TRU is representing a bleeding edge, high-growth tech org, seeking a Privacy Attorney to support a wide range of global privacy matters. This role requires someone agile and hands-on, comfortable owning everything from DPA reviews to broader advisory work across the privacy spectrum. The ideal candidate has experience working across both large and smaller companies, with a strong preference for those who have supported pre-IPO environments. Candidates must be licensed to practice law and can be based anywhere in Europe, with a strong preference for those located in Dublin, London, or Poland - however this role is remote.
What You’ll Do:
- Data Privacy & Operations: Designs, implements, maintains, and continuously scales a pragmatic, business-oriented global data privacy program to ensure compliance with a multitude of worldwide regulations across our operations in ~30 countries
- Commercial & Legal Partnership: Takes the lead in reviewing, drafting, and negotiating Data Processing Agreements (DPAs) and other privacy and security-related contractual clauses with our partners, vendors, and corporate customers
- Incident Response: Coordinates the Legal & Compliance response to any data privacy or security incidents (including investigation, remediation, and communication)
- AI Governance: Maintains line of sight on rapidly emerging AI laws and regulations to ensure ethical and responsible development and deployment of AI and machine learning models for ensuring fairness, transparency, and accountability
- Privacy by Design: Partners closely with our Engineering, Product, and Operations teams to integrate privacy-by-design and security-by-design principles into the entire product development lifecycle
- The legal qualifications necessary to serve as an in-house data privacy counsel
- Extensive experience working at the intersection of data privacy, security and governance (ideally with significant time spent as the only “privacy person”)
- Demonstrated ability to build compliant privacy programs in a risk-based way
- An understanding that in-house advice has to be sensible, defensible and actionable
- An unusually high tolerance for ambiguity, flexibility and the ability to thrive in a high velocity environment while working remotely with minimal oversight or supervision
- A remarkably strong ability to work collaboratively with legal colleagues and business, security, and engineering partners to ensure that our business practices adhere to privacy laws and regulations globally
- Deep familiarity with global data protection laws (GDPR, CCPA, etc.), cybersecurity frameworks (NIST, ISO 27001, etc.), and the evolving landscape of AI governance
- Strong communication skills (we love undercover privacy nerds who don’t sound like one outside of privacy conferences like IAPP’s Global Summit)
- Residence in the EMEA region, with a strong preference for UK-based residency
- Experience in the mobility, transportation, or IoT industries
- Professional certifications such as CIPP/E, AIGP, etc.
- Have done something interesting with AI
- Fluency in multiple languages