About the role:

• Location: Remote-first (United States; BC & ON, Canada; United Kingdom)
• Full-time
• The cash compensation for this role is tailored to align with the cost of labor in different geographic markets. We've structured the base pay ranges for this role into zones for our geographic markets, and the specific base pay within the range will be determined by the candidate’s geographic location, job-related experience, knowledge, qualifications, and skills.
• United States (all figures cited below are in USD and pertain to workers in the United States)
• Zone A: [$240,000 - $300,000]
• Zone B: [$225,600 - $282,000]
• Zone C: [$211,200 - $264,000]

This role is also eligible to participate in Webflow's company-wide bonus program. Target amounts are a percentage of base salary and vary by career level. Payouts are based on company performance against established financial and operational goals.

Please visit our Careers page for more information on which locations are included in each of our geographic pay zones. However, please confirm the zone for your specific location with your recruiter.

Please visit our Careers page for more information on which locations are included in each of our geographic pay zones. However, please confirm the zone for your specific location with your recruiter.

• Application Information:
• Application deadline: applications accepted on an ongoing basis until position is closed and filled
• This posting is for a new position
• Reporting to the Chief Legal Officer

As an Associate General Counsel, Privacy & Product, you’ll:

• Lead Webflow’s global privacy and product legal strategy, including privacy policies, data handling practices, compliance programs, trainings, documentation, and scalable legal processes.
• Manage and develop a team of privacy and product counsel, setting priorities, balancing workload, and building a high-trust, high-output legal function.
• Partner closely with Product and Engineering to embed privacy-by-design principles into the product development lifecycle and advise on new features, platform capabilities, product terms, and go-to-market strategies.
• Advise on AI-powered features and emerging technologies, including model training data, output liability, responsible AI governance, third-party AI tools, and the intersection of AI, IP, and privacy law.
• Lead privacy reviews, PIAs/DPIAs, data subject request processes, law enforcement request processes, privacy hygiene assessments, and cross-functional risk mitigation efforts with Security, Engineering, and Operations.
• Draft, review, and negotiate privacy-related agreements and terms, including DPAs, while providing privacy expertise across commercial deals, strategic partnerships, and M&A diligence.
• Monitor and interpret evolving global privacy and AI regulations, translating complex legal requirements into practical guidance that helps teams move quickly while managing risk.

About you:

Requirements:

• J.D. from an accredited law school and at least one active U.S. state bar membership.
• 10+ years of relevant legal experience, including at least 3 years in-house at a technology company.
• Demonstrated experience managing, developing, and scaling legal teams.
• Deep expertise in global privacy law, including GDPR, CCPA/CPRA, and related privacy frameworks.
• Hands-on experience building and operating privacy compliance programs in a technology environment.
• Significant privacy and product counseling experience in a technology company.

You’ll thrive as an Associate General Counsel, Privacy & Product if you:

• Are a practical, business-minded legal leader who helps teams move quickly while making smart, informed risk decisions.
• Build strong relationships with Product, Engineering, Security, GTM, and executive stakeholders by translating complex legal concepts into clear, actionable guidance.
• Have experience advising on AI, ML, or emerging technology products and are comfortable navigating ambiguity in fast-moving technical environments.
• Are both strategic and hands-on. Comfortable both setting legal strategy, developing talent, building scalable programs, and reviewing a DPA redline when needed.
• Stay current on global privacy and AI regulations; CIPP/US and/or CIPP/E certifications are preferred but not required.
• Bring genuine enthusiasm for Webflow’s mission and a collaborative approach to legal work — operating as a trusted partner, not a blocker.
• Stay curious and open to growth — demonstrating a proactive embrace of AI, and actively building and applying fluency in emerging technologies to elevate how we work, drive faster outcomes, and expand collective impact.

Our Core Behaviors:

• Build lasting customer trust. We build trust by taking action that puts customer trust first.
• Win together. We play to win, and we win as one team. Success at Webflow isn't a solo act.
• Reinvent ourselves. We don't just improve what exists, we imagine what's possible.
• Deliver with speed, quality, and craft. We move fast because the moment demands it, and we do so without lowering the bar.

Benefits

• Ownership in what you help build. Every permanent Webflower receives equity (RSUs) in our growing, privately held company.
• Health coverage that actually covers you. Comprehensive medical, dental, and vision plans for full-time employees and their dependents, with Webflow covering most premiums.
• Support for every stage of family life. 12 weeks of paid parental leave for all parents and 6+ weeks of additional paid leave for birthing parents. Plus inclusive care for family planning, menopause, and midlife transitions.
• Time off that’s actually off. Flexible vacation, paid holidays, and a sabbatical program to help you recharge and come back inspired.
• Wellness for the whole you. Access to mental health resources, therapy and coaching.
• Invest in your future. A 401(k) with 100% employer match (up to $6,000/year) in the U.S., and support for retirement savings globally.
• Monthly stipends that flex with your life. Localized support for work and wellness expenses — from Wi-Fi to workouts.
• Bonus for building together. All full-time, permanent, non-commission employees are eligible for our annual WIN bonus program.

Temporary employees may be eligible for paid holiday and time off, statutory leaves of absence, and company-sponsored medical benefits depending on their Fixed Term Contract and their country/state of employment.

Be you, with us

At Webflow, equality is a core tenet of our culture. We are an Equal Opportunity (EEO)/Veterans/Disabled Employer and are committed to building an inclusive global team that represents a variety of backgrounds, perspectives, beliefs, and experiences. Employment decisions are made on the basis of job-related criteria without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other classification protected by applicable law. Pursuant to the San Francisco Fair Chance Ordinance, Webflow will consider for employment qualified applicants with arrest and conviction records.

Stay connected

Not ready to apply, but want to be part of the Webflow community? Consider following our story on our Webflow Blog, LinkedIn, X (Twitter), and/or Glassdoor.

Please note:

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Upon interview scheduling, instructions for confidential accommodation requests will be administered.

To join Webflow, you'll need a valid right to work authorization depending on the country of employment.

If you are extended an offer, that offer may be contingent upon your successful completion of a background check, which will be conducted in accordance with applicable laws. We may obtain one or more background screening reports about you, solely for employment purposes.

For information about how Webflow processes your personal information, please review Webflow’s Applicant Privacy Notice.

About the role:

• Location: Remote-first (United States; BC & ON, Canada; United Kingdom)
• Full-time
• The cash compensation for this role is tailored to align with the cost of labor in different geographic markets. We've structured the base pay ranges for this role into zones for our geographic markets, and the specific base pay within the range will be determined by the candidate’s geographic location, job-related experience, knowledge, qualifications, and skills.
• United States (all figures cited below are in USD and pertain to workers in the United States)
• Zone A: [$240,000 - $300,000]
• Zone B: [$225,600 - $282,000]
• Zone C: [$211,200 - $264,000]

This role is also eligible to participate in Webflow's company-wide bonus program. Target amounts are a percentage of base salary and vary by career level. Payouts are based on company performance against established financial and operational goals.

Please visit our Careers page for more information on which locations are included in each of our geographic pay zones. However, please confirm the zone for your specific location with your recruiter.

Please visit our Careers page for more information on which locations are included in each of our geographic pay zones. However, please confirm the zone for your specific location with your recruiter.

• Application Information:
• Application deadline: applications accepted on an ongoing basis until position is closed and filled
• This posting is for a new position
• Reporting to the Chief Legal Officer

As an Associate General Counsel, Privacy & Product, you’ll:

• Lead Webflow’s global privacy and product legal strategy, including privacy policies, data handling practices, compliance programs, trainings, documentation, and scalable legal processes.
• Manage and develop a team of privacy and product counsel, setting priorities, balancing workload, and building a high-trust, high-output legal function.
• Partner closely with Product and Engineering to embed privacy-by-design principles into the product development lifecycle and advise on new features, platform capabilities, product terms, and go-to-market strategies.
• Advise on AI-powered features and emerging technologies, including model training data, output liability, responsible AI governance, third-party AI tools, and the intersection of AI, IP, and privacy law.
• Lead privacy reviews, PIAs/DPIAs, data subject request processes, law enforcement request processes, privacy hygiene assessments, and cross-functional risk mitigation efforts with Security, Engineering, and Operations.
• Draft, review, and negotiate privacy-related agreements and terms, including DPAs, while providing privacy expertise across commercial deals, strategic partnerships, and M&A diligence.
• Monitor and interpret evolving global privacy and AI regulations, translating complex legal requirements into practical guidance that helps teams move quickly while managing risk.

About you:

Requirements:

• J.D. from an accredited law school and at least one active U.S. state bar membership.
• 10+ years of relevant legal experience, including at least 3 years in-house at a technology company.
• Demonstrated experience managing, developing, and scaling legal teams.
• Deep expertise in global privacy law, including GDPR, CCPA/CPRA, and related privacy frameworks.
• Hands-on experience building and operating privacy compliance programs in a technology environment.
• Significant privacy and product counseling experience in a technology company.

You’ll thrive as an Associate General Counsel, Privacy & Product if you:

• Are a practical, business-minded legal leader who helps teams move quickly while making smart, informed risk decisions.
• Build strong relationships with Product, Engineering, Security, GTM, and executive stakeholders by translating complex legal concepts into clear, actionable guidance.
• Have experience advising on AI, ML, or emerging technology products and are comfortable navigating ambiguity in fast-moving technical environments.
• Are both strategic and hands-on. Comfortable both setting legal strategy, developing talent, building scalable programs, and reviewing a DPA redline when needed.
• Stay current on global privacy and AI regulations; CIPP/US and/or CIPP/E certifications are preferred but not required.
• Bring genuine enthusiasm for Webflow’s mission and a collaborative approach to legal work — operating as a trusted partner, not a blocker.
• Stay curious and open to growth — demonstrating a proactive embrace of AI, and actively building and applying fluency in emerging technologies to elevate how we work, drive faster outcomes, and expand collective impact.

Our Core Behaviors:

• Build lasting customer trust. We build trust by taking action that puts customer trust first.
• Win together. We play to win, and we win as one team. Success at Webflow isn't a solo act.
• Reinvent ourselves. We don't just improve what exists, we imagine what's possible.
• Deliver with speed, quality, and craft. We move fast because the moment demands it, and we do so without lowering the bar.

Benefits

• Ownership in what you help build. Every permanent Webflower receives equity (RSUs) in our growing, privately held company.
• Health coverage that actually covers you. Comprehensive medical, dental, and vision plans for full-time employees and their dependents, with Webflow covering most premiums.
• Support for every stage of family life. 12 weeks of paid parental leave for all parents and 6+ weeks of additional paid leave for birthing parents. Plus inclusive care for family planning, menopause, and midlife transitions.
• Time off that’s actually off. Flexible vacation, paid holidays, and a sabbatical program to help you recharge and come back inspired.
• Wellness for the whole you. Access to mental health resources, therapy and coaching.
• Invest in your future. A 401(k) with 100% employer match (up to $6,000/year) in the U.S., and support for retirement savings globally.
• Monthly stipends that flex with your life. Localized support for work and wellness expenses — from Wi-Fi to workouts.
• Bonus for building together. All full-time, permanent, non-commission employees are eligible for our annual WIN bonus program.

Temporary employees may be eligible for paid holiday and time off, statutory leaves of absence, and company-sponsored medical benefits depending on their Fixed Term Contract and their country/state of employment.

Be you, with us

At Webflow, equality is a core tenet of our culture. We are an Equal Opportunity (EEO)/Veterans/Disabled Employer and are committed to building an inclusive global team that represents a variety of backgrounds, perspectives, beliefs, and experiences. Employment decisions are made on the basis of job-related criteria without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other classification protected by applicable law. Pursuant to the San Francisco Fair Chance Ordinance, Webflow will consider for employment qualified applicants with arrest and conviction records.

Stay connected

Not ready to apply, but want to be part of the Webflow community? Consider following our story on our Webflow Blog, LinkedIn, X (Twitter), and/or Glassdoor.

Please note:

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Upon interview scheduling, instructions for confidential accommodation requests will be administered.

To join Webflow, you'll need a valid right to work authorization depending on the country of employment.

If you are extended an offer, that offer may be contingent upon your successful completion of a background check, which will be conducted in accordance with applicable laws. We may obtain one or more background screening reports about you, solely for employment purposes.

For information about how Webflow processes your personal information, please review Webflow’s Applicant Privacy Notice.

At Amartha, we empower micro-businesses across Indonesia, enabling growth and equal prosperity. We've supported over 2.7 million entrepreneurs—mostly women—by disbursing IDR 22.8 trillion in funding. As we step into 2025, Amartha is evolving into a technology-driven financial ecosystem, expanding our reach in lending, funding, and payments. Through innovation and digital solutions, we aim to enhance accessibility, streamline processes, and create a seamless user experience.

About The Role

The Senior IT GRC and Data Privacy Analyst plays a crucial role in Amartha. You will be the warrior who will spearhead various IT GRC and Data Privacy programs to protect Amartha from internal and external threats, including monitoring and managing compliance with ISO 27001, POJK, PSrE, PDP, and other applicable regulations.

Responsibilities

GRC Framework Development and Maintenance:

• Develop, implement, and maintain a comprehensive GRC framework that aligns with industry best practices and regulatory requirements.
• Conduct regular risk assessments to identify potential threats and vulnerabilities.
• Develop and implement risk mitigation strategies and action plans.
• Monitor and report on compliance with internal policies and external regulations.

Data Privacy Compliance:

• Ensure compliance with applicable data privacy regulations and data protection laws.
• Conduct data privacy impact assessments (DPIAs) for new projects or initiatives.
• Develop and implement data privacy policies and procedures.
• Manage data breaches and incidents, including notification processes and remediation activities.

Vendor Management:

• Assess the security and privacy practices of third-party vendors and suppliers.
• Negotiate and manage vendor contracts to ensure compliance with security and privacy requirements.

Regulatory Compliance:

• Stay up-to-date with evolving regulatory requirements and industry best practices.
• Provide guidance and support to the organization in meeting compliance obligations.

Identity and Access Management (IAM):

• Develop and maintain IAM policies, standards, and procedures.
• Implement and manage IAM systems and tools (e.g., identity provisioning, access control, single sign-on).
• Ensure the effective administration of user accounts and privileges.
• Conduct regular IAM audits and reviews to identify and address security gaps.
• Manage access certifications and segregation of duties controls.

Requirements

• 5+ years of related job experience
• Strong analytical and interpersonal skills
• Excellent communication both in written and spoken (English)
• Ability to express information clearly at different organizational levels
• Strong understanding of industry standards such as ISO 27001, NIST Cybersecurity Framework, GDPR, UU PDP
• Experience in the financial services industry (esp. Microfinance, Payments, etc)
• Having relevant certification are preferable (e.g.  CRISC, CIPP, etc)
• Experience with IAM technologies and frameworks (e.g., Active Directory, LDAP, OAuth, SAML)

About the Role

What You'll Do

Summary

This position is in the FTC, Bureau of Consumer Protection. The Bureau works to protect consumers against unfair or deceptive acts or practices in the marketplace. It conducts investigations, sues companies and people who violate the law, develops rules to protect consumers, and educates consumers and businesses about their rights. The Bureau also collects complaints about fraud, unfair practices, and identity theft and makes them available to law enforcement agencies across the country.

Duties

The Deputy Director for Consumer Privacy (DDCP) of BCP shares in the management of one of the major operating components of the FTC and has responsibility for the investigation, prosecution, policymaking, rulemaking, and compliance functions involved in consumer privacy protection, particularly protecting kids online; for encouraging the business community's compliance with consumer protection laws; and for providing guidance and oversight to the Commission's Divisions and Regional Offices with respect to consumer protection activities. The incumbent also serves as a liaison to the Office of International Affairs (OIA), the Office of Congressional Relations (OCR), and the Office of Policy Planning (OPP) to ensure coordinated and efficient consumer privacy protection policy and enforcement across the agency. Additionally, the incumbent serves as one of six deputy directors assigned to coordinate and oversee the work of BCP Divisions and Regions as appropriate. The Deputy Director for Consumer Privacy is a key member of the Bureau's management team and is delegated to act for the Bureau Director in interpreting and carrying out the Commission's objectives in the broad area of consumer protection, with a focus on consumer privacy protection across Divisions, Regions, and other agency organizations such as OIA, OCR, and OPP. In fulfilling these responsibilities, the DDCP shares with the Director responsibility for establishing consumer privacy policy, particularly protecting kids online, overseeing program direction related to consumer privacy protection, and providing the necessary leadership and strategic planning regarding the Bureau's role in the consumer privacy protection mission. In exercising important policy functions, the incumbent reviews policy recommendations that affect BCP's and the FTC's mission; considers political, social, economic, technical, and administrative factors that may potentially impact recommended policies; and formally recommends action to the approving official. The DDCP, together with subordinate managers and supervisors, serves as a primary link between the Bureau and the Commission, with the incumbent having full signatory authority for all consumer protection matters forwarded. The Deputy Director for Consumer Privacy is a primary factor in ensuring that overall, Bureau resources are used and applied in the most effective manner consistent with resources and budget determinations for consumer protection activities. The incumbent, focusing primarily on consume privacy and protecting kids online, collaborates and shares responsibility in working together with the Bureau Director, Associate Directors, and Regional Directors in planning, organizing, coordinating and evaluating the work of a very large staff of attorneys, investigators, paralegals, other professionals, and supporting technical and administrative personnel. Attorneys assigned to the Bureau determine the theories and plans for investigations in assigned cases and perform the investigative and legal work required, including preparing briefing materials, drafting complaints, negotiating settlements, presenting cases before federal district court judges, and assuring compliance with Commission orders.

Job Requirements

Qualifications

QUALIFICATIONS: Candidates should be committed to improving the efficiency of the Federal government, passionate about the ideals of our American republic, and committed to upholding the rule of law and the United States Constitution. Candidates will not be hired based on their race, sex, color, religion, or national origin. To meet the minimum qualification requirements for this position, you must show that you possess the Executive Core Qualifications (ECQ) and Technical Qualifications (TQ) related to this position within your resume - NOT TO EXCEED 2 PAGES. Resumes over the 2-page limit, will not be reviewed beyond page 2 or may be disqualified. Your resume should include examples of experience, education, and accomplishments applicable to the qualification(s). If your resume does not reflect demonstrated evidence of these qualifications, you may not receive consideration for the position. There is NO requirement to prepare a narrative statement specifically addressing the Executive Core Qualifications (ECQs) or the Technical Qualifications (TQs). TECHNICAL QUALIFICATIONS (TQs): Your resume should demonstrate accomplishments that would satisfy the technical qualifications. TQ 1: Demonstrated knowledge and experience involving the application of the Federal Trade Commission Act and a wide range of statutes, including the Children's Online Privacy Protection Act and its implementing regulations, the TAKE IT DOWN Act, the Fair Credit Reporting Act (FCRA), the Protecting Americans' Data from Foreign Adversaries Act of 2024 (PADFAA), and the Gramm-Leach-Bliley Act and its implementing regulations, including the FTC Safeguards Rule and the Privacy Rule. TQ 2: Demonstrated executive-level experience managing all aspects of litigation, including analyzing complex legal issues and questions of litigation strategy, reviewing pleadings and memoranda, and supervising and reviewing the work of attorneys and other staff. EXECUTIVE CORE QUALIFICATIONS (ECQs): In addition to the Technical Qualification Requirements listed above, all new entrants into the Senior Executive Service (SES) under a career appointment will be assessed for executive competency against the following five mandatory ECQs. If your 2-page resume does not reflect demonstrated evidence of the ECQs and TQs, you may not receive further consideration for the position. ECQ 1: Commitment to the Rule of Law and the Principles of the American Founding - This core qualification requires a demonstrated knowledge of the American system of government, commitment to uphold the Constitution and the rule of law, and commitment to serve the American people. ECQ 2: Driving Efficiency - This core qualification involves the demonstrated ability to strategically and efficiently manage resources, budget effectively, cut wasteful spending, and pursue efficiency through process and technological upgrades. ECQ 3: Merit and Competence - This core qualification involves the demonstrated knowledge, ability and technical competence to effectively and reliably produce work that is of exceptional quality. ECQ 4: Leading People - This core qualification involves the demonstrated ability to lead and inspire a group toward meeting the organization's vision, mission, and goals, and to drive a high-performance, high-accountability culture. This includes, when necessary, the ability to lead people through change and to hold individuals accountable. ECQ 5: Achieving Results - This core qualification involves the demonstrated ability to achieve both individual and organizational results, and to align results to stated goals from superiors. Note: If you are a member of the SES or have been certified through successful participation in an OPM approved SES Candidate Development Program (SESCDP), or have SES reinstatement eligibility, you do not need to respond to the ECQs. Instead, you should attach proof (e.g., SF-50, Certification by OPM's SES Qualifications Review Board (QRB)) of your eligibility for noncompetitive appointment to the SES.

Education

You must possess a J.D. or L.L.B. degree from an accredited law school. If you are qualifying for this position by substituting education or training for experience, submit a copy of your transcripts or equivalent. An official transcript will be required if you are selected. A college or university degree generally must be from an accredited (or pre-accredited) college or university recognized by the U.S. Department of Education. For a list of schools which meet these criteria, please refer to Department of Education Accreditation page. Foreign Education: If you are using education completed in foreign colleges or universities to meet the qualification requirements, you must show the education credentials have been evaluated by a private organization that specializes in interpretation of foreign education programs and such education has been deemed equivalent to that gained in an accredited U.S. education program; or full credit has been given for the courses at a U.S. accredited college or university. If you are qualifying based on foreign education, you must submit proof of creditability of education as evaluated by a credentialing agency. For further information, visit: Recognition of Foreign Qualifications | International Affairs Office (ed.gov)

Your Impact

As a technical member on the Privacy team, you will build software to support Axon privacy mission. You will be intimately involved in the architecture decisions that will shape privacy tools and services. You live and breathe cloud services that require high availability and fast, consistent performance. You love working with the latest privacy enhancing technologies, and can leverage your system design skills to make the right technical decisions on a system that needs to be bullet-proof.
Not only can you drive decisions among competing engineering trade-offs, your empathy with customers allows you to intuit innovative solutions for our customer problems. You will be working closely with product managers and designers to ensure we are building the right solution for our customers.

Join us to work with a passionate, mission-driven group of folks who want to positively impact the lives of first responders and those that they serve.

What You’ll Do

Location: This role is based out of our Seattle, WA Office and follows a hybrid schedule. We rely on in-person collaboration and ask that team members work onsite Tuesdays through Fridays, with the flexibility to work remotely on Mondays, unless there is an approved workplace accommodation. We believe that connection fuels innovation, and our in-office culture is designed to foster meaningful teamwork, mentorship, and shared success.
Reports to: Head of Privacy
Direct Reports: none

• Design, build, and maintain back-end systems and services that power privacy and data compliance across Axon ecosystem, such as tools that enable other teams to automate tasks involving managing and protecting customer data.
• Participate in, or lead design reviews with peers and stakeholders to decide amongst available technologies.
• Triage product or system issues and debug/track/resolve by analyzing the sources of issues and the impact on hardware, network, or service operations and quality.
• Work with the latest open source technologies

What You Bring

• Bachelor's Degree in Computer Science, Engineering, or related field
• 2-4 years of professional software development experience
• Experience designing and delivering highly-available, scalable cloud-based systems on Azure or other public cloud infrastructure
• Experience developing and working with AI tooling
• Experience with the areas below:
  • Experience building data pipelines
  • Experience integrating 3rd party solutions to internal systems and services
  • Experience with system to system communication implementation, high-scale microservices, Kubernetes, service orchestration/inter-service authentication, CI/CD pipelines setup and tune up
  • Design, implement, and tune robust APIs and API framework related features that perform and scale in a multi-tenant environment
  • Backend service experience in multiple languages such as Go or Python, or similar
  • Experience working with SQL or NoSQL data stores
• Preferred Qualifications:
  • Experience in the public sector, in particular with law enforcement agencies and judicial bodies
  • Exposure working with CJIS data or working with law enforcement data internationally

Benefits that Benefit You

• Competitive salary and 401k with employer match
• Discretionary paid time off
• Paid parental leave for all
• Medical, Dental, Vision plans
• Fitness Programs
• Emotional & Mental Wellness support
• Learning & Development programs
• Employee Resource Groups (ERGs)
• And yes, we have snacks in our offices

Benefits listed herein may vary depending on the nature of your employment and the location where you work.

Discord's Privacy team handles the user-facing side of privacy at scale — processing complaints, supporting investigations, and preparing materials that feed into regulatory engagements. In this role, you'll work from established playbooks to manage a steady volume of incoming privacy requests, support the team's investigation workflows, and serve as an escalation point for the BPO contractors who handle initial queue triage. You'll report to our Senior Manager, Privacy and work closely with a privacy contractor and the DPO on the team's day-to-day operations.

This is a high-execution role. You don't need to be a privacy expert, but you do need to be organized, detail-oriented, and comfortable managing a consistent volume of case work — including some that supports engagements with regulators.

This is a 5-month temporary position.

What You'll Be Doing

• Handle privacy complaints submitted by users, working from established intake and response workflows.
• Support investigations into user claims by gathering relevant account information, summarizing findings, and preparing documentation for escalation to senior team members or outside counsel.
• Serve as the escalation point for BPO contractors handling initial queue triage, reviewing flagged items and determining next steps.
• Assist in preparing supporting materials for regulatory inquiries and responses to data protection authorities.
• Maintain queue tracking and case documentation so the broader team has clear visibility into status and volume.
• Flag patterns or emerging issues to the Senior Privacy Analyst for review.

What You Should Have

• 1.5+ years of experience in trust and safety, legal response, privacy operations, or a similar high-volume case-handling role.
• Strong ability to follow established playbooks and apply consistent judgment across a high volume of similar requests.
• Clear, concise written communication — your escalations should give the person receiving them exactly what they need, no more.
• Comfort working independently on well-defined workflows while knowing when to flag something that needs a second set of eyes.
• Strong attention to detail and written communication skills.
• Strong ability to handle sensitive user data and complaints in a professional and discreet manner.

Bonus Points

• Familiarity with GDPR, CCPA, or other data protection frameworks at a conceptual level.
• Prior experience supporting regulatory response workstreams or working alongside legal or compliance teams.
• Experience working with or overseeing BPO/contractor teams in a queue management context.

This position is US-based and can be remote, but if you live in the Bay Area, you’re welcome to work from our beautiful SF office.

The US base salary range for this temporary full-time position is $116,000 to $130,500 + benefits. Our salary ranges are determined by role and level. Within the range, individual pay is determined by additional factors, including job-related skills, experience, and relevant education or training. Please note that the compensation details listed in US role postings reflect the base salary only, and do not include benefits.

#LI-Remote

About the role

Anthropic's Integrity & Compliance (I&C) function is building the systems that let us scale responsibly as our products reach more people, more enterprises, and more regulated industries. Our global compliance program is bespoke, reflecting our unique mission and position as one of the leading AI labs operating on the frontier.

Within Integrity & Compliance, the Privacy Programs pillar owns how we operationalize privacy across the company — from how we handle personal data in our products and research, to how we meet our obligations under the GDPR, CCPA, and the growing patchwork of global privacy law. We work closely with our Privacy Legal team on all privacy related matters.

We're hiring a Privacy Governance Lead to own the governance backbone of that work. You'll set the strategy for how privacy governance operates at Anthropic, define the policies and controls that translate privacy principles into operating practice, and help manage the relationship with internal and external stakeholders who depend on that framework holding up under scrutiny.

This is a foundational role with significant scope. You'll be shaping a privacy governance function from a relatively early stage, with the autonomy to set the standard and the mandate to drive cross-functional change. You'll partner closely with Privacy Legal, Security, Product, Research, and the wider I&C team, and you'll contribute directly to reporting that reaches the Audit Committee and boards. You'll report to the Head of Integrity & Compliance.

Key responsibilities

• Set the strategy and roadmap for Anthropic's privacy governance framework, including the policies, standards, and internal controls that map to GDPR, CCPA/CPRA, and other applicable global privacy regimes

• Own the privacy documentation lifecycle end-to-end — Data Protection Impact Assessments, Records of Processing, Transfer Impact Assessments, and other accountability artifacts — including the methodology, the tooling, and the quality bar

• Establish governance forums and approval workflows for privacy-significant product, research, and vendor decisions, and chair the forums where novel or high-risk questions are resolved

• Own the privacy controls testing program: define what "good" looks like, set the testing cadence, and present results to the Head of Integrity & Compliance and other leadership forums

• Partner with Privacy Legal to anticipate emerging privacy law and translate new obligations into concrete control changes ahead of enforcement

• In partnership with Legal, co-lead privacy regulator engagement on governance matters, including responses to inquiries, audits, and complaints

• Oversee the management of inputs for regulatory responses with the Privacy Program pillar

• Drive privacy training and awareness strategy for engineering, product, research, and go-to-market teams, calibrated to the actual decisions those teams make

• Represent the privacy governance function in Internal Audit reporting, and in cross-functional risk and compliance forums

• Build and develop the privacy governance team over time

Minimum qualifications

• Deep working knowledge of GDPR and at least one major US state privacy regime (CCPA/CPRA, or equivalent), including how their requirements translate into operational controls at scale

• Demonstrated track record building, scaling, or transforming a privacy governance program end-to-end — policies, DPIAs, ROPAs, controls libraries, governance forums, and the operating model that supports them

• Strong written communication, with the ability to produce clear policies, board-ready reporting, and practical guidance that engineering and product teams will actually use

• Comfort owning hard cross-functional decisions and operating across legal, technical, and operational boundaries

• A privacy certification such as CIPP/E, CIPP/US, or CIPM, or equivalent demonstrated expertise

Preferred qualifications

• Senior privacy governance leadership experience at a technology company operating under multiple privacy regimes simultaneously, ideally including one with novel data processing (AI/ML, large-scale platforms, or similar)

• Direct experience engaging privacy regulators, particularly EU data protection authorities or the Irish DPC, on governance matters such as inquiries, audits, or complaints

• Familiarity with AI-specific privacy considerations: training data governance, model memorization, output filtering, and the intersection with emerging AI regulation

• Experience standing up governance functions in a high-growth environment, including building from a blank page

• Demonstrated experience presenting to Audit Committees, boards, or equivalent senior governance bodies on privacy matters

• Background that bridges privacy and broader compliance disciplines (security, regulatory, ABAC, enterprise risk management)

Role-specific policy: For this role, we expect staff to be able to work from our Dublin office at least 3 days a week, though we encourage you to apply even if you might need some flexibility for an interim period of time.

About the Role 

Responsibilities

• Own Privacy Request Handling: Manage and resolve user-initiated DSARs, data deletion requests, and other privacy-related inquiries end-to-end — from identity verification and data validation to case documentation and escalation to Match Group Privacy when required

• Ensure Regulatory Compliance: Process requests in alignment with global privacy regulations including GDPR, Brazil LGPD, and CCPA/CPRA, monitoring deadlines and maintaining consistent handling standards to mitigate legal, regulatory, and reputational risk

• Drive Cross-Functional Collaboration: Partner closely with Privacy, Legal, Data Engineering, and Security teams to investigate and resolve complex requests, escalating cases involving potential security breaches or regulatory complaints as needed

• Maintain Queue & Risk Management: Manage incoming DPS tickets while maintaining SLA compliance, prioritizing high-risk requests, and proactively flagging risks or backlogs to leadership

• Improve Operations at Scale: Identify opportunities to streamline workflows, improve tooling, and automate processes — while maintaining and updating internal knowledge bases and procedural documentation

• Contribute to Organizational Insight: Develop deep knowledge of internal data pipelines, privacy policies, and safety systems, and provide leadership with operational insights on trends, emerging risks, and process improvements

What We're Looking For

• 2+ years of experience in a user-facing role in privacy operations, trust & safety, risk operations, compliance, or data governance
• Familiarity with global privacy regulations including GDPR, LGPD, and CCPA/CPRA
• Experience handling sensitive or high-risk user requests with strong attention to detail
• Strong analytical and investigative skills with the ability to work cross-functionally with technical and legal stakeholders
• Excellent written communication and documentation skills
• Nice to have: Experience processing DSARs or regulatory privacy requests; familiarity with data systems or data retrieval workflows; background in Trust & Safety, customer escalations, or compliance operations; experience in a global technology or platform environment

Job Mission / Objective:

The Data Privacy Officer is responsible for establishing, implementing, and maintaining the organization’s data privacy framework. This role ensures compliance with applicable data protection laws and regulations while bridging the gap between technical data handling practices and legal/regulatory requirements. The DPO acts as a strategic advisor on privacy risks, governance, and compliance across the business.

Impact on Business Results:

• Reduces regulatory fines and legal exposure through compliance with POPIA and GDPR
• Protects bank reputation and strengthens customer trust by safeguarding personal data
• Enables faster, compliant product launches by embedding privacy-by-design
• Improves operational efficiency by reducing incidents, rework, and audit findings

Requirements

Data Privacy Governance & Compliance:

• Develop, implement, and oversee the organization’s data privacy strategy and policies.
• Ensure compliance with applicable data protection laws (e.g., POPIA, GDPR, and other relevant regulations).
• Maintain and update privacy frameworks, standards, and procedures.
• Monitor regulatory changes and advise the business on implications.

Legal Advisory & Risk Management:

• Provide legal guidance on data protection obligations, contracts, and data-sharing agreements.
• Conduct privacy impact assessments (PIAs/DPIAs) and risk assessments.
• Advise on cross-border data transfers and third-party data processing risks.
• Support legal teams in managing data breaches, investigations, and regulatory inquiries.

Data Protection Operations:

• Oversee data mapping, classification, and records of processing activities.
• Ensure appropriate data retention and deletion practices are in place.
• Collaborate with IT and Security teams to ensure privacy-by-design and privacy-by default principles.
• Review and approve data protection controls in systems and projects.

Stakeholder Engagement:

• Act as the primary point of contact for regulators, auditors, and internal stakeholders on privacy matters.
• Liaise between Legal, IT, Compliance, Risk, and Business Units.
• Provide expert input into business initiatives involving personal data.

Training Awareness:

• Develop and deliver privacy training and awareness programs across the organization.
• Promote a culture of data protection and ethical data use.

Incident and Breach Management:

• Lead response to data breaches and privacy incidents.
• Ensure timely reporting to regulators and affected parties where required.
• Maintain incident logs and implement corrective actions.

Policies and Procedures:

• Develop, implement, and maintain data privacy policies, standards, and SOPs
• Ensure adherence to internal governance frameworks and regulatory requirements (e.g., POPIA)
• Oversee data classification, retention, access control, and breach response procedures
• Regularly review, update, and embed policies through audits, training, and controls

People Management:

• Drive training and awareness programs to build a privacy-first culture across the bank
• Collaborate and influence senior stakeholders across Legal, IT, Risk, and Business Units
• Set clear objectives, monitor performance, and ensure accountability within the team

Academic Requirement:

• Bachelor’s degree in Law, Information Technology, or related field (LLB preferred for Legal alignment).
• Postgraduate qualification or certification in Data Privacy (e.g., CIPP/E, CIPM) is advantageous.

Work Experience:

• 5–10+ years’ experience in data privacy, legal compliance, or information security.
• Proven experience transitioning or working across IT and Legal functions is highly desirable.

Benefits

• Pension Fund
• Work From Home
• Training & Development

Summary

The facility Privacy/FOIA Officer has oversight for the data governance program and initiatives in the VA Palo Alto Health Care System and its supporting catchment area. The position makes unique facility-level determinations about disclosures, issuance of denials, redactions, access, use and dissemination of federal agency records. The position formulates policy, ensures compliance with federal and state laws and conducts thorough research of federal implementing regulations.

Duties

Duties include, but may not be limited to the following: Implements unique policies and procedures to manage agency information, providing assistance and services to the general public and an organization, agency or facility staff members; Supports developing a local level strategy for data governance, which includes leading from the executive office and creating a unique program that includes diverse processes and specific policies which are independent of other facilities; Monitors and covers all aspects of the collection, use, dissemination, disclosure and destruction of information within an organization, agency or facility; Develops and integrates policy based processes, roles and controls that influences how data is created, collected, used, stored and destroyed throughout the organization; Adjudicates complex privacy and FOIA decisions that affect employees, customers and commercial businesses in the absence of supervision; Performs in-depth legal research that pertains to both federal and state statutes to render expertise, provide solutions and facilitate corrective action; Safeguards information while supporting accountability and transparency initiatives; Analyzes all of the interrelated issues that affect the privacy/FOIA program and plans and conducts monitoring activities which measure the overall level of operational compliance by the facility; Teaches and trains employees on general data protection procedures and detailed service specific practices for daily operations and uses technology to provide required privacy/FOIA training and supplemental education; Performs assessment of privacy-related risks associated with business activities that involve processing of personal and sensitive data; Investigates non-compliance of privacy related issues at all levels of an organization, agency or facility and outside of these entities when information is involved; Strengthens and sustains the operational life cycle of the privacy/FOIA program by developing a communication strategy that fosters awareness for both internal and external partners to improve compliance, provide training and engage the public. Performs other related duties as assigned. Work Schedule: Full-Time, 8:00am-4:30pm Monday-Friday Telework: Not Available Virtual: This is not a virtual position. Position Description/PD#: Government Information Special (Privacy/FOIA Officer)/PD99538S and PD99843S Relocation/Recruitment Incentives: Not Authorized

Job Requirements

You must be a U.S. Citizen to apply for this job Selective Service Registration is required for males born after 12/31/1959 Subject to background/security investigation Selected applicants will be required to complete an online onboarding process. Acceptable form(s) of identification will be required to complete pre-employment requirements (https://www.uscis.gov/i-9-central/form-i-9-acceptable-documents). Effective May 7, 2025, driver's licenses or state-issued dentification cards that are not REAL ID compliant cannot be utilized as an acceptable form of identification for employment. Participation in the seasonal influenza vaccination program is a requirement for all Department of Veterans Affairs Health Care Personnel (HCP) As a condition of employment for accepting this position, you will be required to serve a 1-year probationary period or 2-year trial period during which we will evaluate your fitness and whether your continued employment advances the public interest. In determining if your employment advances the public interest, we may consider: your performance and conduct; the needs and interests of the agency; whether your continued employment would advance organizational goals of the agency or the Government; and whether your continued employment would advance the efficiency of the Federal service. Upon completion of your probationary period or trial period, your employment will be terminated unless you receive certification, in writing, that your continued employment advances the public interest.

Qualifications

To qualify for this position, applicants must meet all requirements by the closing date of this announcement, 05/11/2026. Time-In-Grade Requirement: Applicants who are current Federal employees and have held a GS grade any time in the past 52 weeks must also meet time-in-grade requirements by the closing date of this announcement. For a GS-11 position you must have served 52 weeks at the GS-09. For a GS-12 position you must have served 52 weeks at the GS-11. The grade may have been in any occupation, but must have been held in the Federal service. An SF-50 that shows your time-in-grade eligibility must be submitted with your application materials. If the most recent SF-50 has an effective date within the past year, it may not clearly demonstrate you possess one-year time-in-grade, as required by the announcement. In this instance, you must provide an additional SF-50 that clearly demonstrates one-year time-in-grade. Note: Time-In-Grade requirements also apply to former Federal employees applying for reinstatement as well as current employees applying for Veterans Employment Opportunities Act of 1998 (VEOA) appointment. GS-11 Experience: You must have at least one (1) full year of specialized experience equivalent to at least the next lower grade level (GS-9) in the Federal Service that equipped you with the particular knowledge, skills and abilities to successfully perform the duties of the position and that is typically in or related to the work of the position to be filled. Specialized experience includes: experience as a Privacy/FOIA officer working independently with little supervision, formulating policy, ensuring compliance with federal and state laws and conducts thorough research of implementing regulations and policies and procedures to manage agency/organization information; providing assistance and services to the general public, staff members and communicated information to the Executive leadership, facility staff and outside stakeholders, OR Education: Successful completion of a Ph.D. or equivalent doctoral degree or 3 full years of progressively higher level graduate education leading to such a degree or LL.M., if related, from an accredited college or university. Such education must be directly related to the work of the Government Information Specialist - Privacy/Freedom of Information Act Officer position and demonstrate the knowledge, skills, and abilities necessary to do the work. NOTE: Transcripts (unofficial or official) must be submitted with your application materials. Education cannot be credited without documentation, OR Combination: Equivalent combination of successfully completed graduate level education (beyond the second year) and specialized experience, as described above, which may be used to meet total experience requirements for this grade level. The education portion must include graduate courses directly related to the work of the Government Information Specialist - Privacy/Freedom of Information Act Officer position and demonstrate the knowledge, skills, and abilities necessary to do the work and must have been obtained in an accredited college or university. NOTE: Transcripts (unofficial or official) must be submitted with your application materials. Education cannot be credited without documentation. GS-12 One (1) year of specialized experience equivalent to the next lower grade (GS-12) in the Federal service, that equipped you with the particular knowledge, skills and abilities to successfully perform the duties of the position and that is typically in or related to the work of the position to be filled. Specialized experience includes: experience as a Privacy/FOIA officer working independently with little supervision, formulating policy, ensuring compliance with federal and state laws and conducts thorough research of implementing regulations and policies and procedures to manage agency/organization information; providing assistance and services to the general public, staff members and communicated information to the Executive leadership, facility staff and outside stakeholders. You will be rated on the following Competencies for this position: Communications External Awareness Manages and Organizes Information Security Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religions; spiritual; community; student; social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. Note: A full year of work is considered to be 35-40 hours of work per week. Part-time experience will be credited on the basis of time actually spent in appropriate activities. Applicants wishing to receive credit for such experience must indicate clearly the nature of their duties and responsibilities in each position and the number of hours a week spent in such employment. Physical Requirements: The work is primarily sedentary. There will be episodes of moderate lifting or prolonged periods of standing and bending in searching various files. There is lifting and carrying of such items as record boxes and bulky files. The work involves considerable walking, standing and bending conducting rounds, auditing and providing training to both on-site and off-site personnel. There is also occasional lifting and carrying of such items as boxes and files, weighing up to 30 pounds. The work may be performed in an office setting with adequate light, heat, air conditioning and ventilation. Traveling off-station to VA outpatient clinics, contracted community-based clinics, business associate offices and between campuses to provide training and attend/conduct meetings is necessary. May require occasional travel. For more information on these qualification standards, please visit the United States Office of Personnel Management's website at https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/.

Education

A transcript must be submitted with your application if you are basing all or part of your qualifications on education. Note: Only education or degrees recognized by the U.S. Department of Education from accredited colleges, universities, schools, or institutions may be used to qualify for Federal employment. You can verify your education here: http://ope.ed.gov/accreditation/. If you are using foreign education to meet qualification requirements, you must send a Certificate of Foreign Equivalency with your transcript in order to receive credit for that education. For further information, visit: https://sites.ed.gov/international/recognition-of-foreign-qualifications/.

The Challenge

The Principal Consultant – Solution Lead role is a critical component of the OneTrust delivery architecture. Following the sales process, consultants become the primary customer contact responsible for building and maintaining the relationship, leading the implementation of the solution, and managing customer expectations throughout the engagement.

As a Principal Consultant – Solution Lead, individuals are expected to lead complex customer implementations while acting as trusted advisors across their assigned clouds or solution areas. This role requires balancing deep, hands-on delivery expertise with strategic guidance to ensure customers successfully adopt, realize value from, and scale OneTrust solutions.

Principal Consultants must be able to independently lead sophisticated engagements, influence customer decision-making, and elevate delivery quality across projects, while still maintaining direct accountability for the successful execution of implementations.

Your Mission

As a Principal Consultant – Solution Lead, you will be one of the most experienced and trusted consultants within Professional Services, responsible for leading solution design, ensuring delivery integrity, and driving customer value across complex implementations. This role is both strategic and hands-on, acting as a trusted advisor to customers and internal teams while guiding solution direction across engagements.

The Principal Consultant – Solution Lead brings deep functional and regulatory expertise to guide solution design, apply industry best practices, and drive successful customer outcomes. They stay current with industry trends, the competitive landscape, and evolving customer needs, contributing insights that help shape delivery approaches and the direction of the OneTrust platform.

You will work closely with Delivery Managers, Project Managers, and CX teams to ensure implementations are aligned to customer outcomes, industry best practices, and the long-term value of the OneTrust platform.

• Lead solution design and architecture for complex OneTrust implementations, ensuring alignment with customer business outcomes, industry best practices, and platform capabilities.

• Act as the solution authority across engagements, guiding functional and technical teams to ensure consistent, high-quality delivery.

• Build trusted relationships with strategic customers and act as a senior advisor throughout the implementation lifecycle.

• Analyse customer business processes and provide strategic recommendations and best practices to optimise the use of the OneTrust platform.

• Monitor and guide customer adoption and platform usage to ensure implementations deliver long-term value and align with customer goals.

• Partner closely with Delivery Managers and Project Managers to proactively manage solution risks, dependencies, and escalations.

• Act as the primary solution escalation point for complex implementation challenges, driving resolution and maintaining delivery integrity.

• Collaborate with CX Sales, Professional Services, and Customer Success to support solution scoping, implementation strategy, and successful customer transitions.

• Represent the voice of the customer internally, partnering with Product Management and Engineering to influence platform direction based on customer insights, industry trends, and regulatory developments.

• Serve as a thought leader and mentor, contributing to delivery methodologies, coaching consultants, and supporting the development of emerging solution experts.

What Success Looks Like

• Customer consistently achieve successful outcomes and strong adoption of OneTrust solutions.

• Complex projects are delivered with minimal escalation and high confidence from stakeholders.

• Other consultants rely on you for guidance on complex design or delivery challenges.

• Implementation quality and consistency improve as a result of your contributions.

You Are

You are great at building relationships across stakeholders in marketing, sales, and engineering and have genuine enthusiasm about working directly with customers and learning more about Data Privacy, Security and Governance. You are willing to get hands on with SAAS solutions and become skilled in implementation and balance customer priorities across several accounts.

Your experience Includes:

• BA/BSc in Business, Engineering or related subject

• 8+ years' experience in client-facing Professional Services role in a SaaS environment.

• Proven track record of successful delivery of enterprise IT projects as an individual contributor or team lead

• Proven ability to engage across corporate functions (Professional Services, and Product Management)

• Experience planning, organizing, directing, and evaluating implementation of SaaS systems; preferably in a Data Privacy Compliance or other enterprise software professional services environment.

• Excellent verbal and written communication skills, including the ability to chair meetings or host webinars

• Direct experience implementing and supporting large enterprise solutions.

• Relationship management and customer management expertise

• Willingness to travel, as job requires (Estimated 10-20%)

• Well-developed strategic thinking, problem-solving, and decision-making capabilities

• Experience contributing to methodology development, delivery standards, enablement programs, or thought leadership initiatives.

Extra Awesome

• Industry-recognized certifications such as:

• CIPP/E, CIPP/US, CIPM, FIP

• AIGP

• CISA, CRISC, GRCP

• Other relevant privacy, security, risk, governance, or compliance certifications.

• Recognized internally or externally as a subject-matter expert in implementation strategy or a specific regulator or product domain.

• History of mentoring consultants and shaping delivery quality without formal people management responsibility.

• Experience influencing product roadmap, services packaging, or go-to-market strategy through customer and delivery insights.

The Challenge

As an Implementation Consultant, you will handle the overall responsibility for the customer relationship by working directly with our customers to enhance their overall user experience with the OneTrust Privacy and Data Governance platform. Following the sales process, consultants become the primary customer contact responsible for building and maintain the relationship, leading the implementation of the solution, and managing customer expectations throughout the engagements.

Your Mission

The Implementation Consultant has a clear understanding of the privacy industry, including regulatory environment, and uses this knowledge to support all the primary responsibilities. To thrive in this role, the Implementation Consultant will keep up with industry trends, competitive landscape and customer needs for the purpose of being active and vocal in making decisions about the direction of the platform.

As an Implementation Consultant, you will:

• Oversee the functional implementation and platform adoption for all customer implementations

• Support customers and ensure they receive exceptional services throughout the implementation process

• Establish yourself as a trusted adviser to ensure customer’s overall satisfaction with our platform

• Understand overall business needs of the customer as they relate to the OneTrust product.

• Monitor and analyze the customer’s adoption of our solution features and functionality to align with business needs and leadership with an understanding of their overall business needs as they relate to our products

• Be the customer advocate. Work closely with product and software engineering teams to represent customer issues and build out ideas and concepts highlighted during implementation to steer the OneTrust roadmap

• Consult on both system and regulatory best practices, mentoring other junior colleagues, to advise customers on optimization of privacy, security, and governance programs. · Leverage customer relationships as needed for prospect references

• Work on internal team initiatives

What Success Looks Like

• Customer consistently achieve successful outcomes and strong adoption of OneTrust solutions.

• Projects are delivered with minimal escalation and high confidence from stakeholders.

• Implementation quality and consistency improve as a result of your contributions.

You Are

You are great at building relationships across stakeholders in marketing, sales, and engineering and have genuine enthusiasm about working directly with customers and learning more about Data Privacy, Security and Governance. You are willing to get hands on SAAS solutions and become skilled in implementation and balance customer priorities across several accounts.

Your Experience Includes:

• Bachelor's in Business, Industrial Engineering, Systems Engineering or related field 

• 1-3 years of relevant experience in software development, professional services, solution engineering, technical consulting; with expertise in architecting and rolling out new technology and solution initiatives

• Effective customer-facing communication skills. Proven success in and genuine enthusiasm for working directly with customers

• Proven ability to engage across corporate functions (Professional Services and Product Management)

• Practical experience in troubleshooting software and web services

• Strong entrepreneurial skills to excel in a complex and rapidly evolving environment

• Willingness to travel, as job requires (Estimated 10-20%)

Extra Impressive

• Industry-recognized certifications such as:

• CIPP/E, CIPP/US, CIPM, FIP

• AIGP

• CISA, CRISC, GRCP

• Other relevant privacy, security, risk, governance, or compliance certifications.

PM Data Protection

Location: Chennai

Years of Exp : 9.1-12 years

About Us

“Capco, a Wipro company, is a global technology and management consulting firm. Awarded with Consultancy of the year in the British Bank Award and has been ranked Top 100 Best Companies for Women in India 2022 by Avtar & Seramount. With our presence across 32 cities across globe, we support 100+ clients across banking, financial and Energy sectors. We are recognized for our deep transformation execution and delivery.

WHY JOIN CAPCO?

You will work on engaging projects with the largest international and local banks, insurance companies, payment service providers and other key players in the industry. The projects that will transform the financial services industry.

MAKE AN IMPACT

Innovative th:inking, delivery excellence and thought leadership to help our clients transform their business. Together with our clients and industry partners, we deliver disruptive work that is changing energy and financial services.

#BEYOURSELFATWORK

Capco has a tolerant, open culture that values diversity, inclusivity, and creativity.

CAREER ADVANCEMENT

With no forced hierarchy at Capco, everyone has the opportunity to grow as we grow, taking their career into their own hands.

DIVERSITY & INCLUSION

We believe that diversity of people and perspective gives us a competitive advantage.

MAKE AN IMPACT

Job Title: PM Data Protection

Experience :: 9.1 - 12 years

Job Location: Chennai

Position Purpose: Within our new program “WITT - Data Migration”, we are looking for a Project Manager being able to support Data Stream lead. Main deliveries expected for this PM will be to:

• Understand E2E Data Protection topics

• Coordinate Project Committee with all stakeholders

• Define Global Multi-sites roadmap on Data Protection

• Prepare synthetic and qualitative KPI allowing management to follow-up

• Prepare Steering Committee

Responsibilities Direct Responsibilities

• Define Global Multi-Sites roadmap on Data Protection

• Coordinate all actions within WMIS

• Prepare and animate Project Committee

• Prepare deck for Steering Committee Contributing Responsibilities

• Being able to contribute in “awareness” session around Client Data Protection

• Facilitate WMIS coordination Technical & Behavioral Competencies Technical and functional Data protection experiences

Technical Skills:

o Experience in data protection laws and regulations: Familiarity with laws like GDPR, CCPA, and HIPAA.

o Proficiency in data management systems and tools.

o Skills in planning, executing, and managing projects related to data protection.

o Certifications such as CIPP, CIPM, and CISSP

Behavioral Skills:

o Organizational skills

o Communication skills - oral & written

o Critical thinking

o Ability to synthetize / simplify Transversal Skills:

o Ability to manage a project

o Ability to manage a project

o Ability to develop and leverage networks

o Ability to manage / facilitate a meeting, seminar, committee, training… o can enhance a Data Protection Manager's qualifications and expertise.

Education Level: Master Degree or equivalent Having a background on Data Security will be an added value.

Experience Level : At least 10 years Location: Chennai

What You’ll Do

• Technical AI governance and assurance
• Operationalise AI governance requirements across the full AI lifecycle, from ideation and use-case approval through development, validation, deployment, monitoring, change management, and retirement.
• Review AI and ML systems at a technical level, including model design, feature pipelines, training approaches, validation methods, deployment architecture, monitoring controls, and human oversight mechanisms.
• Translate technical system characteristics into clear governance, risk, and regulatory positions, including mapping to requirements under the EU AI Act, GDPR, LGPD and other relevant frameworks.
• Conduct risk assessments and assurance reviews of AI systems, including risks relating to bias, explainability, privacy, robustness, model drift, misuse, human oversight, transparency, and customer impact.
• Assess whether AI systems have the right documentation, controls, and evidence to support internal governance, regulatory scrutiny, and audit.
• Governance implementation
• Embed governance checkpoints, review criteria, and control requirements into product, engineering, and model development workflows.
• Design and maintain practical governance artefacts such as AI inventories, use-case classification approaches, risk assessment templates, control libraries, testing standards, and review rubrics.
• Define minimum evidence requirements for AI systems, including documentation of intended purpose, system design, data lineage, validation, performance metrics, limitations, human oversight, and post deployment monitoring.
• Audit, compliance, and regulatory readiness
• Perform technical governance reviews and audits of AI systems and supporting processes.
• Test the design and operating effectiveness of AI-related controls and identify remediation actions where gaps exist.
• Produce structured findings, risk opinions, and assurance reports for technical and non-technical stakeholders.
• Support audit and regulatory readiness by building defensible compliance narratives and evidence packs.
• Escalate material issues, control weaknesses, or ethical concerns and track remediation through to closure.
• Monitoring and reporting
• Help define and track meaningful AI governance, risk, and assurance metrics.
• Develop dashboards and reporting views that provide visibility of AI use cases, risk status, control coverage, review outcomes, incidents, and remediation progress.
• Oversee or challenge post-deployment monitoring for model performance, fairness, stability, drift, and adverse customer or business outcomes.
• Business partnership and capability building
• Work directly with data scientists, ML engineers, product teams, and business owners to help them build compliant and trustworthy AI systems without slowing innovation unnecessarily.
• Build organisational capability by translating regulatory and governance expectations into practical guidance, playbooks, and training.
• Keep stakeholders informed on emerging AI regulatory developments, assurance techniques, and good practice.

What We’re Looking For

• Extensive of experience across AI/ML, model risk, technical assurance, or technical AI governance, with a meaningful part of that experience in a regulated environment.
• Preferred prior background as an ML engineer, data scientist, model validator, AI architect, or similar technical role, with subsequent and/or experience in AI governance,
• AI assurance, model risk, or regulatory delivery.
• Experience conducting deep reviews of AI/ML systems beyond policy conformance, including assessment of model design, validation, monitoring, and operational controls.
• Experience translating technical AI concepts into regulatory, risk, audit, or compliance language for senior stakeholders.
• Experience implementing governance processes, controls, and assurance mechanisms in real delivery environments, not just designing high-level frameworks.
• Strong working knowledge of several of the following: EU AI Act, GDPR/LGPD and automated decision-making / profiling considerations, ISO/IEC 42001, ISO/IEC 23894,
• NIST AI RMF, OECD or other leading responsible AI frameworks, sector or market expectations relevant to gambling, customer protection, and technology risk
• Strong understanding of how AI and ML systems are built, evaluated, deployed, and monitored in production.
• Ability to interpret model and system documentation, architecture diagrams, data flows, validation results, and monitoring outputs.
• Familiarity with common ML approaches, LLM / generative AI patterns, model lifecycle tooling, and data/ML platforms.
• Familiarity with cloud-based AI environments such as AWS, Azure, or GCP.
• Stakeholder and delivery skills
• Able to work across technical, product, risk, legal, cybersecurity, and operational teams with credibility.
• Strong written skills, including the ability to produce clear review reports, risk assessments, control evaluations, and executive-ready summaries.
• Comfortable leading workshops, challenging constructively, and driving remediation.
• Able to operate with autonomy and create structure where none exists.
• Strong judgement, pragmatism, and attention to evidence.

Scopely is looking for a Senior Security Compliance Engineer to join our Information Security team in Barcelona on a hybrid basis working 2 days a week from the hub.

At Scopely, we care deeply about what we do and want to inspire play, every day - whether in our work environments alongside our talented colleagues, or through our deep connections with our communities of players. We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people around the world daily.

The IT/Ops team keeps everything behind the scenes running smoothly and we make sure all teams are equipped and connected - whether across the office or halfway around the world. AV struggles? Don’t worry, we’ve got this.

What You Will Do

In this role, you will help design, build, and scale privacy-aware and compliance systems across a global technology organization. You will combine technical execution with a strong understanding of privacy and regulatory requirements to build practical, reliable solutions that support both the business and our players.

You will work closely with cross-functional partners across Security, Legal, Engineering, Product, and Player Experience to embed privacy by design into systems, services, and workflows. This is an exciting opportunity for someone who enjoys solving complex problems, building automation, and turning privacy requirements into scalable engineering solutions.

• Embed privacy by design into product, platform, and operational workflows
• Design, build, and improve privacy engineering capabilities that support data subject rights requests, data lifecycle management, and regulatory compliance
• Translate legal and regulatory requirements into technical requirements, engineering patterns, and actionable implementation guidance
• Build and maintain tools, services, and automations in Python to support privacy and compliance operations
• Support workflow orchestration and automation using Temporal or similar platforms
• Work in AWS and similar environments to operate secure, scalable, and reliable privacy-related systems and integrations
• Write and deploy SQL to archive or purge data, and to locate, review, and document data for privacy requirements
• Partner with engineers and architects to implement data solutions that enable the business while protecting sensitive data
• Conduct privacy assessments, identify risks, and help drive mitigation efforts through tools, training, and guidance
• Review new systems, features, and data flows for privacy impact, and partner with teams to design technical controls that reduce privacy risk
• Partner with product and engineering teams to design privacy-preserving solutions, including controls for data minimization, retention, deletion, and access
• Manage projects and enhancements from requirements gathering through delivery and stakeholder communication
• Improve documentation, reporting, evidence collection, and operational processes that support broader compliance efforts
• Identify opportunities to reduce manual work, improve data quality, and strengthen consistency through automation

What We’re Looking For

• 5+ years of experience in information security, privacy, compliance, or a related technical role
• Hands-on experience building or maintaining solutions in Python
• Strong background in software engineering, backend systems, security, data engineering, or data architecture
• Experience with AWS and cloud-based architectures
• Experience with Temporal or similar workflow orchestration tools
• Working knowledge of APIs, JSON, SQL, and related technical tooling
• Strong understanding of privacy engineering principles, privacy by design, and technical implementation of data subject rights and data lifecycle controls
• Working knowledge of privacy regulations such as GDPR
• Familiarity with security and compliance frameworks such as ISO 27001, NIST, or COBIT.
• Experience working cross-functionally with Legal, Security, Product, and Engineering teams
• Strong communication skills, including the ability to explain technical concepts to non-technical audiences
• Strong organisational skills and the ability to manage multiple priorities in a fast-paced, global environment
• Excellent analytical, problem-solving, and collaboration skills
• Experience leveraging or building AI-enabled tools to enhance GRC processes, including developing AI assistants or automation workflows to improve regulatory monitoring, documentation, and control oversight
• Ability to navigate ambiguity, balance risk, and quickly learn new technologies
• Experience working with data systems and large datasets, including understanding data flows, retention, deletion, and access patterns

Bonus Points

• Experience with DSR, DSAR, or privacy operations platforms
• Graduate-level study in privacy engineering
• Experience in gaming, entertainment, or another consumer technology environment
• Experience working with internationally distributed teams
• Certifications such as CIPT, CIPP, CIPM, CISSP, CISA, CRISC, or FAIR

At Scopely, we create games for everyone - and want to ensure that the people behind our games reflect that! We are committed to creating a diverse, supportive work environment where everyone is treated with respect. We are committed to providing equal employment opportunities and welcome individuals from all backgrounds to join us & embrace the adventure!

Employment at Scopely is based solely on a person's merit and qualifications. Scopely does not discriminate against any employee or applicant because of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), or any other basis protected by law. We also consider qualified applicants with arrest or conviction records, consistent with applicable federal, state and local law.

What You'll Do

• Resolve complex member requests related to account access, identity updates, and data rights, ensuring compliance with global privacy regulations such as GDPR and other regional frameworks.
• Assess identity verification and account integrity concerns using established decision trees and standard operating procedures, taking ownership of cases from intake through resolution.
• Use case management systems and AI-supported tools to triage, investigate, and document cases efficiently while maintaining accuracy and audit-ready records.
• Identify high-risk, ambiguous, or sensitive cases and escalate appropriately using defined risk frameworks, demonstrating Courage and sound judgment.
• Maintain service level agreements (SLAs) while balancing empathy and policy adherence to protect both members and the business.
• Contribute to quality improvement by incorporating feedback from audits and coaching, reducing rework and strengthening first-time-right resolution.
• Surface trends, recurring issues, or potential policy gaps to Supervisors, helping the team see things through from insight to impact.
• Collaborate cross-functionally with Trust & Safety, Legal, and Operations partners, taking ownership of outcomes and adapting with an agile mindset as policies evolve.

About You

• Typically requires 2–4 years of experience, though we welcome candidates with alternative backgrounds that demonstrate equivalent skills.
• Experience in customer support, compliance operations, Trust & Safety, or environments involving sensitive data handling.
• Working knowledge of privacy and data protection principles (e.g., GDPR or similar regulatory frameworks) and comfort applying structured policies to real-world scenarios.
• Strong attention to detail with the ability to manage multiple cases in a fast-paced, SLA-driven environment while maintaining high quality standards.
• Confident using case management systems, internal operational tools, and AI-enabled workflows to support accuracy and efficiency.
• Demonstrates Respect and Excellence by balancing empathy for members with consistent policy adherence.
• Comfortable escalating when something feels unclear or high-risk, showing sound judgment and ownership.
• Curious and growth-oriented, actively incorporating feedback, collaborating with purpose, and adapting processes with an agile mindset as tools and policies evolve.

THE ROLE

As the Senior Manager of Product Management for Data Protection, you will lead the strategic direction, operational execution, and team leadership for Everpure's mission-critical data resilience portfolio. Operating at the intersection of enterprise storage, cybersecurity, and cloud operations, you will manage a high-performing team and high-impact work plans that ensure our global customers' data remains resilient against evolving cyber threats. By orchestrating strategic collaboration across Engineering, the CTO office, and GTM teams, you will move beyond simple backup to establish Everpure as the undisputed leader in enterprise business continuity.

WHAT YOU'LL DO

• Direct the Data Resilience Roadmap: Establish and execute operational objectives for the Data Protection portfolio, prioritizing high-impact security features, automated recovery, and cloud-native integrations that drive distinct market advantages.

• Lead Category-Level Execution: Direct the complete product lifecycle from ideation to scale across multiple teams, establishing clear KPIs for recovery time objectives (RTO), recovery point objectives (RPO), and product adoption.

• Build and Coach a High-Performing Team: Actively manage and mentor a team of product managers, providing direction, clear development goals, and evaluation criteria to drive exceptional organizational outcomes.

• Champion GTM & Field Readiness: Partner closely with Sales, Field Enablement, and Marketing to develop competitive positioning, ensuring global field organizations are fully equipped to showcase our security differentiation.

• Synthesize Market & Threat Intelligence: Serve as the strategic voice of the customer, translating evolving cyber threat vectors and compliance requirements into actionable product priorities and long-term business strategy.

WHAT YOU BRING

• Strategic Domain Expertise: Advanced technical understanding of backup architecture, enterprise storage, disaster recovery, and data security standards, combined with the ability to translate organizational objectives into successful product strategies.

• People & Operational Leadership: Proven ability to manage, coach, and develop professional/technical employees, direct the activities of multiple sections or departments, and make data-informed trade-offs regarding costs and staffing.

• Executive Influence: Exceptional communication skills with a track record of regularly interacting with senior management and executive levels to gain acceptance in sensitive situations.

• Complex Problem Solving: Strong analytical abilities used to evaluate market trends and translate customer workflows into precise, outcome-oriented technical requirements.

• Location: We are primarily an in-office environment and therefore, you will be expected to work from the Santa Clara, CA office in compliance with Everpure’s policies, unless you are on PTO, or work travel, or other approved leave.

#LI-ONSITE #LI-BL1

THE ROLE

As the Sr. Product Manager for Data Protection, you will be the strategic architect of our mission-critical data resilience portfolio. You will sit at the high-stakes intersection of enterprise storage, cybersecurity, and cloud operations, designing solutions that ensure our global customers’ data is instantly available and resilient against modern cyber threats. Collaborating deeply with Engineering, the CTO office, and GTM teams, you won't just manage backup features—you will define how organizations survive and recover from sophisticated ransomware and security events.

WHAT YOU'LL DO

• Architect the Data Resilience Roadmap: Define and execute a technical roadmap for data protection, prioritizing high-impact security features, automated recovery, and cloud-native integrations that create distinct market advantages.

• Drive Category-Level Outcomes: Own the complete product lifecycle from ideation to launch, establishing clear KPIs for recovery time objectives (RTO), recovery point objectives (RPO), and feature adoption to ensure maximum business impact.

• Bridge the Gap from Build to Buy: Partner closely with Sales, Field Enablement, and Marketing to develop competitive positioning, ensuring our global field organizations are fully equipped to position our security differentiation.

• Synthesize Market & Threat Intelligence: Serve as the voice of the customer and security practitioner, translating evolving cyber threat vectors and compliance requirements into clear, actionable development priorities.

WHAT YOU BRING

• Data Protection & Security Domain Mastery: Deep technical understanding of backup architecture, enterprise storage, disaster recovery, and data security standards.

• Strategic Lifecycle Ownership: Proven experience guiding complex, multi-platform products from initial concept through successful delivery, with the professional maturity to make data-informed trade-offs between speed, scalability, and technical feasibility.

• Cross-Functional Influence: Exceptional communication skills with a track record of driving alignment across Engineering, Product Marketing, and executive stakeholders to champion product vision.

• Analytical Problem Solving: Strong analytical abilities used to evaluate market trends and translate customer workflows into precise, outcome-oriented technical requirements.

• Location: We are primarily an in-office environment and therefore, you will be expected to work from the Santa Clara, CA office in compliance with Everpure's policies, unless you are on PTO, or work travel, or other approved leave.

#LI-ONSITE #LI-BL1

About the role

Anthropic's Integrity & Compliance (I&C) function is building the systems that let us scale responsibly as our products reach more people, more enterprises, and more regulated industries. Our global compliance program is bespoke, reflecting our unique mission and position as one of the leading AI labs operating on the frontier.

Within Integrity & Compliance, the Privacy Programs pillar owns how we operationalize privacy across the company — from how we handle personal data in our products and research, to how we meet our obligations under the GDPR, CCPA, and the growing patchwork of global privacy law. We work closely with our Privacy Legal team on all privacy related matters.

We're hiring a Privacy Governance Lead to own the governance backbone of that work. You'll set the strategy for how privacy governance operates at Anthropic, define the policies and controls that translate privacy principles into operating practice, and help manage the relationship with internal and external stakeholders who depend on that framework holding up under scrutiny.

This is a foundational role with significant scope. You'll be shaping a privacy governance function from a relatively early stage, with the autonomy to set the standard and the mandate to drive cross-functional change. You'll partner closely with Privacy Legal, Security, Product, Research, and the wider I&C team, and you'll contribute directly to reporting that reaches the Audit Committee and boards. You'll report to the Head of Integrity & Compliance.

Key responsibilities

• Set the strategy and roadmap for Anthropic's privacy governance framework, including the policies, standards, and internal controls that map to GDPR, CCPA/CPRA, and other applicable global privacy regimes

• Own the privacy documentation lifecycle end-to-end — Data Protection Impact Assessments, Records of Processing, Transfer Impact Assessments, and other accountability artifacts — including the methodology, the tooling, and the quality bar

• Establish governance forums and approval workflows for privacy-significant product, research, and vendor decisions, and chair the forums where novel or high-risk questions are resolved

• Own the privacy controls testing program: define what "good" looks like, set the testing cadence, and present results to the Head of Integrity & Compliance and other leadership forums

• Partner with Privacy Legal to anticipate emerging privacy law and translate new obligations into concrete control changes ahead of enforcement

• In partnership with Legal, co-lead privacy regulator engagement on governance matters, including responses to inquiries, audits, and complaints

• Oversee the management of inputs for regulatory responses with the Privacy Program pillar

• Drive privacy training and awareness strategy for engineering, product, research, and go-to-market teams, calibrated to the actual decisions those teams make

• Represent the privacy governance function in Internal Audit reporting, and in cross-functional risk and compliance forums

• Build and develop the privacy governance team over time

Minimum qualifications

• Deep working knowledge of GDPR and at least one major US state privacy regime (CCPA/CPRA, or equivalent), including how their requirements translate into operational controls at scale

• Demonstrated track record building, scaling, or transforming a privacy governance program end-to-end — policies, DPIAs, ROPAs, controls libraries, governance forums, and the operating model that supports them

• Strong written communication, with the ability to produce clear policies, board-ready reporting, and practical guidance that engineering and product teams will actually use

• Comfort owning hard cross-functional decisions and operating across legal, technical, and operational boundaries

• A privacy certification such as CIPP/E, CIPP/US, or CIPM, or equivalent demonstrated expertise

Preferred qualifications

• Senior privacy governance leadership experience at a technology company operating under multiple privacy regimes simultaneously, ideally including one with novel data processing (AI/ML, large-scale platforms, or similar)

• Direct experience engaging privacy regulators, particularly EU data protection authorities or the Irish DPC, on governance matters such as inquiries, audits, or complaints

• Familiarity with AI-specific privacy considerations: training data governance, model memorization, output filtering, and the intersection with emerging AI regulation

• Experience standing up governance functions in a high-growth environment, including building from a blank page

• Demonstrated experience presenting to Audit Committees, boards, or equivalent senior governance bodies on privacy matters

• Background that bridges privacy and broader compliance disciplines (security, regulatory, ABAC, enterprise risk management)

Role-specific policy: For this role, we expect staff to be able to work from either our Washington, DC, San Francisco, or New York City office at least 3 days a week, though we encourage you to apply even if you might need some flexibility for an interim period of time.