Home
Recruiter
Log In

Privacy Counsel

Remote from
UK flag
UK
Salary, yearly, USD
90,000 - 110,000
Department
Legal & Compliance
Employment type
Full Time,
Job posted
Apply before
24 Jun 2026
Experience level
Senior
Views / Applies
11 / 2
About company Share

About HackerOne

HackerOne empowers the world to build a safer internet.

Verified job posting
This job post has been manually reviewed for authenticity and compliance.

AI Summary

HackerOne is seeking a Privacy Counsel to join its Privacy function, supporting global data protection, AI governance, and commercial contracting. The role involves conducting privacy assessments, reviewing contracts, and collaborating with product, security, and sales teams. This is an individual contributor position ideal for a privacy lawyer with hands-on experience and cross-functional skills. The job offers a salary range of $90,000 to $110,000 per year.

Role DNA

Job Complexity
Easy Hard
Pace & Pressure
Relaxed Fast-paced
Autonomy Level
Guided Full Ownership
Communication Load
Independent Highly Collaborative
AI Insight The role requires deep expertise in privacy law, AI governance, and contract negotiation, along with the ability to adapt to evolving regulations, making it challenging but not extremely demanding.

Salary Analysis

Median Below Market
USD100,000
US Market
USD80k – USD160k
0 USD176k
AI Insight The offered salary of $90,000-$110,000 is competitive for a Privacy Counsel role, falling within the typical US market range of $80,000-$160,000. However, it may be on the lower end for senior roles in major tech hubs.

Key Skills

Privacy Law Data Protection AI Governance Contract Negotiation DPIA Cross-functional Collaboration Legal Research GDPR CCPA Risk Assessment

I am excited to apply for the Privacy Counsel position at HackerOne. With a strong background in global data protection and AI governance, I am drawn to HackerOne's mission of leading Continuous Threat Exposure Management. My experience includes conducting DPIAs, negotiating DPAs, and advising on privacy-by-design for innovative products.

I have a proven ability to work cross-functionally with product, engineering, and sales teams to deliver practical privacy guidance. I am particularly adept at applying first-principles thinking to complex regulatory questions and leveraging data-driven assessments.

HackerOne's values of customer obsession, transparency, and winning together resonate with my professional ethos. I am eager to contribute to your privacy function and support the company's growth in the AI security space.

Can you describe your experience conducting Data Protection Impact Assessments (DPIAs) for products that use AI or machine learning?
I have conducted several DPIAs for AI-driven features, including automated decision-making systems. My approach involves mapping data flows, identifying risks, and working with engineering to implement mitigations such as anonymization and transparency controls.
How do you stay updated on evolving global privacy and AI regulations?
I subscribe to regulatory updates from IAPP and major law firms, attend webinars, and participate in privacy communities. I also use AI tools to monitor changes and analyze their impact on our compliance posture.
Describe a time when you had to negotiate complex data processing terms with a customer or vendor. What was the outcome?
I negotiated a DPA with a large cloud provider where they initially refused to include audit rights. I explained our regulatory obligations and proposed a compromise involving a SOC 2 report and right to audit upon request. They agreed, and the contract was signed.
How do you balance the need for speed in product development with thorough privacy review?
I integrate privacy reviews early in the development cycle through a privacy-by-design framework. I provide clear, actionable guidance and use templated assessments for common scenarios, which allows teams to move quickly while ensuring compliance.
What is your approach to training non-legal teams on privacy topics?
I create tailored training sessions using real-world examples and avoid legal jargon. I focus on practical scenarios they encounter, such as handling customer data requests or evaluating third-party vendors, and provide easy-to-follow checklists.

HackerOne is a global leader in Continuous Threat Exposure Management (CTEM). The HackerOne Platform unites agentic AI solutions with the ingenuity of the world’s largest community of security researchers to continuously discover, validate, prioritize, and remediate exposures across code, cloud, and AI systems. Through solutions like bug bounty, vulnerability disclosure, agentic pentesting, AI red teaming, and code security, HackerOne delivers measurable, continuous reduction of cyber risk for enterprises. Industry leaders, including Anthropic, Crypto.com, General Motors, Goldman Sachs, Lufthansa, Uber, UK Ministry of Defence, and the U.S. Department of Defense, trust HackerOne to safeguard their digital ecosystems. HackerOne was recognized in Gartner’s Emerging Tech Impact Radar: AI Cybersecurity Ecosystem report for its leadership in AI Security Testing and has been named a Most Loved Workplace for Young Professionals (2024).

HackerOne is at a pivotal inflection point in the security industry. Offensive security is no longer optional – it is the standard for forward-thinking companies that want to build trust and resilience in a world where AI-driven innovation and adversaries are moving faster than ever. With the industry shifting, HackerOne stands apart: we combine the ingenuity of the largest security research community with a best-in-class AI-powered platform, trusted by the world’s top organizations.

HackerOne Values

HackerOne is dedicated to fostering a strong and inclusive culture. HackerOne is Customer Obsessed and prioritizes customer outcomes in our decisions and actions. We Default to Disclosure by operating with transparency and integrity, ensuring trust and accountability. Employees, researchers, customers, and partners Win Together by fostering empowerment, inclusion, respect, and accountability.

Privacy Counsel

Remote Location: United Kingdom
Position Summary

HackerOne is seeking a Privacy Counsel to join our Privacy function to support the growing volume and complexity of global data protection, AI governance, and commercial contracting needs across the business. In this role, you will help accelerate product development, sales motions, internal procurement and cross-border data operations by providing thoughtful, practical, and globally relevant privacy support.

 

In addition to our legal and privacy teams, you will work closely with colleagues in our Product, Security, Compliance, Engineering, and Sales to deliver clear guidance, supporting privacy assessments, and review customer and vendor agreements to help us move quickly and responsibly as we grow. This is an individual contributor role ideal for a privacy lawyer who enjoys hands-on work, cross-functional collaboration, and applying structured legal thinking to emerging technologies.

 

What You Will Do

  • Apply an AI-First approach by using AI tools responsibly to improve research quality, drafting efficiency, and privacy assessment workflows.

  • Demonstrate Change Agility by adapting quickly to evolving global privacy and AI regulations, adjusting guidance as new risks, tools, or requirements emerge.

  • Use First Principles Problem Solving to simplify complex privacy questions, clarify assumptions, and provide clear, structured recommendations.

  • Leverage Data-Driven Decision Making during DPIAs,and related assessments by grounding evaluations in evidence, criteria, and regulatory expectations.

  • Support the current Privacy function with global privacy assessments, including DPIAs, AI DPIAs, TIAs, LIAs, and other structured risk reviews.

  • Review new and existing product features, AI capabilities, and data practices as part of privacy-by-design, identifying risks and opportunities early in development.

  • Draft, review, and negotiate data processing agreements (DPAs), privacy terms, and commercial contracts to support global sales and procurement.

  • Maintain and update privacy contractual documentation and internal templates and policies.

  • Create and deliver internal training on privacy and AI governance.

  • As part of the Privacy function, support internal and external privacy audits, coordinate with external advisors, and ensure alignment across business functions on assessment findings and remediation.

  • Monitor evolving privacy laws, case law, AI governance frameworks, and regulatory trends, sharing key insights with stakeholders to maintain compliance and anticipate future requirements.

 

Minimum Qualifications

  • Qualified lawyer (UK or EU) with GDPR experience PQE 5+ years (mix of in-house or private practice experience). Years matter less to us than impact. If you have relevant specialist experience, apply even if you don’t quite hit the 5+ years.

  • Strong knowledge of EU/UK GDPR and familiarity with global privacy laws (US, Middle East, Asia).

  • Experience drafting and negotiating data processing agreements and handling privacy-related issues in a global business context.

  • Proven ability to manage data breaches, regulatory notifications and privacy audits.

  • Excellent communication skills with the ability to simplify complex legal concepts for non-legal audiences.

  • Strong understanding of AI technologies, their ethical implications, and related legal frameworks.

  • Excellent analytical, problem-solving, and decision-making skills with the ability to provide practical and strategic legal advice.

  • Experience in using privacy management systems such as OneTrust is required.

  • Ability to manage multiple priorities and work collaboratively across diverse teams.

  • Comfortable working independently in a fast-paced, global environment

 

Preferred Qualifications

  • Certified Information Privacy Professional (CIPP),

  • Artificial Intelligence Governance Professional (AIGP) and other relevant certifications,

  • German language proficiency.

  • Experience in cybersecurity, offensive security, or SaaS environments.

 

Compensation Band
UK Tier: £80K – £100K • Offers Equity

 

#LI-KM1

#LI-Remote

Job Benefits:

  • Health (medical, vision, dental), life, and disability insurance*

  • Equity stock options

  • Retirement plans

  • Paid public holidays and unlimited PTO

  • Paid maternity and parental leave

  • Leaves of absence (including caregiver leave and leave under CO’s Healthy Families and Workplaces Act)

  • Employee Assistance Program

*Eligibility may differ by country

We’re committed to building a global team! For certain roles outside the United States, India, the U.K., and the Netherlands, we partner with Remote.com as our Employer of Record (EOR).

Visa/work permit sponsorship is not available.

Employment at HackerOne is contingent on a background check.

HackerOne is an Equal Opportunity Employer in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, pregnancy, disability or veteran status, or any other protected characteristic as outlined by international, federal, state, or local laws.

This policy applies to all HackerOne employment practices, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. HackerOne makes hiring decisions based solely on qualifications, merit, and business needs at the time.

For US based roles only: Pursuant to the San Francisco Fair Chance Ordinance, all qualified applicants with arrest and conviction records will be considered for the position.

Apply now >

This job listing has been manually reviewed by the Jobicy Trust & Safety Team for compliance with our posting guidelines, including verification of the company's legitimacy, accuracy of job details, clarity of remote work policy, and absence of misleading or fraudulent content.

How to apply

Did you apply? Let us know, and we’ll help you track your application.

For safety tips, see our guides, and please let us know if you need any assistance.

Log in to save
You're almost done!

Create a free account with us to save a history of all jobs you've shown interest in.

You can also continue as a guest if you prefer.

Share

See a few more

Similar Legal & Compliance remote jobs

More Jobs

Job Search Safety Tips

Here are some tips to help you search and apply for jobs safely:
Watch out for suspicious jobs Don't apply for jobs that offer high pay for little work or offer to hire you without an interview. Read more ›
Check the employer's profile Make sure you're applying for a trustworthy job by visiting the employer's profile and learning more about them. Read more ›
Protect your information Don't share personal details like your bank account or government-issued ID on suspicious websites or messengers. Read more ›
Report jobs that feel unsafe If you see a job that seems misleading, inappropriate or discriminatory, report it for going against our policies and we'll review it.

Share this job

Jobicy+ Subscription

Jobicy

614 professionals pay to access exclusive and experimental features on Jobicy

Free

USD $0/month

For people just getting started

  • • Unlimited applies and searches
  • • Access on web and mobile apps
  • • Weekly job alerts
  • • Access to additional tools like Bookmarks, Applications, and more

Plus

USD $8/month

Everything in Free, and:

  • • Ad-free experience
  • • Daily job alerts
  • • Personal career consultant
  • • AI-powered job advice
Go to account ›