PRIVACY LAW JOB LISTINGS

This page gathers privacy job listings. Check links for further details, including salary, qualifications, location, and responsibilities. We advise you to apply even if you don’t quite meet requirements for years of experience, as employers often don’t adhere strictly to such requirements. Please write to us if you know of privacy law job listings we should include.

NOTE: As we often don’t know when positions are filled, not all positions listed on this page are still open. Posted dates are approximations.

* * *

Databricks – Legal Counsel, Privacy

Responsibilities:

Advisory Role. Advise cross-functional stakeholders on potential privacy risks and regulatory requirements, including Technology, Security, and People Teams.
Privacy Program Compliance. Provide guidance to support further development, implementation, and maintenance of the Databricks privacy program, including data subject rights requests, data inventory, privacy by design, policies, and help operate and improve the effectiveness of critical privacy compliance processes
Contract Negotiation and Transactions. Counsel and advise on data protection-related provisions in commercial contracts, including updating templates for and negotiating data processing addendums and business associate agreements.
Privacy by Design and Risk Assessments. Advise business units on privacy legal considerations for new systems, features and system updates
Policy Development. Develop, review, and update privacy policies, programs, and procedures to align with legal requirements and best practices
Regulatory Analysis. Research and evaluate the applicability and impact of global privacy laws, legislation, and regulatory guidance on new business initiatives and processes.
Training/Cross Functional Collaboration. Build cross-functional relationships with business teams as well as other internal stakeholders. Provide strategic and timely client training on relevant issues and processes to ensure ongoing privacy compliance.

Posted Aug 30, 2025

Prove – Senior Privacy Counsel

Responsibilities:

Assist the CPO in growing, implementing, and managing the organization’s global data privacy and governance strategy.
Developing, implementing, and tracking measurable privacy-related Key Performance Indicators (KPIs) or similar metrics to audit program maturity.
Developing, implementing, and updating comprehensive internal and external privacy policies, privacy notices, and templates.
Drafting and negotiating Data Processing Agreements (DPAs), Standard Contractual Clauses (SCCs) and related internal templates.
Providing legal counsel on privacy clauses in commercial agreements.
Partner with other Prove stakeholders (such as Information Security, Engineering and Product, and Legal) to further incorporate privacy by design and privacy by default principles into company processes.
Addressing data subject requests, including optimizing intake processes and drafting supporting documents for prospect/client inquiries.
Lead internal privacy training initiatives, including Prove’s Privacy Champions Program.

Posted Aug 29, 2025

ALDI USA – Data Privacy Corporate Counsel II

Responsibilities:

Provides legal counsel on privacy and AI-related matters across departments, including marketing, eCommerce and IT.
Advises on AI use cases, vendor contracts, and data processing agreements (DPAs), ensuring alignment with privacy regulations and ethical standards.
Collaborates with cybersecurity and compliance teams to ensure cohesive data protection and AI risk frameworks.
Monitors and interprets evolving privacy and AI legislation and communicates implications to stakeholders.

Posted Aug 29, 2025

Polaris, Inc. – Privacy, Cyber Security, and AI Attorney

Responsibilities:

Guide and educate the business on best practices and trends in regard to consumer protection laws, privacy laws, cyber security, e-commerce, AI laws/regulations, and e-discovery issues.
Support the planning, design, development, implementation, maintenance of, and adherence to a comprehensive global privacy plan and a global Artificial Intelligence policy
Draft and negotiate vendor agreements with respect to data privacy, data protection, and AI utilization
Advise and support cybersecurity and information security leaders at all levels of governance, oversight, policy development, implementation, compliance, and monitoring; cyber security defense, preparedness and response; security products, systems, networks and operations
Participate in a risk-based assessment to provide strategic advice regarding various generative AI tools and provide guidance for adoption; the attorney will play a significant role in shaping and maturing AI policies, providing strategic advice and risk assessments to clients regarding their use of AI, and participating in industry advocacy concerning AI laws and regulations.
Draft and implement policies and procedures for the company surrounding privacy and security law, as well as the appropriate use of generative AI tools
Partner with business to help drive innovative products that are privacy centric by design
Lead cross functional projects by supporting strategic business priorities and influence decision making
Ensure that corporate data collection, storage and protection programs are consistent and comply with legal requirements

Posted Aug 27, 2025

Terumo Medical Corporation – Senior Corporate Counsel and Chief Privacy Officer

Responsibilities:

Develop, implement, update and oversee Terumo’s privacy, data management, and security programs in line with global and US privacy laws and regulations.
Develop, draft, update, implement, maintain and enforce internal and external privacy policies and procedures, data protection agreements, and other legal documentation to reflect evolving legal requirements and industry best practices. Draft, review, negotiate, and manage privacy related legal documents, including privacy notices, data processing agreements, data transfer agreements, business associate agreements, etc.
Analyze products and initiatives for privacy risks, conduct privacy impact assessments to identify and mitigate potential privacy issues.
Develop, deliver, and lead privacy training programs on privacy matters, including data protection.
Providing legal advice and guidance on data privacy, security, and compliance, including interpreting and applying regulations such as HIPAA/HITECH, GDPR, China’s PIPL, and US Federal and State laws.
Identify potential legal risk and develop strategies to mitigate risk on privacy matters, in conjunction with our global team members and global policies.

Posted Aug 27, 2025

Hims & Hers – Counsel, Privacy

Responsibilities:

Serve as a subject matter expert on U.S. and international privacy laws (including CCPA/CPRA, GDPR, HIPAA, and others) and apply your expertise across all business functions.
Lead privacy-related legal reviews of products and features, ensuring privacy-by-design principles are integrated early in the development process.
Provide actionable guidance on data subject rights, consumer consent management, data minimization, and retention practices.
Support privacy impact assessments, vendor due diligence, and data protection agreements.
Partner with the marketing and product teams on advertising technologies, analytics, and the use of customer data in a compliant manner.
Work closely with compliance, information security, and engineering to align legal requirements with operational controls.
Collaborate with the Public Policy team to evaluate proposed privacy laws and support the company’s advocacy efforts.
Help investigate and respond to privacy incidents and regulatory inquiries, and assist in ongoing development of incident response protocols.
Monitor legal and regulatory developments in privacy and data protection and translate them into clear, business-friendly guidance.

Posted Aug 26, 2025

AutoZone – Senior Counsel, Data Privacy

Responsibilities:

Evaluate and Strengthen Privacy Frameworks: Conduct a comprehensive assessment of the organization’s current data privacy posture. Design and implement a robust, scalable privacy program aligned with business goals and global regulations (e.g., GDPR, CCPA, LGPD), ensuring compliance and operational excellence.
Drive Strategic Privacy Leadership: Act as a trusted advisor to the business, offering forward-thinking guidance on emerging privacy laws and trends. Influence decision-making at all levels by translating complex legal requirements into actionable business strategies.
Collaborate on Risk Assessments and Mitigation: Partner with IT and cross-functional teams to lead Data Protection Impact Assessments (DPIAs) and other risk evaluations. Provide clear, practical recommendations to mitigate privacy risks and safeguard consumer trust.
Ensure Regulatory Compliance and Continuous Improvement: Monitor evolving privacy regulations and proactively update internal policies, procedures, and systems. Lead regular audits and risk assessments to identify gaps and implement corrective actions.
Champion Privacy Education and Awareness: Develop and deliver engaging training programs to promote a culture of privacy across the organization. Empower employees with the knowledge and tools to uphold data protection standards in their daily work.
Operationalize Privacy Across Channels: Ensure that all personal data collection and processing activities across digital, in-store, and third-party channels are compliant with privacy laws and reflected in company policies, contracts, and consumer rights responses.
Lead Governance and Cross-Functional Projects: Support ongoing data privacy governance initiatives. Manage complex projects involving legal, compliance, and business strategies in collaboration with internal stakeholders, external counsel, and service providers.

Posted Aug 26, 2025

Avalara – Privacy & AI Legal Counsel

Responsibilities:

You will cooperate on the drafting, maintenance and management of internal policies, processes and procedures, as well as external privacy and AI documentation.
You will cooperate on the drafting, implementation, maintenance and support of templates and playbooks (e.g., DPAs and AI addenda/terms)
You will work cross-functionally to provide guidance focused on balancing best-in-class privacy and AI compliance with a proactive, business-friendly and technically sound approach.
You will support the Product Privacy and AI team with global privacy and AI projects and initiatives as required from time to time, including assessing and analysing operational, regulatory and legal implications of ongoing and future M&A and corporate transactions
You will contribute to strategic analysis of legal implications of processing data, primarily around new products and technology enhancements, including GenAI
You will find creative solutions to minimize privacy and AI risks while enabling business goals
You will collaborate with teams across Avalara to help drive a global data protection and AI program and governance structure consistent with relevant and applicable laws and regulations
You will stay current with applicable and emerging global data privacy and AI laws, including CCPA, GDPR, and other U.S. and international privacy and AI laws

Posted Aug 25, 2025

Walmart – Senior Counsel, Privacy – Generative AI (GenAI) and Biometrics (Digital Citizenship)

Responsibilities:

Provide strategic legal counsel on privacy, data protection, and ethical use of GenAI models and biometric technologies.
Advise on compliance with global privacy laws and regulations, including but not limited to GDPR, CCPA/CPRA, BIPA, other US state privacy laws related to biometric data, and evolving AI regulations.
Partner with product and engineering teams to design and implement privacy-by-design frameworks and risk mitigation strategies.
Support the development of internal policies, training, and governance structures for GenAI and biometric data use.
Review agreements for terms related to privacy, specifically, AI-specific vendor contracts, and biometric disclosures.
Monitor global legal and regulatory developments in privacy, AI, and biometrics; provide proactive guidance to internal stakeholders.
Collaborate with privacy operations, security, and incident response teams to manage risk and address incidents involving AI or biometric data.
Support engagement with regulators and industry groups to shape best practices and emerging standards.

Posted Aug 23, 2025

Boehringer Ingelheim – Director, AI Governance & Data Privacy Counsel

Responsibilities:

Serve as the primary legal advisor on AI governance and data privacy matters, in alignment with Artificial Intelligence Responsibly (AIR), across Human Pharma and Animal Health business units
Ensure compliance with federal and state regulations related to AI, data privacy, and emerging technologies. Monitor and interpret evolving laws and regulations related to AI and data privacy, and assess their impact on the organization
Evaluate high-risk AI models and provide legal guidance on risk mitigation strategies and document reviews in the AI risk radar/model inventory, including classification by risk level and business purpose)
Collaborate closely with the AI Center of Excellence (CoE) to align business valuation of AI use cases with legal and regulatory risk profiles. Collaborate with other cross-functional teams, including the Global Data Privacy & AI Team
Develop and implement policies, procedures, and best practices for AI governance and data privacy
Provide training and guidance to internal stakeholders on AI governance, data privacy, and ethical AI use
Represent the organization in discussions with regulators, industry groups, and external stakeholders on AI and data privacy issues
Stakeholder Engagement: Communicate effectively with both technical and non-technical stakeholders. Motivate, foster buy-in, support, and enthusiasm for AI initiatives compliantly

Posted Aug 21, 2025

Electronic Arts (EA) – Legal Counsel, Privacy

Responsibilities:

Partner with the Privacy Team to design, implement, and continuously enhance a comprehensive global privacy program focused on risk assessment, control design, compliance monitoring, and long-term program evolution.
Advise on complex or high-risk privacy issues in game development, deployment, live services, marketing/ad-tech, marketplace/commerce tools, and player engagement features.
Act as the primary legal partner for central technology and engineering organizations, embedding privacy-by-design from concept through launch across shared platforms, back-end systems, cross-game infrastructure, and enterprise-wide internal tools.
Shape and refine internal privacy and data governance policies, playbooks, and practical guidance.
Deliver legal research and actionable advice on emerging global privacy regulations, while building subject-matter expertise on key laws and issues.
Guide vendor and partner privacy diligence, including third-party integrations such as SDKs, ad-tech, analytics, and cloud providers.
Contribute to incident response readiness and execution, including data breach investigations, regulator notifications, and player- and employee-facing communications.
Support responses to regulator inquiries, audits, and investigations, in collaboration with cross-functional partners.
Develop targeted training and awareness programs for studios, engineers, and business partners to reinforce privacy and data protection best practices.
Track organizational processes and internal controls, conduct effectiveness reviews, and complete documentation (such as PIAs/DPIAs, and RoPAs) to demonstrate compliance and drive continuous improvement.

Posted Aug 20, 2025

AbbVie – Senior Counsel, Legal Privacy & Data Security

Responsibilities:

Strategic and day-to-day legal support for business functions (both aesthetics and therapeutics).
Monitor and advise on compliance and implementation positions for emerging data privacy laws.
Support global privacy contracts and M&A legal teams regarding data privacy legal questions, contract reviews, and negotiations.
Draft, review, negotiate, and manage data privacy and protection terms for a variety of transactional agreements, including master services agreements, professional services and consulting agreements, statements of work, BAAs, business technology agreements, and supply agreements.
Support the AbbVie privacy compliance office regarding the operation of AbbVie’s global privacy program.
Monitor and advise on the implications of privacy laws on artificial intelligence and emerging technologies.
Legal support for information security risk management team, including data breach analysis and response, third party risk management, and insider risk.
Draft and review privacy notice, consent, and contract templates, both globally and regionally.
Manage and supervise external privacy counsel work.

Posted Aug 13, 2025

Fantatics – Legal Counsel – Privacy

Responsibilities:

Regulatory Compliance: Advise on compliance with U.S. and international privacy laws such as the CCPA/CPRA, GLBA, FCRA, CAN-SPAM, TCPA, and other state and federal privacy regulations.
Financial Privacy: Serve as subject matter expert on financial privacy laws including GLBA, Reg P, and applicable SEC and CFPB guidance for financial services or fintech-related operations.
Product & Data Counseling: Partner with product, engineering, and marketing teams to ensure privacy-by-design principles are embedded into products and services.
Policy & Program Development: Help design, implement, and maintain privacy policies, internal protocols, and training initiatives across the organization.
Contract Negotiation & Review: Draft and negotiate data protection agreements (DPAs), vendor agreements, and terms involving data sharing, retention, and security obligations.
Incident Response Support: Provide legal counsel on data breach and incident response activities, including notification obligations and coordination with regulators.
Regulatory Monitoring & Risk Assessment: Stay abreast of developments in U.S. privacy law and proactively assess their impact on the business. Recommend changes to mitigate legal and reputational risk.
Strategic Legal Support

Posted Aug 12, 2025

Chevron – Counsel, Cybersecurity

Responsibilities:

Provide day-to-day legal advice to all operating units globally and members of the Chevron Enterprise AI team on all aspects of cyber, and AI compliance legal requirements.
Advise on foreign, federal, and state cybersecurity regulations and laws.
Support implementation of cybersecurity controls within Chevron business units, as required by regulation, and interface with regulators as necessary to advocate for Chevron’s position and seek alignment.
Provide legal advice on issues related to information technology initiatives, including data governance, information retention, data transfer, and AI initiatives.
Support incident response processes for cyber and data privacy incidents including handling legal aspects of compliance with foreign and domestic laws regarding data breaches.
Develop and deliver relevant compliance training to company personnel.
Advise on legal compliance in connection with internal investigations and forensics requests.
Advise on responsible AI, AI governance, and AI regulations globally.
Provide secondary support, as needed, on data privacy and competition law.

Posted Aug 8, 2025

Eli Lilly and Company – Senior Director, Digital Legal Office – Health and Wellness Privacy Counsel

Responsibilities:

Serve as the primary legal advisor on HIPAA Privacy and Security Rules, HITECH, and related healthcare data protection laws.
Provide legal counsel on the design and implementation of digital health technologies, Pharmacy Management Systems, EHR platforms, health plans, onsite employee health clinics and related primacy care services, mobile health applications and other healthcare IT solutions.
Advise on legal risks and mitigation strategies related to pharmacy intake and dispensing operations, including patient data intake, prescription processing, and digital consent.
Draft, review, and negotiate contracts involving protected health information (PHI), including Business Associate Agreements (BAAs), data sharing agreements, and vendor contracts.
Collaborate with IT, Compliance, and Product teams to ensure privacy-by-design principles are embedded in all digital solutions.
Monitor and interpret evolving federal and state privacy laws (e.g., CCPA, CPRA, state-specific pharmacy laws) and advise on their impact.
Support incident response and breach notification processes in accordance with HIPAA and state breach laws.
Provide training and education to internal team members on HIPAA, digital privacy, and pharmacy compliance.
Draft and review, and otherwise support negotiations regarding privacy provisions in a wide variety of agreements
Oversee legal response to data breaches or privacy/security incidents including investigations, notifications, and remediation
Support audits, regulatory inquiries, and enforcement actions

Posted Aug 7, 2025

Nutanix – Privacy Counsel

Responsibilities:

Lead with Vision: Drive global privacy, AI, and data governance initiatives that shape how Nutanix builds and delivers cutting-edge technology.
Be a Trusted Advisor: Partner cross-functionally with product, engineering, HR, marketing, procurement, and compliance teams to embed privacy into everything we do.
Innovate with Purpose: Design and implement scalable privacy-by-design frameworks, AI risk assessments, and governance tools that enable responsible innovation and minimize risk.
Empower Through Enablement: Create engaging training, playbooks, and resources that de-mystify privacy and empower teams to make informed decisions.
Navigate Complexity: Provide strategic legal guidance on evolving U.S. and global privacy laws, emerging AI regulations, and ethical data use.
Drive Operational Excellence: Support audits (such as ISO 27001, 27701, and SOC II), Records of Processing and Data Mapping, PIAs, DPIAs, AI risk assessments, DSARs, and incident response with precision and agility.

Posted Aug 6, 2025

TD Bank – Counsel – Privacy & Cybersecurity

Responsibilities:

Provides consistent and sound legal advice in a clear, concise and responsive manner by taking initiative to develop legal knowledge and skill; knowing relevant substantive law, identifying legal issues; knowing the business and its products, operations, strategy, risk appetite and regulatory environment; owning the role of interpreting legal requirements through a balanced understanding of the law and business context to formulate relevant legal theories; and identifying business issues and policies related to the legal requirements, describing legal issues and options to the client
Identifies conflict situations and brings more senior lawyers into the decision-making process as appropriate by identifying situations when actions that the business unit wants to take conflicts with TD’s risk appetite and discusses with client how particular actions might be inconsistent
Effectively contributes to and/or leads negotiations and conflict resolutions by gathering supportive information in preparation for the negotiation, understanding the dynamics of the process and displaying an effective combination of firmness, tact, patience and respect in dealing with all parties involved

Posted Aug 4, 2025

VeraSafe – Privacy Counsel (Full Time, Remote Position)

Responsibilities:

Assessing client information systems for compliance with data protection laws and regulations
Drafting data protection agreements, addenda, and amendments
Advising clients on privacy-related product improvements
Researching legal issues and composing legal opinions/memoranda
Writing privacy law related articles and blog posts
Assisting in the development of in-house legal templates
Contributing to the development of internal procedures and methodologies
Collaborating with a team of intellectual peers who value cooperation and community.

Posted July 31, 2025

Bridgestone Americas – Assistant General Counsel, Data Privacy

Responsibilities:

Enhance and expand Bridgestone’s privacy program to align with the evolving business needs and regulatory requirements in the West.
Implement privacy procedures and compliance frameworks across the West, with a particular focus on operations in the Americas.
Provide expert counsel on data privacy laws and privacy frameworks.
Partner with business leaders to integrate privacy best practices and “privacy by design” controls into corporate strategy and operations.
Lead training and awareness initiatives to promote a strong privacy culture throughout the organization.
Advise on data governance, risk assessment, incident response, and contract negotiations related to privacy compliance.
Serve as a key driver of change management, ensuring privacy priorities are effectively communicated and adopted across business units.
Support strategic Information Security and Data Governance projects relating to personal data and evaluate and address privacy risks.
Stay ahead of evolving privacy laws, business implementation trends and proactively recommend compliance strategies.

Posted July 29, 2025

Coinbase – Associate General Counsel, Privacy & Data Protection

Responsibilities:

Developing, implementing, and scaling Coinbase’s privacy program in partnership with Privacy Operations.
Deliver privacy legal advice and guidance to Coinbase’s product teams.
Track the rapidly changing landscape of global data protection laws, regulations, and standards, and translate them into clear requirements and actionable guidance for business and product stakeholders.
Participate in large, cross-functional projects involving data governance, data protection, and data request tools and settings for our privacy-conscious customer base.
Partner with Security and Trust & Risk to respond to privacy incidents, regulatory inquiries, law enforcement demands, and other information requests.
Oversee the drafting of and regular updates to privacy-related notices, disclosures, transparency reports, policies, and procedures.
Collaborate with Privacy Operations to build cross-functional relationships and spearhead data protection training and awareness programs to foster a privacy-centric environment throughout Coinbase.
Collaborate with product teams to implement privacy-forward, secure, and customer-centric product design.

Posted July 28, 2025

Machinify – Privacy Counsel

Responsibilities:

Support our global privacy program and advise internal teams on privacy, data protection, healthcare, and AI matters (e.g., U.S. state privacy laws, HIPAA, HITECH, GDPR, ePrivacy Directive, PECR, etc.).
Collaborate with internal stakeholders to assess legal risk and support initiatives.
Develop, refine, and implement policies, procedures, and playbooks to ensure compliance with applicable regulations.
Provide legal support for incident response, vendor risk reviews, audits, and data subject rights requests.
Understands the letter of the law and can approach problems in a practical, principled way.
Complete compliance documentation (records of processing, risk assessments, data privacy impact assessments, etc.)
Draft and negotiate privacy, data, AI, and commercial terms with vendors.
Monitor legal developments related to privacy, data protection, marketing, and AI laws and regulations, and supervisory authorities’ guidance and decisions.

Posted July 25, 2025

Western Union – Director, Counsel Cybersecurity

Responsibilities:

Provide strategic legal advice on cybersecurity laws, regulations, and frameworks (e.g., NIST, PCI-DSS, SOC 2, ISO 27001, DORA, NIS2).
Draft and refine cybersecurity policies, risk assessments, and governance frameworks.
Advise on incident response planning, breach notification obligations, and post-incident reviews.
Support cybersecurity-related aspects of contracts, including vendor risk, data security terms, and regulatory compliance.
Collaborate with privacy counsel to embed security-by-design and privacy-by-design principles across the enterprise.
Engage with regulators and industry bodies on cybersecurity initiatives and compliance matters.
Partner with product, engineering, and business teams to support secure development of new technologies and services.
Monitor emerging cybersecurity threats, legal developments, and best practices to proactively manage risk.

Posted July 23, 2025

Demant – Senior Privacy Counsel

Responsibilities:

Design, implement, and continuously update the company’s US privacy program in line with federal and state privacy laws and regulations.
Develop, draft, revise, implement and maintain privacy-related policies and procedures.
Ensure that all policies are up to date with the latest privacy laws, regulatory requirements and best practices.
Conduct risk assessments and internal audits to identify and mitigate potential privacy issues.
Work closely with business leaders to ensure that all transactions and privacy concerns comply with relevant laws and regulations, including securities law, antitrust law, and industry-specific regulations.
Advise internal stakeholders on privacy matters on various issues, including but not limited to, Health Insurance Portability and Accountability Act (HIPAA), HITECH, federal and state privacy laws, TCPA, investigating breaches, and reviewing IT contracts and licensing agreements.
Provide practical guidance and innovative solutions for privacy issues.
Monitor and analyze changes in privacy laws and regulations and communicate their impact on the organization.
Design and deliver training programs for employees on privacy matters, including HIPAA, breaches, and patient privacy laws.
Serve as a resource for employees on privacy related inquiries and issues.
Lead investigations into breaches, prepare reports, and recommend corrective actions.
Prepare and maintain documentation related to privacy activities, including reports to senior management and regulatory bodies.
Ensure accurate and timely reporting of any privacy issues or breaches to appropriate authorities.
Serve as the primary contact for regulatory agencies and manage all communications regarding privacy matters and breaches.
Ensure the organization’s timely response to any regulatory inquiries or investigations.
Coordinate and manage external legal counsel as necessary, ensuring cost-effective and high-quality legal services.

Posted July 23, 2025

The Trade Desk – Associate General Counsel, Privacy

Responsibilities:

Draft and maintain external data privacy disclosures (such as privacy policies and other public data compliance / security statements) as well as internal privacy documentation (DPIAs, ROPAs, LIAs) pertaining to our data processing activities.
Work collaboratively with Information Security, Trust & Safety, and other cross-functional data teams to identify opportunities to enhance our internal legal policies for how the company manages personal data, and draft and maintain those policies (such as data retention, cross-border data transfers, data access controls).
Counsel our Product team on associated data compliance product designs (such as data access/deletion and opt-out tools).
Help build and standardize internal information sharing and record-keeping workflows with respect to personal data being processed by the company, in close collaboration with your other privacy and data governance colleagues, product counsel, and commercial data attorneys (as well as our DPO and cross-functional teams).

Posted July 22, 2025

Fox Corporation – Vice President (Attorney), Privacy and Data Security/Consumer Privacy Experience

Responsibilities:

Ongoing compliance with privacy and data security laws and self-governing frameworks and standards, including advice and counselling, management of initiatives, and any required related written work product
Draft and negotiate privacy and data security contract language
Draft privacy policies and other notices
Conduct internal privacy education and training
Respond to privacy rights requests
Provide support in connection with policy, government relations, legislation, and litigation related to privacy and data security
Partner with FOX colleagues and business leaders to implement principles, such as privacy by design
Remain up to date on relevant privacy and data security laws and regulations, as well as on technological developments, threat vectors and evolving industry standards to ensure an ongoing ability to provide sound compliance advice
Support co-CPOs and Information Security Teams on incident response

Posted July 21, 2025

Cencora – Senior Counsel – Data Governance, Privacy, and Cybersecurity

Responsibilities:

Advise clients on complex legal, regulatory, and policy questions in the areas of data privacy and protection (including federal and state laws and regulations in the general privacy and healthcare arena, particularly focusing on HIPAA, state privacy laws, Canadian provincial laws, etc.), cybersecurity (e.g., CMMC, NIST cybersecurity frameworks, ISO 27001, HITRUST, etc.), and artificial intelligence (including the NIST RMF, the growing body of state and local AI laws, etc.).
Draft, review, and/or negotiate various contracts, including healthcare- and HIPAA-related agreements and contract provisions dealing with privacy, cybersecurity, AI, and other data protection and operational continuity issues. This work also envisions creating template agreements and associated playbooks to expedite contracting issue management in privacy, cyber, and AI law arenas.
Assess and help mitigate harms associated with privacy and cybersecurity incidents through clear communication, disciplined issue escalation, and partnership with other privacy, cybersecurity, and business stakeholders.
Conduct reviews of new customer- and/or vendor- related technology proposals entailing privacy, cyber, and/or AI risks and offer pragmatic, creative solutions reflecting privacy and security by design concepts.
Demonstrate strong and calm decision-making capability and communication skills in the midst of time-sensitive incidents or high-risk business proposals requiring escalation to senior levels of leadership.
Manage competing projects and reviews with agility, effectively multi-tasking and prioritizing work to ensure that high value and/or high-risk business needs and projects are addressed in an efficient and strategically stream-lined way.

Posted July 20, 2025

SiriusXM – Associate General Counsel, Privacy

Responsibilities:

Work collaboratively and effectively with stakeholders across the SiriusXM enterprise, including Information Security and business leads
Assist in communication and rollout of regulatory compliance initiatives across brand entities; work with brand SMEs to define business requirements for compliance with privacy legislation, trade and industry guidelines, the Automotive Alliance privacy principles, and other frameworks applicable to the audio, connected vehicle and advertising businesses
Coordinate US privacy governance with European privacy team
Provide privacy-by-design consultation at early development stage for new products and/or uses of personal data to ensure data governance and policy compliance
Assess new business processes for privacy impact; draft risk assessments
Provide legal and privacy guidance on customer and vendor due diligence questionnaires.
Negotiate data processing agreements and other data-related contract provisions
Maintain and update internal and external privacy policies
Conduct internal training for business teams on data privacy rules and policies
Support privacy incident response investigations and remediation
Maintain currency of knowledge of laws, regulations, court decisions, and industry best practices on privacy, data protection, artificial intelligence, biometrics, and consumer regulations as related to data collection, use and processing.

Posted July 19, 2025

News Corp – Counsel, Privacy

Responsibilities:

Track and advise on international and domestic legal, regulatory and policy developments relating to data collection and use, online advertising, tracking and analytics and related issues.
Help implement and improve upon News Corp’s global data privacy requirements and related procedures, including notice and consent requirements, data transfer requirements, vendor due diligence, etc.
Complete and review privacy impact assessments, vendor questionnaires, records of processing activities, individual data rights requests, and similar data privacy compliance documentation.
Assist with drafting and negotiating privacy/data protection/security terms for third party agreements.
Counsel business and technology teams on privacy issues in connection with human resource management and business/consumer activities (e.g., online/digital advertising, marketing, digital and mobile initiatives).
Together with the Global Cybersecurity Team, assist with potential data breach incidents, any required breach notifications, and any required remediation.

Posted July 18, 2025

TikTok – Privacy Counsel, Americas Public Policy

Responsibilities:

Anticipate and shape the future of tech policy by partnering with internal and external legal and government affairs teams to track, interpret, and respond to emerging privacy and monetization legislation in the United States.
Provide actionable and practical advice on privacy and monetization product launches.
Craft compelling, clear messaging that demystifies complex privacy and monetization related legal and policy issues for a broad audience—ensuring our public policy communications are both accurate and impactful.
Navigate regulatory change with confidence, working hand-in-hand with legal counsel and government affairs experts to stay ahead of shifting tech regulations and safeguard the company’s operations across the region.
Advocate externally for TikTok, clearly articulate company positions with a broad variety of stakeholders.
Work on emerging technology policy issues, as needed, and assume leadership over projects and initiatives on TikTok’s public policy subject matter expert team.

Posted July 15, 2025

GE Appliances – Associate General Counsel- Data Privacy and Cybersecurity

Responsibilities:

Develop, implement, and lead a global privacy strategy that aligns with Company’s objectives, relevant laws and regulations, and industry best practices
Serve as a point of contact for privacy and security‐related customer and regulatory inquiries and investigations
Lead the Company’s Privacy Committee and Executive Privacy Council
Present Privacy Program updates to C‐Suite, Board of Directors, Governance and Risk Committees
Work closely with Chief Digital Technology and Information Security teams to document Data Governance strategies and classification standards
Work closely with business teams on product innovation, data mapping, data collection, and PIA assessments
Work with cross‐functional teams to draft and review privacy policies, procedures, internal and external facing privacy notices to ensure compliance with privacy and cybersecurity laws
Collaborate with internal business teams, such as legal, information technology, engineering, and business units, to resolve complex privacy and risk management issues and to assess cybersecurity measures and response protocols
Stay informed of changes and developments in privacy laws, regulations, standards, and guidance, and communicate these changes effectively to relevant stakeholders
Lead education programming and training for employees in data privacy and cybersecurity to foster a culture of security and privacy

Posted July 11, 2025

RVO Health – Senior Corporate Counsel, Privacy

Responsibilities:

Provide legal and privacy guidance to all business lines focusing on healthcare technology, digital advertising, marketing, digital media, and publishing.
Support an expanding, comprehensive consumer healthcare platform and ensure compliance with global, federal, and state privacy, data protection, and healthcare laws.
Collaborate with enterprise teams to incorporate privacy-by-design in product development and enhancement.
Conduct enterprise privacy training on company privacy policies and relevant data protection laws.
Stay updated on global, federal, and state privacy laws and data protection regulations, assessing their impact on company products and services.
Assist with incident response and investigations

Posted July 10, 2025

American Express – Manager & Counsel, Privacy & Data Law

Responsibilities:

Advise B2C and B2B businesses with day-to-day data protection and privacy queries across the U.S. region, including across nascent and developing areas.
Provide guidance for new product launches, strategic initiatives, and practical risk mitigation strategies.
Draft and negotiate commercial agreements relating to data protection and privacy, including co-brand and business partner agreements and data processing agreements.
Oversee the development and maintenance of data privacy related policies and guidance, including reviewing and drafting privacy notices and disclosures.
Draft and uplift data protection and privacy templates and guidance documents/playbooks.
Provide legal support for regulatory change management projects

Posted July 8, 2025

Regeneron – Director, Privacy Counsel

Responsibilities:

Providing advice and counseling on a wide range of privacy and related issues such as advising on sensitive data, digital advertising, and use of emerging technologies/AI.
Strategically assess potential privacy risks on new projects, including risk-mitigation counseling and advising on appropriate controls.
Monitoring emerging regulations and supporting the operationalization of compliance with evolving laws.
Upkeep and development of internal policies, procedures, and guidance documents; educating business clients through training and awareness programs; Improving and counseling on privacy program operations.
Leading Regeneron’s Privacy Steward Council to drive initiatives that enhance data privacy across the organization.
Collaborating with our Government Affairs division on opportunities to influence legislation.
Assisting contracting teams in drafting, maintaining, and negotiating data processing agreements.
Participating in industry group meetings to stay updated on best practices and emerging trends.

Posted July 6, 2025

William Blair – Counsel/Senior Counsel and Privacy Compliance Officer

Responsibilities:

Provide global legal guidance and leadership to internal teams on privacy matters that affect the firm, with an eye towards holistic impact.
Serve as subject matter expert and resource on issues related to privacy and data protection.
Monitor the evolution of the privacy regulatory landscape in various jurisdictions and incorporate new laws and regulations into the privacy framework.
Draft internal and external privacy notices and disclosures, contract templates, and related data privacy and protection documents.
Review third-party vendor contracts for compliance with privacy and data protection requirements, including cross-border data processing and standard contractual clause requirements.
Work effectively across business units and internal functions to resolve business and risk management issues related to privacy and data protection.
Serving as a primary point of contact for data privacy supervisory authorities across the globe.
Coordinate with internal stakeholders to create and manage data use in compliance with the firm’s privacy framework and relevant privacy laws.
Manage the general life cycle of data recording and deletion at the firm, including documentation of processing activities, an organizational data map, cookie compliance, and a process to maintain the integrity of records.
Create, implement, and record privacy assessments, including privacy risk and transfer impact assessments, and other required privacy procedures to ensure compliance with global privacy laws.
Respond to and manage privacy related inquiries and investigations on a global basis, including complex privacy-related complaints, data subject requests, and support for interactions with local privacy authorities.
Maintain processes and readiness to address personal data breaches.
Develop and deliver privacy training to business stakeholders across the firm.

Posted July 5, 2025

Ibotta – Privacy Lawyer

Responsibilities:

Advise on privacy and data protection laws and regulations, including GDPR, CCPA/CPRA, Colorado Privacy Act, FTC Act, ePrivacy Directive, and other global frameworks.
Draft and negotiate data processing agreements (DPAs), privacy terms, and contractual provisions related to data acquisition, use, licensing, and transfer.
Lead and support privacy impact assessments (PIAs), data protection impact assessments (DPIAs), and record-keeping obligations.
Partner with product, engineering, and security teams to ensure products are designed and maintained in compliance with privacy laws.
Develop and maintain internal policies, procedures, and training programs related to data privacy.
Develop and maintain external privacy notices, policies, and other privacy-related regulatory disclosures.
Monitor regulatory developments and guide the company’s response to new and evolving data protection laws.
Support incident response and breach notification processes as needed.
Liaise with external counsel and regulators, as appropriate.

Posted July 5, 2025

Neurocrine Biosciences – Senior Privacy Counsel

Responsibilities:

Design, implement, and maintain a comprehensive privacy program aligned with U.S. and international regulations, including but not limited to GDPR, UK GDPR, HIPAA, Switzerland’s FADP, TCPA, CAN-SPAM, and various U.S. state privacy laws
Develop and enforce company-wide privacy policies, standards, and procedures
Develop and deliver privacy training programs to educate employees on data protection obligations and best practices
Monitor developments in privacy laws and regulations globally, providing actionable guidance to the business on maintaining compliance
Ensure appropriate processes are in place for compliance with data protection regulations, including data subject rights, data processing activities, and cross-border data transfers
Conduct privacy impact assessments (PIAs) and data protection impact assessments (DPIAs)
Identify and remediate privacy risks, working collaboratively with relevant stakeholders
Serve as a key advisor to cross-functional teams, including IT, HR, marketing, and R&D, on privacy-related matters
Collaborate with legal counsel and external stakeholders on privacy issues and incidents
Lead and/or collaborate with colleagues on the investigation and resolution of any privacy incidents, including regulatory notifications and root-cause analyses
Provide regular updates to the leader and senior management on privacy compliance status, risks, and initiatives

Posted July 4, 2025

Insulet Corporation – Senior Privacy Counsel

Responsibilities:

Insulet is committed to balancing innovation while protecting individual privacy and has embraced privacy and data protection as core to the successful execution of our business strategy. As part of that commitment, Insulet has established a robust privacy program and is adding talent to our US Data Compliance and Privacy team – Legal Department.
The Sr Manager – Privacy Counsel role will ensure compliance with privacy and data protection laws (e.g. HIPAA, CCPA, GDPR) while enabling data-driven innovation, with particular focus on supporting Insulet’s projects in North America.
The position will report to the Director, Data Compliance and Privacy who provides global privacy and AI compliance support.
The ideal candidate will have the ability to think and act both strategically and tactically with respect to the needs of business clients and their objectives while ensuring that Insulet remains compliant with privacy and data protection laws and other laws relating to data as well as industry best practices in medical devices/ digital health industry.

Posted July 3, 2025

Norwegian Cruise Line Holdings – Director Associate Counsel Data Privacy

Responsibilities:

Lead the development and execution of privacy, data protection, and artificial intelligence compliance strategies across enterprise-wide contract negotiations, ensuring robust risk mitigation and alignment with NCLH’s legal and business objectives.
Serve as a strategic advisor to senior leadership and business units by reviewing new and evolving initiatives for compliance with global privacy, data protection, and AI regulations, ensuring the organization maintains a proactive and compliant posture.
Drive regulatory compliance in consumer communications and marketing initiatives, offering strategic oversight to ensure alignment with consumer protection, advertising, and digital engagement laws.
Lead cross-functional collaboration in incident response efforts, including high-impact data breach investigations and reporting, working closely with the Office of Cybersecurity, Digital Experience Team, and Data Governance to ensure effective containment, analysis, and compliance.
Monitor and assess global regulatory trends in privacy and AI, translating legal developments into actionable business strategy and advising the organization on emerging risks and opportunities.
Direct the design, implementation, and continuous improvement of NCLH’s privacy and AI compliance frameworks, including policies, procedures, data handling protocols, and stakeholder communications.
Develop and oversee enterprise-wide training and awareness programs, cultivating a culture of compliance and accountability around privacy, data protection, and responsible AI use across all levels of the organization.
Provide leadership for key Privacy Office programs, including enterprise privacy impact assessments (PIAs), AI risk assessments, website tracking audits, and fulfillment of data subject rights under global privacy regulations.

Posted July 3, 2025

Take-Two Interactive – Senior Director & Counsel, Privacy

Responsibilities:

Provide day-to-day and strategic privacy advice to Take-Two’s game labels and corporate services including on product development, marketing, marketing technology, analytics, and employment activities
Apply practical, risk-based privacy approaches to a variety of complex privacy and data issues involving new technologies, AI, and game services delivered through console, PC, mobile, and web experiences
Serve as a privacy lead and manage privacy reviews across multiple games and key projects simultaneously
Guide the maintenance and continued development of the privacy program including data diligence, PIAs / DPIAs, policies and procedures, compliance, and training
Lead pre-contract privacy diligence and review / negotiate privacy terms with vendors and business partners – including collaboration across Legal, Security, HR, and game publishing labels
Collaborate with customer support, technology, security, and data teams to help address data requests, regulatory inquiries, and incident response
Serve as part of a global team of lawyers, paralegals, and staff helping Take-Two’s game labels create the most innovative and creative products as efficiently as possible

Posted July 3, 2025

Instacart – Privacy Counsel

Responsibilities:

Global Privacy Leadership. Advise on global privacy regulatory and industry developments, assessing impact on and ensuring alignment with Instacart’s global objectives.
Drive privacy compliance and awareness across Instacart, including in product development, engineering, advertising, marketing, data science, HR, business development & sales, security and the global policy team.
Incident Management. Lead privacy and data security event response teams.
Innovation Leader. Serve as privacy subject matter expert for Instacart’s key initiatives, including artificial intelligence, personalization, advertising, Instacart Health and smart carts.
Strategic Program Management. Drive privacy initiatives and governance programs to scale across the organization, working in partnership with our privacy engineering and risks teams on the maturation and operationalization of Instacart’s privacy program operations.
Partner with legal team colleagues on commercial transactions and M&A activity

Posted July 2, 2025

Docusign – Sr. Legal Counsel, Cybersecurity

Responsibilities:

Provide expert legal advice to our teams as it relates to managing cybersecurity risks and compliance with global cybersecurity laws and regulations
Provide legal guidance on regulatory, third-party, and internal security audits, and work with teams to scope and perform periodic security hygiene assessments, mitigation and remediation
Help enhance Docusign’s data governance posture, including data governance operations and documentation, employee training on data governance and security obligations, promoting a culture of awareness and compliance throughout the organization, policy enforcement, data compliance program monitoring and auditing, and third-party risk assessment
Collaborate with the global legal team to align security and data practices across the company, ensuring a unified approach to data protection
Support building and improving incident detection and response processes
Provide support and counsel during cybersecurity-related investigations and the response to data incidents, including breach notification and mitigation strategies, to minimize impact and maintain trust
Remain up-to-date on relevant data security laws and regulations, industry approaches to data governance program management, and on data compliance and security technological developments, threat vectors, and evolving industry standards to provide solutions to complex issues
Help prepare board and executive presentations, regulatory filings, and other legal disclosures to ensure accuracy and completeness of cybersecurity representations
Support global AI governance, helping the business teams continue innovating responsibly

Posted July 1, 2025

Atlassian – Director of Privacy, Data Counsel

Responsibilities:

Collaborate with Legal teammates, product teams, and engineering teams to build trustworthy, privacy-conscious products our customers love
Advise business teams on privacy considerations for customer data lifecycle and use, including with AI and machine learning
Partner with cross-functional stakeholders and leadership (including trust, marketing, sales, and others) on customer privacy initiatives
Scale Atlassian’s privacy program by developing and implementing customer data lifecycle policies, practices, and processes
Drive awareness of data privacy, including developing business trainings and guidance

Posted July 1, 2025

* * *

Looking for an older job listing? In an effort to keep this page as up-to-date as possible, we have moved Job Listings older than the date above to our Condensed Job Listings page. We hope this comprehensive list will allow you to see the many different career opportunities that exist in Privacy and Data Security Law.

Privacy Law Job Listings

PRIVACY LAW JOB LISTINGS