Privacy/AI Counsel - 12 month contract

This opportunity allows you to work with our largest enterprise customers, candidates, data privacy institutions, and internal teams. You will be responsible for the following activities:

• Strategic Legal Advisor: serve as a subject-matter expert on the evolving AI,  global privacy and security landscape. Translate complex legal developments, enforcement actions, and best practices into clear, actionable guidance for both legal and technical leadership.

• Post-Acquisition Governance: be a key stakeholder in  the AI,  privacy and security consolidation for SmartRecruiters as a newly acquired SAP company. Drive cross-entity collaboration to harmonize data protection standards, review legacy processes, and build scalable governance frameworks that align with parent-company requirements.

• Sales Enablement: Develop and maintain high-impact, internal and external-facing privacy and AI collateral and FAQs to empower the Sales organization, accelerate deal cycles,  in achieving company financial and product goals.

• Privacy by Design: providing daily support to the Product Team on topics such as data retention, international data transfers, telecommunications (SMS/Emailing), Privacy in AI systems, legal basis, data retention, UX reviews (dark patterns), TOMs. Provide clear product recommendations. Train and maintain related policies. 

• Cross-Functional Counsel: Provide specialized AI, privacy and security expertise to support broader legal advocacy across the organization, including Executive, Corporate, Employment, Product, and Commercial teams at SmartRecruiters and SAP

• Cybersecurity Governance: Drive complex, cross-functional cybersecurity legal initiatives (e.g., implementing new regulatory frameworks) with clear milestones and measurable outcomes. Own the continuous improvement of incident response policies and playbooks to meet global data protection standards.

• Daily Compliance: Oversee the end-to-end management of Data Subject Rights (DSRs), cookie consent across web and cloud applications, and the maintenance of the Register of Processing Activities (RoPA), particularly within an M&A context.

• Technical Risk Assessment: Lead the execution of DPIAs and PIAs, collaborating directly with Product and Engineering teams to embed privacy-by-design into the development lifecycle.

• Be an amazing Smartian that exemplifies our values and everybody loves working with daily

We expect the competencies in the following areas:

• 3+ years of in-house experience (or equivalent) in AI,  data security, data privacy, data protection and governance.  Preferably in a SaaS environment. 

• Proven in-depth knowledge of the GDPR, European data protection laws, Data Protection Authorities guidelines and EU Directives (such as ePrivacy Directive). 

• Deep understanding of the evolving AI landscape,  including the EU AI Act  and a proven ability to navigate the complex intersection of global privacy laws and AI-driven product development.

• Good understanding of Data Privacy legislation in other countries outside of the EU (US States, NYC AEDT 144, Canada, China,, Australia, etc.)

• Exceptional skills in translating legal complexities into actionable business insights for diverse stakeholders, moving beyond "law-firm" speak to partner effectively with the business.

• Hands-on understanding of modern, large-scale infrastructure (e.g., cloud, microservices, and incident management tools) to effectively assess legal risks and drive incident response.

• Experience in working with Product, Engineering, and Sales Teams in a regulated environment. 

• CIPP/CIPM/CIPT or similar certificates preferred

• Ability to translate legal requirements into guidance for product development

• Excellent communication & summarization of complex privacy topics to the Executive Management.

• Excellent business-oriented judgment. 

• Fluent in English and German is a plus

SmartRecruiters is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. your information will be kept confidential according to EEO guidelines.