HackerOne

Privacy Counsel

HackerOne$160K — $190K *
Legal & Accounting
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Qualified lawyer (UK or EU) with a focus on GDPR and 5+ years of relevant experience.
  • Strong understanding of global privacy laws beyond EU/UK GDPR including US, Middle East, and Asia.
  • Expertise in drafting and negotiating data processing agreements for global operations.
  • Experienced with managing data breaches and conducting privacy audits.
  • Exceptional communicator skilled at simplifying complex legal concepts for broader audiences.
  • Depth of knowledge in AI technologies and their legal implications essential for privacy governance.
  • Proficient with privacy management systems; experience with OneTrust required.
  • Demonstrated ability to prioritize and work collaboratively in cross-functional teams.

Responsibilities

  • Apply an AI-First approach to enhance privacy research and drafting efficiency.
  • Adapt swiftly to changes in global privacy and AI regulations, providing timely guidance.
  • Utilize First Principles Problem Solving to address complex privacy issues clearly.
  • Conduct data protection impact assessments (DPIAs) and other structured risk reviews globally.
  • Engage in privacy-by-design by assessing product features and identifying risks early.
  • Draft and negotiate data processing agreements, privacy terms, and commercial contracts.
  • Design and deliver internal training on privacy governance and AI compliance.
  • Support privacy audits and ensure alignment on findings and remediation with all departments.
  • Monitor and report on evolving privacy laws and AI governance frameworks.

Benefits

  • Health insurance including medical, vision, and dental coverage.
  • Equity stock options available for employees.
  • Retirement plans to support long-term financial stability.
  • Unlimited paid time off (PTO) along with paid public holidays.
  • Comprehensive paid maternity and parental leave programs.
  • Leaves of absence including caregiver leave under applicable legislation.
  • Access to an Employee Assistance Program for wellness support.
Full Job Description
Privacy Counsel
Remote Location: United Kingdom or USA (Boston, Washington DC, Austin, SF Bay Area, Seattle)Position Summary

HackerOne is seeking a Privacy Counsel to join our Privacy function to support the growing volume and complexity of global data protection, AI governance, and commercial contracting needs across the business. In this role, you will help accelerate product development, sales motions, internal procurement and cross-border data operations by providing thoughtful, practical, and globally relevant privacy support.

In addition to our legal and privacy teams, you will work closely with colleagues in our Product, Security, Compliance, Engineering, and Sales to deliver clear guidance, supporting privacy assessments, and review customer and vendor agreements to help us move quickly and responsibly as we grow. This is an individual contributor role ideal for a privacy lawyer who enjoys hands-on work, cross-functional collaboration, and applying structured legal thinking to emerging technologies.

What You Will Do
  • Apply an AI-First approach by using AI tools responsibly to improve research quality, drafting efficiency, and privacy assessment workflows.
  • Demonstrate Change Agility by adapting quickly to evolving global privacy and AI regulations, adjusting guidance as new risks, tools, or requirements emerge.
  • Use First Principles Problem Solving to simplify complex privacy questions, clarify assumptions, and provide clear, structured recommendations.
  • Leverage Data-Driven Decision Making during DPIAs,and related assessments by grounding evaluations in evidence, criteria, and regulatory expectations.
  • Support the current Privacy function with global privacy assessments, including DPIAs, AI DPIAs, TIAs, LIAs, and other structured risk reviews.
  • Review new and existing product features, AI capabilities, and data practices as part of privacy-by-design, identifying risks and opportunities early in development.
  • Draft, review, and negotiate data processing agreements (DPAs), privacy terms, and commercial contracts to support global sales and procurement.
  • Maintain and update privacy contractual documentation and internal templates and policies.
  • Create and deliver internal training on privacy and AI governance.
  • As part of the Privacy function, support internal and external privacy audits, coordinate with external advisors, and ensure alignment across business functions on assessment findings and remediation.
  • Monitor evolving privacy laws, case law, AI governance frameworks, and regulatory trends, sharing key insights with stakeholders to maintain compliance and anticipate future requirements.


Minimum Qualifications
  • Qualified lawyer (UK or EU) with GDPR experience PQE 5+ years (mix of in-house or private practice experience). Years matter less to us than impact. If you have relevant specialist experience, apply even if you don't quite hit the 5+ years.
  • Strong knowledge of EU/UK GDPR and familiarity with global privacy laws (US, Middle East, Asia).
  • Experience drafting and negotiating data processing agreements and handling privacy-related issues in a global business context.
  • Proven ability to manage data breaches, regulatory notifications and privacy audits.
  • Excellent communication skills with the ability to simplify complex legal concepts for non-legal audiences.
  • Strong understanding of AI technologies, their ethical implications, and related legal frameworks.
  • Excellent analytical, problem-solving, and decision-making skills with the ability to provide practical and strategic legal advice.
  • Experience in using privacy management systems such as OneTrust is required.
  • Ability to manage multiple priorities and work collaboratively across diverse teams.
  • Comfortable working independently in a fast-paced, global environment


Preferred Qualifications
  • Certified Information Privacy Professional (CIPP),
  • Artificial Intelligence Governance Professional (AIGP) and other relevant certifications,
  • German language proficiency.
  • Experience in cybersecurity, offensive security, or SaaS environments.


Compensation Band

UK Tier: £95K to £115K • Offers Equity

US Tiers:
  • Tier A (SF Bay Area): $180k to $215k • Offers Equity
  • Tier B (all other US locations): $160 to $190k • Offers Equity


#LI-MH1

#LI-Remote
Job Benefits:
  • Health (medical, vision, dental), life, and disability insurance*
  • Equity stock options
  • Retirement plans
  • Paid public holidays and unlimited PTO
  • Paid maternity and parental leave
  • Leaves of absence (including caregiver leave and leave under CO's Healthy Families and Workplaces Act)
  • Employee Assistance Program

*Eligibility may differ by country

We're committed to building a global team! For certain roles outside the United States, India, the U.K., and the Netherlands, we partner with Remote.com as our Employer of Record (EOR).

Visa/work permit sponsorship is not available.

Employment at HackerOne is contingent on a background check.

About HackerOne

HackerOne is a vulnerability coordination and bug bounty platform that connects businesses with penetration testers and cybersecurity researchers. The company was founded in 2012 by Michiel Prins and Jobert Abma and is headquartered in San Francisco, California. HackerOne has over 2,000 customers, including Airbnb, GitHub, Shopify, Spotify, and the U.S. Department of Defense. The company has raised over $110 million in funding from investors such as Benchmark, New Enterprise Associates, and Dragoneer Investment Group.
Learn more about HackerOne
Size
500 employees
Industry
Founded
2012

Similar Jobs

More Jobs at HackerOne

More Legal & Accounting Jobs

Find similar Privacy Counsel jobs: