Senior Counsel, Privacy & Product

About The Position

Requirements

• Juris Doctor (JD) degree and active membership in at least one U.S. state bar.
• 8+ years of experience practicing law, including at least 3 years advising technology companies.
• Expertise in data privacy laws, including GDPR and CCPA/CPRA, and familiarity with AI governance frameworks.
• Strong understanding of software development and open-source licensing (e.g., MIT, Apache, GPL).
• Proven ability to provide practical, risk-based advice in a fast-paced enterprise software environment.
• Excellent communication, drafting, and cross-functional collaboration skills.
• Proven experience in creating and implementing formal data privacy initiatives at a fast-moving software company, including instituting the programs and cross-functional liaisons necessary to ensure data privacy at all levels of an organization.
• Experience in supporting commercial negotiations for data privacy issues, including by being a trusted resource to discuss such issues with high-value customers and to provide institutional guidance and risk assessments to the legal and business teams on reasonable positions Redwood may take under various data privacy laws.
• Demonstrated ability to build effective working relationships with colleagues across departments, especially Product, Security, Sales, HR, and senior management. Strong ability to influence business decisions through legal expertise and collaboration

Nice To Haves

• Experience working with SaaS, cloud, or AI/ML-based products.
• Must be IAPP certified with a CIPP/E, with CIPP/US being a plus.
• Prior in-house counsel experience at a technology company.

Responsibilities

• Advise on product design, deployment, and lifecycle management, ensuring compliance with applicable laws (including data protection, consumer protection, and AI-related regulations).
• Provide expert guidance on global privacy frameworks (e.g., GDPR, CCPA, DORA, EU Data Act, and emerging AI governance laws like the EU AI Act). Help design and implement privacy-by-design principles and internal policies.
• Evaluate AI use cases, model usage governance, and generative AI product features for regulatory and intellectual property risks.
• Counsel engineering teams on open-source license requirements, contributions, and usage.
• Track evolving technology regulations (AI, data privacy, cybersecurity) and help guide the company’s compliance approach.
• Collaborate with the commercial legal team to negotiate and draft data protection addenda, licensing terms, and AI-related clauses.
• Develop and deliver internal training for cross-functional teams on privacy, AI, and technology law developments.