Privacy Governance Lead

About The Position

Requirements

• Deep working knowledge of GDPR and at least one major US state privacy regime (CCPA/CPRA, or equivalent), including how their requirements translate into operational controls at scale
• Demonstrated track record building, scaling, or transforming a privacy governance program end-to-end — policies, DPIAs, ROPAs, controls libraries, governance forums, and the operating model that supports them
• Strong written communication, with the ability to produce clear policies, board-ready reporting, and practical guidance that engineering and product teams will actually use
• Comfort owning hard cross-functional decisions and operating across legal, technical, and operational boundaries
• A privacy certification such as CIPP/E, CIPP/US, or CIPM, or equivalent demonstrated expertise

Nice To Haves

• Senior privacy governance leadership experience at a technology company operating under multiple privacy regimes simultaneously, ideally including one with novel data processing (AI/ML, large-scale platforms, or similar)
• Direct experience engaging privacy regulators, particularly EU data protection authorities or the Irish DPC, on governance matters such as inquiries, audits, or complaints
• Familiarity with AI-specific privacy considerations: training data governance, model memorization, output filtering, and the intersection with emerging AI regulation
• Experience standing up governance functions in a high-growth environment, including building from a blank page
• Demonstrated experience presenting to Audit Committees, boards, or equivalent senior governance bodies on privacy matters
• Background that bridges privacy and broader compliance disciplines (security, regulatory, ABAC, enterprise risk management)

Responsibilities

• Set the strategy and roadmap for Anthropic's privacy governance framework, including the policies, standards, and internal controls that map to GDPR, CCPA/CPRA, and other applicable global privacy regimes
• Own the privacy documentation lifecycle end-to-end — Data Protection Impact Assessments, Records of Processing, Transfer Impact Assessments, and other accountability artifacts — including the methodology, the tooling, and the quality bar
• Establish governance forums and approval workflows for privacy-significant product, research, and vendor decisions, and chair the forums where novel or high-risk questions are resolved
• Own the privacy controls testing program: define what "good" looks like, set the testing cadence, and present results to the Head of Integrity & Compliance and other leadership forums
• Partner with Privacy Legal to anticipate emerging privacy law and translate new obligations into concrete control changes ahead of enforcement
• In partnership with Legal, co-lead privacy regulator engagement on governance matters, including responses to inquiries, audits, and complaints
• Oversee the management of inputs for regulatory responses with the Privacy Program pillar
• Drive privacy training and awareness strategy for engineering, product, research, and go-to-market teams, calibrated to the actual decisions those teams make
• Represent the privacy governance function in Internal Audit reporting, and in cross-functional risk and compliance forums
• Build and develop the privacy governance team over time

Benefits

• competitive compensation
• benefits
• optional equity donation matching
• generous vacation and parental leave
• flexible working hours
• a lovely office space in which to collaborate with colleagues