legal partners
Manage a high-volume workload efficiently and smoothly by effectively prioritizing and escalating matters, as needed
Remain up to date on relevant privacy and data security laws and regulations, as well as on technological developments, threat vectors, and evolving industry standards to ensure an ongoing ability to provide sound privacy compliance advice
Support co-CPOs and Information Security Teams on incident response

Posted April 21, 2025

Otter Products – Corporate Counsel – Privacy & Technology

Responsibilities:

Conduct legal research and analysis on existing and developing privacy laws and monitor, track, and review new laws and regulations, including emerging requirements relating to artificial intelligence (“AI”); and identify and summarize relevant issues
Maintain subject matter expertise in multiple areas of privacy and evaluate impact of relevant requirements (U.S. state and federal privacy laws and regulations, UK-GDPR, PIPEDA, and other global privacy laws), regulatory guidance, and enforcement actions
Contribute to the ongoing development of Otter’s Data Protection and Privacy Programs, including assisting with updating and creating legal documents, privacy policies and notices, and contract templates (e g, Data Protection)
Addendum, privacy policies, Generative AI Policy, Document Retention Policy) to ensure compliance with existing and emerging legal requirements
Provide advice and counsel to stakeholders and business partners on privacy matters, including advice on implementation of new requirements and responses to data subject requests
Collaborate with IT and assist with conducting Data Protection Assessments (DPAs) and Privacy Impact Assessments (PIAs)
Draft, review, and negotiate IT contracts, including software licensing agreements, SaaS agreements, NDAs, and agreements involving Artificial Intelligence
Ensure contracts align with company policies, mitigate risk, and are compliant with relevant legal and regulatory requirements in IT transactions and data privacy
Provide advice and counsel to digital commerce stakeholders and digital marketing functions on various aspects of compliance with relevant laws and regulations affecting digital commerce/digital marketing, maintain subject matter expertise, and evaluate impact of relevant requirements, including customer service chatbots, CAN-SPAM & TCPA compliance, and FTC guidelines
Assist in the development, implementation, training and enforcement of company policies and procedures

Posted April 19, 2025

Grammarly – Privacy Counsel

Responsibilities:

Support Grammarly’s ability to deliver on its company objectives through a best-in-class privacy program.
Collaborate with leadership to integrate privacy by design and as a value-add in business roadmaps, systems, and initiatives.
Communicate privacy requirements and offer guidance to other teams, including Engineering, Trust, Data, Communications, Product, and other teams within the Legal department.
Simplify and distill complex global privacy requirements into practical next steps.
Serve as a key escalation point for Legal in response to privacy incidents.
Drive updates to Grammarly’s internal and external privacy documentation.
Assist with customer and vendor contract escalations, business partnerships, and corporate matters through a privacy lens.
Support scaling of the function by supporting implementation of process improvement, automation, legal technology, and new working methods.
Engage with regulatory, governmental, industry, and peer groups on privacy legal issues as needed.

Posted April 18, 2025

Verrus – Data Privacy Attorney

Responsibilities:

Advising on compliance with existing and emerging privacy law frameworks in the US
Represent clients in privacy and data security litigation matters.
Developing compliance plans and negotiating information privacy-compliant agreements.
Handling regulatory investigations related to privacy and data security issues.
Drafting and reviewing privacy-related agreements, such as data protection agreements and terms of service.
Staying current with global privacy regulations and emerging trends in cybersecurity.
Representing clients in negotiations and regulatory proceedings related to privacy and cybersecurity.
Represent clients in privacy and data security-related disputes, including class actions and regulatory investigations.
Manage cases involving data breaches, consumer protection issues, and unfair trade practices.

Posted April 17, 2025

Walker & Dunlop – VP & Associate General Counsel, Technology and Data Privacy

Responsibilities:

Serve as the subject matter expert for domestic and international privacy, data licensing and AI implementation matters.
Build out operational and compliance related requirements regarding internal and external data usage, including managing external privacy providers and software vendors and leading process enhancements.
Collaborate and coordinate closely with our in-house technology and cybersecurity team, including the Chief Information Security Officer, to address privacy and data governance risks.
Lead negotiations for complex technology related contracts and agreements, including SaaS, data and software licensing and confidentiality agreements.
Balance business and contract goals against legal, business, policy and reputational risks.
Present and defend positions and views to business team members as well as counterparties.

Posted April 17, 2025

Thomson Reuters – Sr. Counsel, Privacy

Responsibilities:

Monitoring and tracking current and emerging data protection regulations and translate legal terms into business requirements, guidance, and advice;
Assisting in the design, maintenance, and implementation of the Thomson Reuters Privacy Program, including drafting privacy policies and establishing related processes.
Collaborating with product and business teams to identify legal and privacy risks in product and system development and provide risk-mitigation counseling, including advising on privacy-by-design, reviewing PIAs, and conducting risk assessments.
Providing legal counsel to cybersecurity teams, including during investigations to ensure they are conducted and documented appropriately to minimize risks, protect individual privacy, and fulfill legal obligations arising from incidents.
Assisting contracting teams in drafting, maintaining, and negotiating data protection agreements.
Otherwise providing legal counsel to the company and assist the Thomson Reuters Privacy Office in discharging its duties.

Posted April 15, 2025

UPS – Privacy Attorney – UPS Healthcare

Responsibilities:

Advising on all aspects of the GDPR, including drafting and reviewing data protection contracts, data protection policies, procedures and notices.
Assisting and managing privacy compliance framework projects and liaising with the UPS Global Privacy Office and UPS Public Affairs.
Assisting in management of Privacy Impact Assessments.
Negotiating and advising on Business Associate Agreements (BAA) and other related privacy and data protection agreements with customers and vendors.
Advising on data privacy and cyber security risk issues.
Managing, with the Global Privacy Office, any data incidents occurring in UPS Healthcare.
Participates in contractual meetings to advise Sales team and Solutions group on documentation needed to support the customer.
Prepares weekly status reports for stakeholders and leadership.

Posted April 12, 2025

Converys – Director of Privacy & Senior Legal Counsel

Responsibilities:

Lead the development and implementation of the Company’s Privacy Program, including privacy policies and procedures that align with applicable state and federal laws and regulations and industry best practices.
Oversee development and provision of privacy training to Company employees and Company Boards of Directors.
Collaborate with cross-functional teams on the development, implementation and administration of privacy initiatives.
Monitor developments in privacy laws, regulations, standards and industry best practices and communicate with internal stakeholders on the impacts of those developments.
In coordination with Compliance and other appropriate staff, lead the investigation of privacy breaches and other privacy-related violations at the Company.
Oversee Company responses to notifications of third-party privacy breaches that affect the Company and its customer and/or employee information.
Oversee Company responses to individual rights requests.
Support general corporate needs and provide legal advice on a variety of corporate matters, especially those that concern privacy issues. Examples include contracts, internal and external policy documents, employment matters, and corporate transactions.
Manage and coordinate corporate responses to subpoenas, regulatory investigations, litigation, and other adversarial proceedings.
Coordinate with and effectively manage relationships with outside counsel when appropriate.
Perform comprehensive research and analysis of case law and statutory and regulatory information in order to maintain knowledge of industry trends and best practices and provide advice regarding implications impacting the business, particularly concerning privacy, general corporate, and insurance -related issues.

Posted April 12, 2025

Foursquare – Senior Privacy Counsel

Responsibilities:

Lead Foursquare’s global privacy program by effectively staying up-to-date on and communicating global privacy laws and regulations and general compliance guidance to stakeholders and working cross-functionally to implement and operationalize the appropriate controls throughout the organization to ensure compliance.
Provide legal guidance on product development initiatives relating to new and existing products and features throughout the product development lifecycle.
Oversee third party risk management program.
Help to develop and conduct general awareness and role-specific privacy training to cross-functional stakeholders.
Review and negotiate data processing agreements and other privacy and security related agreements.
Partner with the go-to-market team to respond to customer questions and RFIs.
Oversee Foursquare’s global compliance program, including Foursquare’s Code of Conduct.
Be the point of contact for responding to government requests or inquiries.
Manage or oversee other privacy professionals.

Posted April 11, 2025

American Express – Director & Counsel, Privacy & Data Law

Responsibilities:

Advise B2C and B2B businesses with day-to-day data protection and privacy queries across the U.S. region, including across nascent and developing areas.
Provide guidance for new product launches, strategic initiatives, and practical risk mitigation strategies.
Support digital advertising initiatives by advising on data use/disclosure issues and leading strategic negotiations with media companies.
Draft and negotiate commercial agreements relating to data protection and privacy, including co-brand and business partner agreements and data processing agreements.
Oversee the development and maintenance of data privacy related policies and guidance, including reviewing and drafting privacy notices and disclosures.
Draft and uplift data protection and privacy templates and guidance documents/playbooks.
Provide legal support for regulatory change management projects.
Support data privacy training and awareness across the organization.

Posted April 10, 2025

Publicis Re:Sources – Data Privacy Counsel, North America

Responsibilities:

Legal Compliance: Monitor privacy legislation and matters and ensure compliance with relevant privacy laws and regulations.
Policy Development: Develop, implement, and maintain privacy policies, procedures, and best practices.
Risk Management: Identify, assess, and mitigate privacy risks associated with marketing campaigns, data processing activities, and new technologies.
Training and Awareness: Conduct training sessions for employees to promote privacy awareness and ensure adherence to privacy policies and practices.
Contract Review: Draft, review, and negotiate data protection agreements, privacy terms in client contracts, and vendor agreements to ensure adequate data protection measures are in place.
Notice Drafting: Draft consumer disclosures such as notices and consent disclaimers.
Privacy Assessments: Conduct regular privacy assessments to evaluate the agency’s data protection practices and identify areas for improvement.
Incident Response: Participate in the response to any data breaches or privacy incidents, including investigation, remediation, and reporting as required by law.
Stakeholder Collaboration: Work closely with cross-functional teams, including privacy operations, engineering, product, client services, security, HR, and marketing, to integrate privacy considerations into business operations and client projects.
Advisory Role: Provide expert advice to senior management and project teams on privacy-related issues and strategic initiatives.
Global Projects: Collaborate with global privacy counsel on the Groupe’s global privacy program.

Posted April 10, 2025

DoubleVerify– Privacy Counsel

Responsibilities:

Own the drafting, maintenance and management of internal policies, processes and procedures, as well as external privacy documentation such as DV’s privacy notices
Be the primary resource responsible for the review and negotiation of client and vendor DPAs, including supporting the review of security requirements in collaboration with the DV Security team
Work cross-functionally to provide guidance focused on balancing best-in-class privacy compliance with a proactive, business-friendly and technically sound approach, and implement Privacy by Design and Privacy by Default across our Solutions and operations
Lead PIAs/DPIAs/TIAs and other assessments as necessary to provide guidance and to ensure offerings are crafted, built, and maintained in a way that aligns with applicable privacy obligations around the world
Support DV’s Chief Privacy Officer with global privacy projects and initiatives as required from time to time, including assessing and analyzing operational, regulatory and legal implications of ongoing and future M&A transactions
Contribute to strategic analysis of legal implications of using personal data, primarily around new products and technology enhancements
Find creative solutions to minimize privacy risks while enabling business goals
Collaborate with teams across DV to help drive a global data protection program and governance structure consistent with relevant laws and regulations
Draft, implement, maintain and support communication of templates (e.g., DV DPAs)
Support RFI/RFP processes as needed
Enable deployment of various privacy management technologies as required from time to time, including working with broader legal team to ensure contract management tools appropriately track privacy requirements
Stay current with applicable and emerging global data privacy and security laws, including CCPA, GDPR, and other U.S. and international privacy laws

Posted April 11, 2025

Keurig Dr Pepper Inc. – Senior Counsel, Privacy

Responsibilities:

Lead KDP’s global privacy program, ensuring alignment with the NIST framework and industry best practices, including maintaining policies, procedures, and controls, to safeguard personal information and maintain compliance with privacy laws.
Monitor and stay current with emerging privacy laws and regulations, assessing their impact on the business and privacy program to implement necessary changes to remain compliant.
Conduct privacy risk assessments, ROPAs, and TIAs; working with the business to identify risk mitigation activities needed to comply with privacy laws.
Collaborate with marketing and media teams to develop strategies that maximize the use of data while maintaining compliance with digital tracking, advertising and other privacy regulations and best practices.
Partner with Cybersecurity team to manage BigID, KDP’s privacy technology tool.
Manage Privacy Program Manager.
Partner with legal colleagues and the business to provide legal counsel and negotiate data protection provisions in various contracts.
Effectively communicate to a broad range of stakeholders, internal and external, to champion KDP’s continued privacy culture and demonstrate compliance with policies and procedures through metrics and key performance indicators.
Lead the development and delivery of comprehensive privacy training and awareness programs for employees at all levels.
Collaborate with cross-functional teams to implement Privacy by Design into product development, marketing, and business strategies.
Partner with Incident Response team to manage investigations of potential incidents and privacy compliance violations; implement corrective actions.
Collaborate with the CISO to align privacy and cybersecurity efforts, including communication, outreach and compliance requirements, to ensure a holistic approach to privacy and security.
Support cross functional efforts for responsible AI governance and compliance with emerging AI regulations globally.

Posted April 09, 2025

Unum – AVP, Legal Counsel – Data Privacy & Cybersecurity

Responsibilities:

Enforces and defends Company’s interests in litigation and disputed matters related to data privacy and cybersecurity; selects, assists and supervises outside counsel.
Handles legal aspects of insurance regulatory matters pertaining to data privacy and cybersecurity, including breach response.
Provides legal support to designated business units, manages workflow from and relationships with all levels of management of each unit.
Prepares legally binding documents; drafts, negotiates and develops complex contracts and forms; may be responsible for state filings, approvals of contracts, rates and marketing materials, and systems implementation.
Monitors and keeps legal management team apprised of and solicits their input as appropriate on significant legal issues.
Analyzes and formulates company’s position on legislation/regulations.
Serves as a legal advisor to business units responsible for litigation, product development, claims, underwriting, sales, distribution, corporate, and marketing initiatives (etc.) for all product lines offered by all domestic (U.S.) companies.
Incorporates insurance, privacy, cybersecurity and artificial intelligence relevant laws and regulations to business plans and objectives.
Identifies law-related training needs of Company personnel; develops and delivers training through various mechanisms including written materials, classroom and staff presentations.
Ensures that all business clients give appropriate attention to the Code of Conduct.

Posted April 06, 2025

A + E Global Media – Director, Privacy Counsel

Responsibilities:

Handle operational and transactional privacy program aspects in relation to A+E Global Media’s consumer websites and applications.
Ensure overall compliance with privacy and data protection laws, as well as industry best practices, to build consumer trust by embedding privacy-first design into products and services.
Support and monitor the operational aspects of A+E Global Media’s privacy program across consumer web sites and mobile/CTV apps to ensure that processes and practices meet applicable legal requirements, including privacy policies, data subject rights (DSR) requests, consent management platform (CMP) and privacy signals, vendor due diligence, and data maps.
Work closely with members of the privacy legal team, as well as other members of the broader legal team, and business partners throughout the organization, to manage and evolve a first-party data strategy and to meet ad sales, marketing, and other business goals.
Draft and negotiate Data Processing Agreements (DPAs) and privacy and data protection terms in contracts, especially with regard to ad sales and marketing agreements.
Identify and communicate potential privacy risks across the organization and stay informed of, and communicate, pertinent changes to, or developments in, privacy laws, regulations, standards, and guidance.

Posted April 04, 2025

VeraSafe – Privacy Counsel

Responsibilities:

Assessing client information systems for compliance with data protection laws and regulations
Drafting data protection agreements, addenda, and amendments
Advising clients on privacy-related product improvements
Researching legal issues and composing legal opinions/memoranda
Writing privacy law related articles and blog posts
Assisting in the development of in-house legal templates
Contributing to the development of internal procedures and methodologies
Collaborating with a team of intellectual peers who value cooperation and community.

Posted April 03, 2025

Foundation Medicine – Director, Privacy Counsel

Responsibilities:

Serve as a privacy subject matter expert to FMI for all privacy-related matters, with only limited need for consultation with outside counsel.
Maintain current knowledge of applicable privacy laws in the US (state and federal) and ex-US (e.g., European Union and foreign national laws), including in the areas of health information privacy, consumer privacy, genetic testing, DNA analysis, and human subjects research.
Advise FMI on matters related to informed consent, HIPAA authorization, and research protocols.
Advise FMI on de-identification, pseudonymization, and anonymization standards and requirements.
Support investigation, analysis, remediation, and notification of privacy and security incidents.
Support legal colleagues in drafting, reviewing, and negotiating data use and data protection terms in commercial agreements, vendor agreements, data sharing agreements (e.g., BAAs, DPAs, DUAs), research agreements, clinical trial agreements, and other collaboration agreements.
Work in strong partnership and collaboration with other members of the privacy team, and the broader legal and compliance department, to continually advance and maintain an effective and dynamic privacy program, including assisting with the development of policies and procedures, privacy training, and awareness activities.
Participate in certain internal FMI committees as a standing team member.
Prepare materials and make presentations, as necessary or requested.
Independently triage workflow, set clear priorities and expectations with stakeholders, and efficiently deliver results.

Posted April 03, 2025

NCR Voyix – Senior Privacy Counsel

Responsibilities:

Providing practical and business-focused legal advice on privacy and data protection requirements globally (including US Federal and State laws, GDPR, CCPA, and LGPD).
Exercising risk-based judgment on privacy concerns related to product and services offerings, including conducting privacy impact assessments and providing guidance on privacy by design.
Drafting and negotiating agreements containing privacy and security clauses with customers, suppliers, and partners.
Developing and delivering training on subjects related to data privacy and data protection.
Leading privacy due diligence in evaluating potential acquisitions and support the integration of acquired businesses into privacy program.
Collaborating with others to prepare, update and enforce policies and procedures related to data privacy and data protection.
Supporting the NCR Voyix incident response process for events involving regulated personal data.
Providing proactive guidance and support on various new compliance requirements.

Posted April 01, 2025

SHEIN Technology Inc. – Senior Privacy Counsel

Responsibilities:

Advise marketing, operations, information technology, and human resources teams on compliance with data protection laws, regulations, and practices in the Americas, focusing particularly on US privacy laws (ex: CCPA, COPPA, etc.), PIPEDA, and LGPD.
Conduct internal privacy assessments and compliance examinations, including privacy impact assessments, transfer impact assessments, and third-party risk management reviews.
Design, implement and maintain external privacy notices and related disclosures, as well as enterprise-wide data protection policies, procedures, and standards.
Advise on discussions with supervisory, regulatory, and data protection authorities.
Maintain and update form data protection agreements, related questionnaires, and assessments.
Assist marketing, information technology, security, human resources, and procurement teams in drafting, reviewing, and negotiating data protection related agreements.
Provide legal and strategic advice and guidance in support of cross-border data flows and related projects across SHEIN.
Foster a culture of privacy compliance and privacy by design.
Monitor legal and regulatory developments in data protection to anticipate emerging trends, spot issues, and help SHEIN make informed strategic decisions.

Posted April 01, 2025

SpaceX – Counsel, Data Protection & Privacy

Responsibilities:

Advise on and manage compliance with data protection laws in markets where we operate around the world
Drive initiatives to meet data protection best practices and regulatory requirements, in partnership with other attorneys, and the customer success, IT, and security teams
Maintain subject matter expertise in multiple areas of privacy, evaluating the impact of relevant global requirements and regulatory guidance
Respond to inquiries from data protection regulators
Negotiate data privacy and security provisions with suppliers, partners, and enterprise customers
Assist with incident response and related regulatory engagement
Communicate, educate, and train employees on data protection and privacy issues

Posted March 31, 2025

Postman – Privacy Counsel

Responsibilities:

Provide expert guidance on privacy compliance for marketing campaigns and operations, including email campaigns, digital advertising, and data analytics.
Counsel marketing and sales teams on the collection, use, and sharing of customer data, ensuring compliance with GDPR, CCPA, and other global privacy laws.
Work with engineering and operations teams to develop and implement privacy processes and controls for marketing, sales, and product initiatives.

Posted March 30, 2025

Raytheon – Associate Director, Data Privacy & Cyber Counsel

Responsibilities:

Provide day-to-day legal support to the Raytheon organization on all aspect of Data Privacy and Cybersecurity law
Assist with the development, implementation, and maintenance of data privacy and cybersecurity policies, standard work, playbooks, guidance, templates, and develop and deliver general awareness and targeted training
Partner with various stakeholders across the company to provide real-time, compliant Data Privacy and Cybersecurity advice to support business needs
Collaborate closely with enterprise-wide colleagues including the RTX Chief Privacy Counsel and Chief Cybersecurity Counsel
Assist the Risk Monitor and Analytics team with metrics building, risk monitoring and control review
Conduct privacy impact assessments and regular compliance-related risk assessments and develop and implement action plans
Review and negotiate Data Privacy and Cybersecurity contracts terms for supplier and customer contracts
Provide legal advice and counsel on the data privacy and cybersecurity aspects of mergers, acquisitions, and divestitures (MA&D), including on MA&D agreements, representations and warranties, and diligence
Manage the Raytheon Data Protection Officer (DPO) network and data privacy compliance manager

Posted March 29, 2025

Wabtec Corporation – Senior Director, Privacy Counsel

Responsibilities:

Develop and implement a global data privacy strategy that aligns with the company’s objectives, relevant laws and regulations, and industry best practices, including by drafting data privacy policies and procedures and internal and external facing privacy notices.
Collaborate with cross-functional teams, including HR, IT, and legal, to assess privacy and security risks and regulatory requirements and ensure a unified approach to data privacy.
Draft, review, and negotiate privacy and cybersecurity terms in contracts, data processing agreements, and other privacy-related agreements.
Conduct data protection impact assessments (DPIA) and regularly review and update risk assessments to identify and mitigate data protection risks.
Monitor relevant privacy and data protection laws and enforcement activities to ensure ongoing compliance, track emerging risks, and assess applicability of new laws to Wabtec.
Serve as a point of contact for data privacy inquiries and data subject requests from employees and external parties, including global data protection authorities.
Conduct third-party vendor reviews to assess vendor compliance with data privacy regulations.
Educate and train employees on data privacy and cybersecurity, in order to foster a culture of security and privacy within Wabtec.
Advise business units in assessing and responding to data privacy risks.
Work with IT to develop and implement an information security program, including assessing cybersecurity measures and response protocols.
Support the Legal response to cybersecurity incidents, including investigation, mitigation, notification, and remediation.

Posted March 29, 2025

Vimeo – Senior Privacy Counsel

Responsibilities:

Develop, implement, and oversee Vimeo’s privacy program, ensuring compliance with global data protection laws including GDPR, CCPA, and other relevant regulations.
Provide expert legal guidance on privacy and data protection matters related to product development, marketing, and third-party partnerships.
Draft, update, and enforce internal and external privacy policies, data protection agreements, and other legal documentation to reflect evolving legal requirements and industry best practices. Collaborate with product, engineering, and security teams to ensure privacy-by-design principles are embedded into product development and business operations. Develop and lead privacy training programs to promote a strong culture of data protection.
Partner with security and compliance teams to manage data breaches and security incidents, ensuring regulatory compliance and risk mitigation.
Stay up-to-date with global privacy laws and regulations and offer proactive guidance to internal stakeholders on potential implications. Engage with regulators when necessary and advocate for Vimeo’s interests in privacy matters.
Supervise and provide guidance to the Privacy Program Manager, ensuring successful execution of privacy initiatives.

Posted March 28, 2025

BBB National Programs – Senior Counsel, Youth Privacy & Technology

Responsibilities:

Onboard and advise participants in CARU’s COPPA Safe Harbor program including, but not limited to, reviewing privacy policies, and analyzing and ensuring ongoing compliance with COPPA and other applicable laws and best practices
Provide guidance and support on child-related technology and security legal issues to stakeholders
Review and assess COPPA Safe Harbor participant certification responses against program requirements
Collaborate with team members to monitor and research non-compliant companies and/or online services, initiate compliance remediation, and prepare public dispositional documents and/or reports for CARU’s self-regulatory investigatory purposes
Maintain ongoing communication with COPPA safe harbor participants through written compliance alerts, tips and webinars

Posted March 28, 2025

VIZIO – Senior Privacy Counsel

Responsibilities:

Provide counseling to stakeholders on legal requirements and best practices for privacy issues relating to retail sales and e-commerce, including but not limited to mobile app privacy, customer loyalty programs, online marketing, TCPA, CAN-SPAM, cookie compliance, geolocation, health-related advertising, financial data privacy, and children’s privacy,
Develop, manage, and improve internal compliance policies and practices relating to data governance.
Monitor and update external privacy policies and disclosures to align with business practices and regulatory requirements.
Assist in conducting and managing internal assessments of the Company’s privacy controls.
Coordinate with business stakeholders, outside consultants, and counterparty representatives to manage external assessments of Company’s business partners.
Provide counseling on safeguards relating to sensitive personal information categories.
Collaborate with other attorneys to review data privacy terms in Company agreements, which may include content licensing agreements, advertising services agreements, data licensing agreements, or other professional services contracts.
Evaluate issues from legal and business perspectives with a practical, business-oriented approach to problem solving, as well as handle complex business and legal issues in a fast-paced, agile, and evolving technology-driven business environment.
Maintain and continuously improve working knowledge of applicable state, federal, and global privacy laws, regulations, and industry standards.

Posted March 26, 2025

Walker & Dunlop – Vice President & Associate General Counsel, Technology and Data Privacy

Responsibilities:

Serve as the subject matter expert for domestic and international privacy, data licensing and AI implementation matters.
Build out operational and compliance related requirements regarding internal and external data usage, including managing external privacy providers and software vendors and leading process enhancements.
Collaborate and coordinate closely with our in-house technology and cybersecurity team, including the Chief Information Security Officer, to address privacy and data governance risks.
Lead negotiations for complex technology related contracts and agreements, including SaaS, data and software licensing and confidentiality agreements.
Balance business and contract goals against legal, business, policy and reputational risks.
Present and defend positions and views to business team members as well as counterparties.

Posted March 26, 2025

Medidata Solutions – Senior Counsel, Privacy & AI

Responsibilities:

Commercial Support: Partner with Medidata’s commercial team on matters relating to data privacy during contract negotiations with Medidata’s customers and partners.
Product Counseling: Advise Medidata’s R&D and Product teams on privacy-by-design best practices, including providing actionable advice on data privacy, data use, and data security requirements.
Privacy & AI Governance Program Support: Provide counsel and support to Medidata’s Privacy & AI Governance Program, including policy reviews, policy updates, assessment management, and audit support.
Cross-Functional Support: Coordinate with cross-functional partners such as our information security and global compliance teams on privacy related issue management.
Awareness: Maintain awareness of global privacy laws and regulations, and proactively advise Medidata’s business teams on the impact of developments in the law.
Regulatory Affairs: Engage and support Medidata’s leadership in privacy-focused industry groups.

Posted March 22, 2025

World – Senior Counsel, Privacy

Responsibilities:

Drive development and execution of the company’s strategies to address new and evolving global privacy requirements.
Lead on drafting new and updated privacy policies across the full range of TFH’s products.
Respond to and manage privacy related regulatory investigations.
Oversee the privacy policy safeguard life cycle end-to-end.
Maintain subject matter expertise in new and evolving areas of global privacy law and regulatory pressures.
Develop resources and tools that enable counsel across the company to provide durable and consistent advice on privacy issues.
Drive high-profile and high-impact projects involving privacy analysis with cross-functional stakeholders across the project’s business, policy, legal, communications, security, and other departments.

Posted March 21, 2025

Datadog – Privacy Counsel

Responsibilities:

Provide legal advice on privacy, data protection, and AI governance to teams across Datadog, including legal, product, engineering, information security, employment, and marketing
Develop and mature Datadog’s privacy program by updating policies and notices, advising on data subject requests, conducting privacy and AI risk assessments, and embedding privacy-by-design principles into our product development and business processes
Draft and negotiate privacy, data, and AI-related contracts with customers and vendors, acting as an escalation point for our commercial legal team
Play a crucial role in responding to privacy and security incidents, including our regulatory response and customer communications, by partnering with our security incident response, customer trust, engineering, and trust and safety teams
Monitor and assess global privacy, data protection, cybersecurity, and AI laws, conducting gap analyses and implementing requirements to ensure Datadog’s compliance

Posted March 19, 2025

Cardinal Health – Privacy Counsel

Responsibilities:

Serve as a functional expert working closely with and advising business leaders, commercial counsel, and other colleagues on privacy issues, including data protection, data retention, data usage, data security and data breaches
Review and negotiation of data privacy agreements, data processing agreements, business associate agreements and other similar privacy-related provisions
Advise on incident response and data breach reporting processes in coordination with the VP of Privacy
Collaborate with IT Security teams to ensure alignment between IT security and privacy compliance programs
Provide guidance, direction, and practical translation of privacy requirements to cross-functional teams on complex projects
Assist with the management of legislative and regulatory inquiries, investigations or administrative actions related to privacy and data security
Review policies and procedures to ensure compliance with applicable data privacy laws and regulations
Advise on the design and provision of the privacy training program
Remain up to date on legislative developments in Privacy at the state, federal and international level that may affect Cardinal Health
Support acquisitions, divestitures, and joint ventures as they relate to privacy matters

Posted March 19, 2025

ServiceNow – Corporate Counsel, Privacy

Responsibilities:

Provide advice and guidance to various departments, including governance, risk and compliance, sales, product teams, procurement, and human resources, as part of the Global Privacy team.
Assist the commercial legal and procurement legal team by reviewing and negotiating privacy-related agreements, (e.g. DPAs, SCCs, International Data Transfer Agreements), in support of global sales and procurement transactions.
Advise on existing and emerging privacy laws in the US and across AMS generally.
Assist in privacy guidance to the business in relation to AI/ML and other emerging technologies.
Assist in the development of the company’s privacy practices in light of changes in the law in all Global territories, working in coordination with the Global Privacy team.
Assist in the creation and maintenance of privacy related notices, policies, standards, guidelines and processes, including carrying out privacy reviews and privacy impact assessments.
Assist in carrying out data transfer impact assessments and providing guidance in relation to international data transfer and data localization developments.
Assist in pursuing and maintaining privacy related Certifications and Standards.
Support privacy training for various groups within the company.
Advise on product related legal issues.

Posted March 18, 2025

Erie Insurance Group – Counsel II – Data Privacy and Technology

Responsibilities:

Assists with the organization and direction of the company’s legal activities.
Assists in directing the defense of the company against suits or claims, and assists in initiating legal actions to support the company’s claims against others.
Provides legal counsel and guidance to officers and other personnel on corporate and operational matters involving legal problems.
Prepares or reviews proposed contracts, leases and other formal agreements and legal instruments in order to safeguard the company’s interests. Reviews drafts of ERIE’s insurance policies, forms and endorsements.
Drafts and revises insurance contracts and related documents to ensure conformity with applicable statutes, regulations, administrative orders, circulars, bulletins and other applicable legal authority.
Researches and interprets statutes, regulations, case law, insurance department bulletins and other applicable legal authority. Provides legal advice and guidance to various departments of the company.
Provides legal research, advice and guidance on insurance claims.
Reviews proposed and existing legislation affecting the Erie Insurance Group and advises and consults with General Counsel, Deputy General Counsel and Senior Counsel on the position of the company with regard to such matters.
Counsels and advises corporate personnel on legal issues including, but not limited to, those related to real and personal property, taxes, advertising, trademarks, copyright and promotion programs, contracts, personnel matters, public relations, underwriting and claims interpretation.
Participates in trade associations and regulatory and legislative hearings and meetings as directed or requested.

Posted March 18, 2025

Axiom – Data Privacy & Cybersecurity Lawyer

Responsibilities:

Provide legal advice and counsel on privacy compliance requirements and opportunities for improvement of privacy policies
Work with and advise business and compliance clients directly, as well as providing guidance and practical solutions
Maintain strong, collaborative relationships with internal business partners and stakeholders.
Experience providing legal advice regarding privacy, privacy impact assessments, data-sharing, and related issues

Posted March 15, 2025

AbbVie – Senior Counsel, Legal Privacy & Data Security

Responsibilities:

Strategic and day-to-day legal support for business functions (both aesthetics and therapeutics).
Monitor and advise on compliance and implementation positions for emerging data privacy laws.
Support global privacy contracts and M&A legal teams regarding data privacy legal questions, contract reviews, and negotiations.
Draft, review, negotiate, and manage data privacy and protection terms for a variety of transactional agreements, including master services agreements, professional services and consulting agreements, statements of work, BAAs, business technology agreements, and supply agreements.
Support the AbbVie privacy compliance office regarding the operation of AbbVie’s global privacy program.
Monitor and advise on the implications of privacy laws on artificial intelligence and emerging technologies.
Legal support for information security risk management team, including data breach analysis and response, third party risk management, and insider risk.
Draft and review privacy notice, consent, and contract templates, both globally and regionally.
Manage and supervise external privacy counsel work.

Posted March 13, 2025

Thomson Reuters – Assistant General Counsel, Privacy & Cybersecurity

Responsibilities:

Lead a team of attorneys and privacy professionals;
Monitor and track current and emerging data protection regulations and translate legal terms into business requirements, guidance, and advice;
Assist in the design, maintenance, and implementation of the Thomson Reuters Privacy Program, including drafting privacy policies and establishing related processes;
Collaborate with product and business teams to identify legal and privacy risks in product and system development and provide risk-mitigation counseling, including advising on privacy-by-design, reviewing PIAs, and conducting risk assessments;
Provide legal counsel to cybersecurity teams, including during investigations to ensure they are conducted and documented appropriately to minimize risks, protect individual privacy, and fulfill legal obligations arising from incidents;
Assist contracting teams in drafting, maintaining, and negotiating data protection agreements;
Otherwise provide legal counsel to the company and assist the Thomson Reuters Privacy Office in discharging its duties.

Posted March 12, 2025

Potomac Law – Privacy and Data Security Lawyer

Responsibilities:

Advising on compliance across all aspects of global privacy law and regulation, including data protection, data retention, data security and data breach rules.
Updating privacy policies, negotiating and drafting master services agreements in accordance with global privacy requirements and providing support to the development of guidelines, training and tools to support privacy accountability and compliance.
Working with and advising business and compliance clients directly, as well as providing guidance and practical solutions.

Posted March 11, 2025

Liberty Mutual Insurance – Privacy Counsel

Responsibilities:

Conducting legal research and analysis on existing and developing privacy laws and monitor and review new laws and regulations, including emerging requirements relating to Artificial Intelligence; identify and summarize relevant issues.
Supporting cross-company global projects involving personal information.
Provide advice and counsel to stakeholders and business partners on privacy matters, including advice on implementation of new requirements.
Understand data privacy regulatory landscape and support business operations to ensure compliance with best practices and data protection laws, including minimizing any potential risk.
Conducting privacy impact assessments and monitoring risk mitigation measures.
Drafting and reviewing legal documents including third party vendor agreements to include privacy controls, data transfer agreements, and privacy notices and policies.
Supporting third party risk management processes related to privacy.
Drafting privacy notices and privacy policies.
Assist with responses to subject access requests.
Assisting with data classification and electronic record management efforts related to applications involving personal data.
Identifying privacy training needs of Company personnel; develops and delivers training through various mechanisms including written materials, classroom, and presentations.

Posted March 10, 2025

Cimpress Technology – Privacy Counsel, Technology

Responsibilities:

Providing pragmatic and actionable legal advice on U.S. privacy laws, including CCPA/CPRA, and their intersection with product development, digital advertising, and data processing activities.
Providing advice on privacy compliance for cookies, analytics, and tracking technologies, ensuring alignment with U.S. regulatory requirements.
Leading cross-functional privacy compliance projects, including building privacy operations processes such as DSAR, implementing privacy frameworks within Cimpress business units, and data mapping initiatives.
Supporting the design, implementation, and enhancement of privacy programs, including the operationalization of privacy principles and processes.
Working closely with global privacy team members to support the implementation and management of international privacy programs within the business units.
Conducting training and raising awareness on privacy compliance topics for teams across Cimpress and the business units.
Collaborating with product, developers, engineers, HR, and other teams to embed practical privacy solutions into operations and software development lifecycles.
Staying up to date on evolving U.S. privacy laws and enforcement trends, communicating potential impacts to stakeholders.
Participating and leading Incident response investigations and notifications to authorities

Posted March 07, 2025

Great Minds – Senior Counsel – Privacy

Responsibilities:

Provide legal guidance on compliance with education-focused privacy laws, including FERPA, COPPA, SOPIPA, state student privacy laws, and applicable regulations.
Partner with product and business teams to ensure privacy principles are embedded into curriculum development and digital platforms.
Draft, review, and negotiate privacy and data security terms in contracts with schools, districts, vendors, and technology partners.
Develop and implement policies and best practices for handling student and educator data in compliance with legal and ethical standards.
Monitor and interpret emerging privacy laws and regulatory trends, advising leadership on their impact on K-12 education.
Conduct internal privacy risk assessments and develop frameworks for data governance, security, and incident response.
Provide training and guidance to internal teams on privacy compliance, data protection, and best practices for handling student and educator data.

Posted March 06, 2025

Baker Hughes – Privacy Counsel

Responsibilities:

Managing and supporting incident response from a privacy perspective (including Data Loss Prevention – DLPs).
Managing data privacy aspects of Data Subject Access Requests (DSARs) and support data owners with responding to DSARs.
Supporting Data Transfer Impact Assessments for cross-border personal data transfers.
Conducting Privacy Impact Assessments as required.
Supporting Segments, Regions and relevant Functions with the effective implementation of the Data Privacy Program.
Managing and/or support enterprise-wide projects that have a data privacy aspect/impact.
Developing and delivering privacy compliance training.
Supporting data privacy audits (both internal and external audits).
Monitoring data privacy regulatory developments (horizon scanning) and contribute to the update of the team’s regulatory developments tracker.
Supporting the review and update of privacy policies and procedures.

Posted March 04, 2025

KAYAK – Senior Privacy and Security Counsel

Responsibilities:

Lead and enforce a global privacy program, aligning with senior partners and global cross-functional teams.
Partner with Commercial, Partnerships, Engineering, Product, and Security teams to provide guidance on privacy laws and global regulations (e.g., GDPR, CPRA, FTC).
Counsel on product, privacy, and regulatory matters, serving as an expert on global privacy, data, product design, and information security.
Identify and mitigate risks in product, regulatory, privacy, and AI spaces while building scalable innovation processes.
Draft and negotiate detailed privacy agreements, including those with AI components or integration partnerships.
Write public-facing product and privacy disclosures, disclaimers, and terms of use.
Maintain expertise in global privacy and consumer protection laws relevant to our brands

Posted March 04, 2025

Univision – Senior Director, Privacy Counsel

Responsibilities:

Manage a best-in-class privacy framework for a growing digital/streaming business, directly advising senior business leaders and engineering teams
Expand and refine effective, practical controls for data collection, management, use, and storage/retention in alignment with global laws
Conduct Privacy Impact Assessments to analyze risks in new or updated products, platforms, and infrastructure, simultaneously building a digital library of product and legal documentation
Draft and negotiate appropriate privacy terms in various agreements with appropriate data use rights, including Data Protection Agreements and complex ad tech agreements
Provide guidance on information incident management, participate on our Information Incident Response Team, and coordinate tabletop exercises
Monitor developments in privacy laws, regulations, and privacy-enhancing technologies and brief senior leadership on potential business impacts or opportunities

Posted March 03, 2025

Neurocrine Biosciences – Senior Privacy Counsel

Responsibilities:

Design, implement, and maintain a comprehensive privacy program aligned with U.S. and international regulations, including but not limited to GDPR, UK GDPR, HIPAA, Switzerland’s FADP, TCPA, CAN-SPAM, and various U.S. state privacy laws
Develop and enforce company-wide privacy policies, standards, and procedures
Develop and deliver privacy training programs to educate employees on data protection obligations and best practices
Monitor developments in privacy laws and regulations globally, providing actionable guidance to the business on maintaining compliance
Ensure appropriate processes are in place for compliance with data protection regulations, including data subject rights, data processing activities, and cross-border data transfers
Conduct privacy impact assessments (PIAs) and data protection impact assessments (DPIAs)
Identify and remediate privacy risks, working collaboratively with relevant stakeholders
Serve as a key advisor to cross-functional teams, including IT, HR, marketing, and R&D, on privacy-related matters
Collaborate with legal counsel and external stakeholders on privacy issues and incidents
Lead and/or collaborate with colleagues on the investigation and resolution of any privacy incidents, including regulatory notifications and root-cause analyses
Provide regular updates to the leader and senior management on privacy compliance status, risks, and initiatives
Other duties as assigned

Posted March 01, 2025

Asana – Lead Privacy Counsel

Responsibilities:

Provide clear and practical advice to various teams throughout Asana on privacy and data protection laws, privacy-by-design, and data governance.
Develop and implement strategies around compliance with new and developing privacy and cybersecurity laws.
Help the business achieve their goals by advising on global compliance needs for customers in regulated industries like financial services, healthcare, and government.
Support Asana’s efforts towards achieving FedRAMP.
Keep up to date with new and existing data protection regulations and regimes, including but not limited to GDPR, LGPD, state privacy laws, privacy related AI regulations, and data transfer mechanisms.
Conduct DPIAs, privacy assessments, legitimate interest assessments, and other assessments for internal data processing activities and third-party vendors.
Be an ambassador for Asana’s privacy, data governance, and regulatory compliance program by delivering training and building out documentation and other programming.
Support global incident response and mature documentation and procedures.
Contribute to Asana’s global growth by supporting global privacy, data protection, and data governance initiatives.

Posted March 01, 2025

Clarivate – Privacy Legal Counsel

Responsibilities:

Serve as privacy lead for the Academic and Government business segment of Clarivate
Serve as primary contact for privacy and data protection related inquiries from internal stakeholders and customers
Provide actionable advice and legal counsel on privacy and data protection requirements and privacy-by-design best practices to product teams
Draft and negotiate privacy related provisions in commercial agreements, including data processing agreements
Operate across a range of privacy laws and frameworks, including GDPR, COPPA, CCPA/CPRA and other U.S. state privacy laws, PIPEDA
Work collaboratively and cross-functionally with colleagues and stakeholders to drive privacy-forward solutions for long term strategic efficiency
Assist the business in improving processes and systems to meet or exceed privacy and data protection compliance requirements, with an eye toward scalable and sustainable practice
Provide employee training and raise awareness on privacy and data protection obligations
Stay abreast of global privacy and data protection laws, regulations, and enforcement actions

Posted March 01, 2025

Alliant – The Audience Company – Counsel, Privacy, Security & Data Governance

Responsibilities:

Monitor for current and emerging regulatory developments (CCPA/CPRA; other State privacy and data broker laws; FCRA, FTC marketing guidance and more) and translate legal terms into data governance and privacy business requirements, providing regular updates to leadership and stakeholders.
Establish and manage data governance rules to work cross team to operationalize to enable principles such as privacy by design; data minimization; data suppressions, consent, DPIAs etc. as required.
Oversee data lifecycle management and ensure compliance, including data ingestion, classification, retention, and disposal processes.
Define and implement processes, workflows, and training material to equip support teams with the tools needed to maintain compliance.
Assist the team to record data protection impact assessments where required, and to identify and implement privacy controls and safeguards to mitigate risks.
Draft privacy notices and review consumer-facing material, including marketing and communications campaigns, for compliance with applicable privacy and data governance and protection requirements.
Maintain and update records of processing activities and data maps for all personal data processing activities, ensuring adherence to data protection laws, regulations, and standards.
Provide counsel and oversight to ensure preparedness for managing potential data security incidents and other events in compliance with regulatory and disclosure requirements including leading incident investigations, conducting data breach analysis and response efforts, investigations and managing third-party and insider risk assessments.

Posted March 01, 2025

* * *

Looking for an older job listing? In an effort to keep this page as up-to-date as possible, we have moved Job Listings older than the date above to our Condensed Job Listings page. We hope this comprehensive list will allow you to see the many different career opportunities that exist in Privacy and Data Security Law.

Privacy Law Job Listings

PRIVACY LAW JOB LISTINGS