Job Description

We are seeking a strategic and pragmatic legal leader to join our Legal Department as Senior Counsel, Privacy, Security, AI, and Data Governance. This role will advise senior leadership and cross-functional teams on legal matters related to privacy, cybersecurity, artificial intelligence, and enterprise data governance. The ideal candidate will be a trusted advisor who balances compliance and risk mitigation with innovation and business enablement.

Key Responsibilities

• Strategic Advisory

  • Counsel senior leadership on privacy, cybersecurity, and AI governance to support innovation and customer trust.

  • Shape enterprise data governance strategies that align with regulatory requirements and business goals.

• Privacy & Security Compliance

  • Advise on U.S. and global privacy laws (e.g., CCPA, GDPR, HIPAA) and regulatory trends.

  • Partner with product, marketing, and technology teams to embed privacy and security into customer-facing initiatives.

  • Lead privacy impact assessments (PIAs/DPIAs) and data protection reviews.

• Cybersecurity Legal Support

  • Provide legal guidance for cybersecurity programs, including incident response planning and execution.

  • Support internal investigations, audits, and regulatory inquiries related to data practices.

• Contract Negotiation & Vendor Management

  • Draft and negotiate data-related agreements, including data sharing, processing, and AI vendor contracts.

  • Conduct privacy and AI governance reviews of vendors and internal programs.

• Policy & Program Development

  • Maintain and update internal and external privacy and data governance policies.

  • Create customer-facing documentation (e.g., FAQs, data sheets) to support transparency and trust.

• Training & Awareness

  • Drive internal training and awareness programs on privacy, cybersecurity, and AI governance.

  • Monitor and interpret evolving laws and best practices to ensure proactive compliance.

Qualifications

• Juris Doctor (JD) from an accredited law school; licensed to practice law in the U.S.

• 7+ years of legal experience with a focus on privacy, cybersecurity, data governance, and AI.

• Experience in retail, technology, or consumer-facing industries preferred.

• Strong understanding of global privacy frameworks and emerging AI regulations.

• Excellent negotiation, communication, and stakeholder management skills.

• Ability to work cross-functionally and influence at all levels of the organization.

Preferred Certifications

• CIPP/US, CIPT, CIPM, AIGP or similar privacy certifications

• CISSP or other cybersecurity-related credentials a plus

California Residents click below for Privacy Notice: