HackerOne

Privacy Counsel

HackerOne

full-time

Posted on:

Location Type: Remote

Location: United Kingdom

Visit company website

Explore more

AI Apply
Apply

Salary

💰 £80,000 - £100,000 per year

About the role

  • Apply an AI-First approach by using AI tools responsibly to improve research quality, drafting efficiency, and privacy assessment workflows.
  • Demonstrate Change Agility by adapting quickly to evolving global privacy and AI regulations, adjusting guidance as new risks, tools, or requirements emerge.
  • Use First Principles Problem Solving to simplify complex privacy questions, clarify assumptions, and provide clear, structured recommendations.
  • Leverage Data-Driven Decision Making during DPIAs, and related assessments by grounding evaluations in evidence, criteria, and regulatory expectations.
  • Support the current Privacy function with global privacy assessments, including DPIAs, AI DPIAs, TIAs, LIAs, and other structured risk reviews.
  • Review new and existing product features, AI capabilities, and data practices as part of privacy-by-design, identifying risks and opportunities early in development.
  • Draft, review, and negotiate data processing agreements (DPAs), privacy terms, and commercial contracts to support global sales and procurement.
  • Maintain and update privacy contractual documentation and internal templates and policies.
  • Create and deliver internal training on privacy and AI governance.
  • As part of the Privacy function, support internal and external privacy audits, coordinate with external advisors, and ensure alignment across business functions on assessment findings and remediation.
  • Monitor evolving privacy laws, case law, AI governance frameworks, and regulatory trends, sharing key insights with stakeholders to maintain compliance and anticipate future requirements.

Requirements

  • Qualified lawyer (UK or EU) with GDPR experience PQE 5+ years (mix of in-house or private practice experience). Years matter less to us than impact. If you have relevant specialist experience, apply even if you don’t quite hit the 5+ years.
  • Strong knowledge of EU/UK GDPR and familiarity with global privacy laws (US, Middle East, Asia).
  • Experience drafting and negotiating data processing agreements and handling privacy-related issues in a global business context.
  • Proven ability to manage data breaches, regulatory notifications and privacy audits.
  • Excellent communication skills with the ability to simplify complex legal concepts for non-legal audiences.
  • Strong understanding of AI technologies, their ethical implications, and related legal frameworks.
  • Excellent analytical, problem-solving, and decision-making skills with the ability to provide practical and strategic legal advice.
  • Experience in using privacy management systems such as OneTrust is required.
  • Ability to manage multiple priorities and work collaboratively across diverse teams.
  • Comfortable working independently in a fast-paced, global environment
Benefits
  • Health (medical, vision, dental), life, and disability insurance*
  • Equity stock options
  • Retirement plans
  • Paid public holidays and unlimited PTO
  • Paid maternity and parental leave
  • Leaves of absence (including caregiver leave and leave under CO's Healthy Families and Workplaces Act)
  • Employee Assistance Program
  • Flexible Work Stipend

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
GDPRdata processing agreementsprivacy assessmentsDPIAsAI DPIAsTIAsLIAsdata breach managementregulatory notificationsprivacy audits
Soft skills
communication skillsanalytical skillsproblem-solving skillsdecision-making skillschange agilitycollaborationindependenceadaptabilitysimplifying complex conceptsmanaging multiple priorities
Certifications
qualified lawyer (UK or EU)