Key skills
CloudCyber SecurityAILLMSaaSLeadershipCommunicationSales
About this role
Role Overview
- Advise business teams (including marketing, sales, IT, and operations) regarding compliance with privacy, AI, and related laws and work collaboratively with the Group Privacy Office peers to provide advice for projects with both regional and global scope
- Perform vendor and third-party privacy risk assessments, particularly for cloud providers, data center partners, and managed service vendors
- Support cross-border data transfer assessments, including SCCs, TIAs, and adequacy mechanisms
- Provide clear, practical, pragmatic, guidance in a multicultural environment, balancing regulatory expectations with business realities
- Efficiently advise on data protection terms in agreements including license, vendor, SaaS, technology, master services, confidentiality and other agreements
- Support product development by advising on privacy-by-design and privacy-by-default principles, balancing regulatory requirements with business goals and partner/customer expectations
- Draft, update, and maintain internal and external privacy documentation, including DPIA templates, guidance materials, FAQs, and communication assets. Perform privacy impact assessments, responsible AI assessments, and other governance tasks, and contribute to the maintenance of records of processing and the satisfaction of privacy-by-design and privacy-by-default requirements
- Advise sales and marketing teams on compliance implications of various marketing initiatives including online advertising, behavioral advertising, social networking, email, SMS/text, and other consumer-facing communications
- Work closely with Information Security, Data Governance, Risk, and Audit teams to identify and mitigate data protection compliance risks including issue-spotting and advising related to cybersecurity and data incidents
- Support the privacy aspects of data breach and incident response, including regulatory notifications within EU timelines
Requirements
- LLM or J.D. degree or equivalent degree with strong academic performance
- at least 6 years of hands-on experience in privacy, data protection, or related compliance roles preferably within a technology-driven and/or international environment.
- Strong, demonstrable knowledge of European data protection laws and global privacy regulations (e.g., UK GDPR, Swiss FADP, CCPA)
- Demonstrable expertise on US privacy legislation Experience interpreting regulatory guidance and drafting relevant privacy notices, policies, and procedures
- Hands-on experience with DPIAs, RoPAs, vendor assessments, and data transfer mechanisms
- Experience advising corporate clients regarding compliance matters
- Experience negotiating and drafting contracts
- Ability to work independently, exercise sound judgment, and make decisions within established guidelines and risk frameworks
- Excellent oral and written communication skills
- Strong problem-solving and issue-resolution capabilities
- Ability to work collaboratively with business partners across levels and show leadership on complex, high priority issues
- Ability to translate complex privacy and regulatory concepts into clear, business-friendly language and apply them to a complex technical environment
Tech Stack
- Cloud
- Cyber Security
Benefits
- Competitive compensation
- Career growth and learning opportunities
- Flexibility and ownership
- Collaborative and innovative culture
- Opportunity to work on impactful AI projects
- International environment and talented teams