Source Job

$232,320–$303,600/yr
US Unlimited PTO

  • Manage Omada’s HIPAA privacy program, including policy development, incident investigations, and breach response.
  • Drive privacy-by-design across digital products, embedding privacy into development and clinical operations.
  • Provide expert guidance on consumer privacy compliance, AI governance, and interoperability frameworks.

HIPAA Privacy Law AI Governance Compliance Data Governance

20 jobs similar to Director, Privacy Counsel

Jobs ranked by similarity.

India Unlimited PTO

  • Lead delivery of DPIAs, ROPA build-outs, and privacy program gap assessments for global clients.
  • Serve as internal authority on evolving privacy regulations including GDPR, India's DPDP Act, and EU AI Act.
  • Build reusable IP such as DPIA templates, AI governance frameworks, and compliance playbooks.

Sprinto is an Autonomous Trust Platform that centralizes trust requirements across security frameworks, vendors, and customers. Backed by top-tier investors like Accel and Elevation, it is trusted by over 3,000 organizations and fosters a culture of ownership and collaboration.

$146,000–$225,000/yr
US

  • Support oversight of the existing Privacy compliance program across jurisdictions, with primary focus on U.S. requirements and alignment to global privacy obligations.
  • Translate Legal guidance and regulatory requirements into policies, standards, and control expectations for first-line teams.
  • Provide independent oversight and effective challenge of first-line privacy control environments, including review of control design and identification of gaps.

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. They are a remote-first company with competitive benefits including health care coverage, flexible spending wallets, and stock purchase plans.

$150,000–$225,000/yr
US Unlimited PTO 12w maternity 12w paternity

  • Advise on AI governance, privacy, and security law as the legal lead for Proof's privacy and AI framework.
  • Partner with product, engineering, and go-to-market teams to operationalize privacy across identity data, biometrics, and notarizations.
  • Manage breach response, vendor security, and regulatory inquiries with a business-minded approach.

Proof is the world's first identity-assured transaction management platform, digitizing trust for critical transactions. Developed by the same team behind Notariz℠, it has executed first digital real estate closings, mortgages, and auto sales, with a focus on security and compliance.

Canada Unlimited PTO

  • Manage multi-jurisdictional compliance execution including HIPAA, GDPR, PIPEDA, and emerging privacy laws.
  • Lead IT operations and service delivery including user onboarding, device management, and identity & access management.
  • Drive vendor risk management and BAA/DPA lifecycle, ensuring breach notification timelines and data deletion commitments.

Practice Better is an all-in-one platform helping health and wellness practitioners run their businesses and scale their impact. We are a remote-first team headquartered in Toronto, made up of curious, driven, and empathetic people, trusted by thousands of practitioners worldwide.

US

  • Coordinates and administers privacy and compliance programs to ensure adherence to regulatory requirements.
  • Partners with internal teams to interpret requirements, implement compliant solutions, and monitor activities.
  • Develops policies, tracks corrective actions, and supports audits to maintain program effectiveness.

Capital Blue Cross is a health insurance company that improves the health and well-being of members and communities. It is an independent licensee of the Blue Cross Blue Shield Association and has been voted a 'Best Place to Work in PA' by employees.

$147,800–$164,000/yr
Global 18w maternity 16w paternity

  • Serve as a primary compliance resource embedded in the Alma-to-Spring Health integration, mapping control environments and building a unified compliance organization.
  • Own and lead enterprise-level compliance programs including SOC 2 Type II, HITRUST, HIPAA, GDPR, ISO 27001, ISO 42001, and ITGC-SOX.
  • Develop and operationalize Spring Health's AI governance program, including policies, risk frameworks, and AI-specific compliance documentation.

Spring Health is a global mental health company on a mission to eliminate every barrier to mental health. With outcomes independently validated by JAMA Network Open, Spring Health reaches more than 170 million people worldwide through leading employers, health plans, and partners.

US

  • Manage and enhance the enterprise privacy program and day-to-day privacy operations across FUJIFILM Holdings America Corporation and its subsidiaries.
  • Act as a key subject matter expert on data privacy laws including U.S. state, Canadian, HIPAA, and marketing privacy regulations.
  • Collaborate with cross-functional teams to integrate privacy by design, support incident response, and develop privacy training initiatives.

FUJIFILM Holdings America Corporation is redefining innovation across healthcare, photography, semiconductors, and data storage with 23 affiliate businesses in the Americas. Headquartered in Valhalla, New York, and part of Fujifilm's global group of over 70,000 employees, the company fosters a dynamic, mission-driven culture focused on giving the world more smiles.

Canada Unlimited PTO

  • Lead and evolve information security, IT operations, and compliance programs to protect sensitive data and support growth.
  • Manage compliance initiatives across HIPAA, GDPR, PIPEDA, and other regulatory frameworks.
  • Drive security maturity, including SOC 2 and ISO 27001 readiness, and vendor risk management.

Partner company is a healthcare technology organization focused on improving healthcare outcomes. The company is remote-first and growing, with a mission-driven culture.

US

  • Serve as an IS&T Program Expert and Accreditor, evaluating security and technology systems across the federation and conducting PCI DSS compliance activities.
  • Conduct risk assessments and technical analyses to identify non-compliance with NIST CSF and HIPAA Security, and manage corrective actions.
  • Communicate professionally with technical and non-technical stakeholders to ensure timely project management and education on compliance requirements.

Planned Parenthood is the nation's leading provider and advocate of high-quality, affordable sexual and reproductive health care, and the largest provider of sex education. PPFA is a 501(c)(3) supporting independently incorporated affiliates that operate non-profit health centers across the U.S., with a culture of fostering belonging and learning.

Netherlands

  • Provide expert guidance on privacy, AI governance, and data protection compliance across global initiatives.
  • Conduct privacy risk assessments and oversee cross-border data transfer mechanisms.
  • Advise on privacy-by-design principles and maintain privacy documentation including DPIAs and RoPAs.

Our partner is a fast-moving organization operating in a complex global data environment, focused on scalable cloud infrastructure and AI-driven solutions. They have an international, highly skilled work environment with a strong focus on learning and development.

$120,000–$160,000/yr
Canada

  • Draft, review, and negotiate commercial agreements including SaaS subscription agreements, MSAs, DPAs, and NDAs
  • Proactively identify legal, regulatory, and privacy risks before they escalate and recommend practical mitigation strategies
  • Serve as the organization's designated Privacy Officer and partner with Sales, Product, Engineering, and Finance teams

BIS Safety Software is a SaaS company on a mission to change how organizations manage safety, learning, and compliance. The company has been headquartered in Sherwood Park, Alberta since 2006, and offers an Employee Stock Ownership Plan (ESOP) with a culture of humility, ownership, and fast-moving integration.

$320,000–$320,000/yr
US

  • Serve as the primary legal advisor to the executive team and oversee all legal matters including regulatory and competition proceedings.
  • Manage and develop the legal team while personally owning significant commercial agreements and product launches.
  • Direct global privacy compliance and advise on employment, IP, and corporate governance matters.

DuckDuckGo is an online protection company on a mission to raise the standard of trust online. The remote-first team of 300+ has been profitable since 2014, with annual revenue over $100M.

$105,000–$148,000/yr
US

  • Conduct hands-on compliance audits of digital platforms against global privacy regulations such as GDPR, CCPA, and COPPA.
  • Design and execute independent audit methodologies to test user protections, content moderation, and data handling practices.
  • Present detailed findings and strategic recommendations to clients and their leadership through executive briefings.

Coalfire solves clients' hardest cybersecurity challenges through advisory, assessment, and automation. They are a team of passionate problem-solvers with offices across the US and UK.

$195,000–$215,000/yr
US Unlimited PTO

  • Provide practical legal guidance on product, privacy, AI, and consumer protection across product, sales, and engineering teams.
  • Draft, review, and negotiate commercial agreements including technology and data processing contracts.
  • Support strategic legal initiatives such as litigation, intellectual property, and regulatory matters.

Houzz is the leading platform for home remodeling and design, providing an all-in-one software solution for industry professionals and tools for homeowners. It is a community-centric, innovative tech company with a mission-driven culture rooted in core values.

North America South America

  • Draft, negotiate, and close enterprise SaaS/AI agreements and build contract templates and negotiation playbooks.
  • Own day-to-day privacy compliance and data governance strategy while managing vendor and partner agreements.
  • Serve as the embedded legal partner for Sales, Marketing, Product, Engineering, and Finance, identifying legal risks early in product development.

Canals builds software for wholesale distributors, helping them operate more efficiently through automation and AI. We're a profitable, rapidly growing company with a team of roughly 100 people distributed across North and South America, dedicated to hiring exceptional people and building great products.

United States

  • Draft, review, and negotiate a high volume of commercial agreements including client MSAs, SOWs, NDAs, vendor agreements, and DPAs.
  • Own legal operations across the group, including employment documentation, corporate compliance, and privacy programs.
  • Serve as the primary legal point person, partnering with sales, HR, and finance to support a growing business.

Red Antler Group is a connected ecosystem of creative companies that help ambitious brands grow, from emerging ventures to global leaders. The group includes Red Antler, Fat Earth, and WildFruit, working together to turn creativity into lasting impact for businesses at every stage.

$300,000–$425,000/yr
US 18w maternity 18w paternity

  • Act as a strategic legal advisor to executive leadership, proactively identifying risks and opportunities to support high-impact decisions.
  • Build and execute scalable compliance programs covering data privacy, trade compliance, AI governance, and ethics across a rapidly scaling company.
  • Lead and develop the in-house legal team, implementing scalable processes and metrics-driven practices to accelerate deals and reduce risk.

UpGuard builds the Cyber Risk Posture Management (CRPM) platform that integrates security ratings, threat intel, and agentic AI to help organizations manage cyber risk. With a Series C funding and a global team of around 200–600 employees, UpGuard emphasizes autonomy and scaling world-class technology in a fully remote, collaborative culture.

US

  • Lead global legal strategy for cybersecurity, data security, and privacy, integrating legal requirements into technical operations.
  • Manage incident response, providing strategic legal guidance to navigate complex security events.
  • Mentor a privacy team of four experienced lawyers, implementing Privacy/Security by Design across the platform.

Zscaler accelerates digital transformation, empowering customers to be more agile, efficient, resilient, and secure with its AI-forward, cloud-native Zero Trust Exchange platform. The company fosters a culture of execution, customer obsession, collaboration, and accountability, emphasizing impact over activity.

$130,000–$150,000/yr
US

  • Serve as a strategic legal advisor managing complex commercial negotiations in healthcare technology.
  • Draft, review, and negotiate SaaS, BAA, DPA, and vendor agreements.
  • Maintain working knowledge of HIPAA and data privacy laws to advise business negotiations.

We provide medical imaging solutions that streamline healthcare information flow. We have nearly 800 employees across four countries, empowering nearly 2,000 healthcare organizations worldwide.

US Unlimited PTO

  • Manage export compliance operations including restricted party screening and sanctions checks to ensure adherence to U.S. EAR and OFAC regulations.
  • Support global privacy operations by maintaining data processing agreements, SCCs, and privacy documentation.
  • Coordinate compliance evidence for customer diligence, audits, and certifications like SOC 2 and ISO 27001.

Horizon3.ai is a fast-growing cybersecurity company that helps organizations proactively find and fix exploitable attack vectors with its NodeZero platform. It is a remote team of former special operations cyber operators and startup engineers committed to a culture of respect, collaboration, ownership, and results.