Privacy Lawyer

5+ years of experience practicing privacy and data protection law, ideally with a combination of in-house and law firm experience.
Juris Doctor (JD) from an accredited law school and active membership in good standing with at least one U.S. state bar (or equivalent international qualification).
In-depth knowledge of global privacy laws and regulatory trends, with an emphasis on U.S. privacy laws.
Extensive understanding of how privacy impacts technology, digital products, and business operations.
Exceptional analytical, communication, and organizational skills.
Ability to work independently and collaboratively in a fast-paced, dynamic environment.

Advise on privacy and data protection laws and regulations, including GDPR, CCPA/CPRA, Colorado Privacy Act, FTC Act, ePrivacy Directive, and other global frameworks.
Draft and negotiate data processing agreements (DPAs), privacy terms, and contractual provisions related to data acquisition, use, licensing, and transfer.
Lead and support privacy impact assessments (PIAs), data protection impact assessments (DPIAs), and record-keeping obligations.
Partner with product, engineering, and security teams to ensure products are designed and maintained in compliance with privacy laws.
Develop and maintain internal policies, procedures, and training programs related to data privacy.
Develop and maintain external privacy notices, policies, and other privacy-related regulatory disclosures.
Monitor regulatory developments and guide the company’s response to new and evolving data protection laws.
Support incident response and breach notification processes as needed.
Liaise with external counsel and regulators, as appropriate.

CIPP/E, CIPP/US, or similar certification preferred.
Experience working in the tech or SaaS industry, preferably on consumer-facing products.
Familiarity with AI and machine learning privacy considerations.
Knowledge of cybersecurity frameworks and standards.