Lead Privacy Counsel (AUS, NYC)

About The Position

Requirements

• J.D. degree and active bar membership in good standing.
• 10+ years of relevant privacy and data protection experience, including in-house counsel roles with U.S.-based global companies.
• Deep understanding of global privacy regulations , including GDPR , UK GDPR , CCPA/CPRA , biometric specific laws and other U.S. privacy and data security frameworks.
• Demonstrated experience leading data breach and incident response programs , including coordination with InfoSec, legal assessments, and notification requirements.
• Hands-on experience preparing and managing ROPA , DPIAs , and other GDPR compliance artifacts.
• Practical, risk-based mindset and strong organizational skills—comfortable building scalable systems that reduce redundancy and ensure compliance.
• Ability to distill complex regulatory requirements into clear, actionable advice tailored for business partners.
• Strong interpersonal and communication skills with a proven track record of influencing and collaborating across diverse global teams, including the ability to present to and advise senior leaders across the organization
• Deep alignment with Bumble’s mission, values, and global focus.

Responsibilities

• Lead Bumble’s incident response and data breach management program , including investigation protocols, notification assessments, regulatory reporting, and post-incident remediation.
• Build and scale efficient, cross-functional privacy compliance programs aligned with global frameworks including GDPR , UK DPA , CCPA/CPRA , and other U.S. state-level privacy laws.
• Own and maintain core GDPR compliance documentation , including Records of Processing Activities (ROPA) , Data Protection Impact Assessments (DPIAs) , and Lawful Basis assessments and draft and negotiate Data Processing Agreements.
• Partner closely with InfoSec , Product , and Engineering teams to ensure security safeguards, privacy-by-design, and clear roles and responsibilities in incident preparedness.
• Partner closely with the member support function to respond to requests from members for access to or deletion of their data, and assist on (i) regulatory investigations from regulators in the US, UK and EU; and (ii) member claims in civil courts, in relation to Bumble’s response to members’ requests.
• Collaborate with internal Legal colleagues to ensure privacy compliance is integrated into wider compliance and regulatory strategies (e.g., marketing, consumer protection, international transfers), and advise other teams in the business on how to perform their functions in a manner that complies with data protection laws (e.g. marketing, advertising, communications and HR teams).
• Develop and lead a talented privacy advisor who plays a key role in ensuring the protection of our member’s data.
• Develop and deliver privacy policies, playbooks, templates, and training materials that promote awareness and enable operational consistency.
• Stay abreast of privacy and data security trends and regulatory changes, and assess their practical impact on Bumble’s global operations.
• Promote a member-first approach to privacy that aligns with Bumble’s values and business priorities.