Full Job Description
Join Anaplan's Privacy Legal Team as our new Privacy & AI Governance Counsel. We seek a candidate who can come into an Anaplan office on a hybrid schedule 2 days/week or work remotely in a location where Anaplan can do business.
Your Impact
• Draft, review, and negotiate data processing agreements (DPAs), Business Associate Agreements (BAAs), data-sharing agreements, AI-specific terms, and other commercial contracts with privacy and AI implications.
• Partner with Product and Engineering teams to assess risks associated with product offerings, including AI features. Lead Privacy by Design (PbD) processes, Privacy Impact Assessments (PIAs), Data Protection Impact Assessments (DPIAs), and AI Risk/Impact Assessments.
• Develop, maintain, and execute privacy and AI governance policies, standards, guidelines, system cards, playbooks, SOPs, and consent/authorization notices.
• Execute Cookie compliance, manage Records of Processing Activities (RoPAs), and handle Data Subject Access Requests (DSARs).
• Respond to customer inquiries and questionnaires regarding our privacy and AI practices.
• Translate complex legal and regulatory requirements into practical, actionable risk-mitigation advice for product, engineering, security, and internal business stakeholders.
• Maintain current knowledge of applicable federal, state, and international privacy laws. Monitor regulatory changes (including information privacy technologies) and communicate impacts on Anaplan's products, services, and business activities.
• Conduct periodic privacy maturity and regulatory compliance assessments. Interface with data protection authorities and works councils as needed to address regulatory issues or concerns.
Your Qualifications
• JD and/or LLM degree (or foreign equivalent) and an active license to practice law in at least one U.S. jurisdiction.
• 5+ years of legal experience specializing in Privacy and AI, ideally within a global SaaS or technology environment (law firm experience is also acceptable).
• In-depth understanding of global privacy laws and frameworks, including GDPR, CCPA/CPRA, emerging US state privacy laws, HIPAA, the EU AI Act, and the EU Data Act.
• Familiarity with control frameworks and standards, such as ISO (e.g., ISO 42001), NIST (e.g., NIST AI RMF), FedRAMP, and DORA.
• Active IAPP CIPP/E/US (required) and AIGP (preferred) certifications.
• Hands-on experience executing compliance programs using the OneTrust platform. Strong personal interest in technology, the internet, and digital innovation.
• Detail-oriented, proactive, and a hands-on self-starter. You possess strong problem-solving skills, the ability to coordinate across multiple time zones, and the determination to tackle tough challenges in a fast-paced environment-all while keeping a collaborative approach and a good sense of humor.
#LI-Remote