HarnessVerified Employer

Business Services & Consulting • all cities, DC 8

Counsel - Privacy, Security & AI Office (8)

all cities, DC 8On-sitePosted 1 day ago

Business Services & Consulting

About the Role

Counsel – Privacy, Security & AI Office

We are seeking an experienced and strategic Counsel to join our Privacy, Security & AI (PSAI) Office. In this role, you will play a critical part in guiding our product and AI compliance, supporting global privacy and data protection strategy, and helping shape the company's approach to responsible and ethical data use.

You'll advise senior leadership, collaborate with cross-functional stakeholders, and help ensure that our data practices are aligned with global legal and regulatory obligations, including those emerging around AI governance and advanced technologies.

About the role:

Support the development and implementation of the AI Governance Program
Draft and implement AI policies, procedures, and best practices for both internal use of AI and product development
Lead internal awareness campaigns to foster a culture of responsible AI across the organization.
Support AI Use Case Intake Assessments
Provide AI advice to key stakeholders (product, procurement)
Support customers queries and questionnaires

Product Compliance

Collaborate closely with product and engineering teams to evaluate and mitigate privacy and AI compliance risks during development and deployment.
Review and assess AI/ML use cases for compliance with legal and ethical standards, including EU AI Act, OECD AI Principles, and NIST AI RMF.
Contribute to development of governance frameworks for responsible AI, including fairness, explainability, and accountability controls.

Privacy & Data Protection Legal Strategy

Lead complex legal analysis and provide strategic privacy advice on global data protection laws (e.g., GDPR, CCPA/CPRA, LGPD, PIPEDA, APPI), with a main focus on US federal and state privacy and EU GDPR
Guide business and technical teams on lawful bases for processing, purpose limitation, transparency, and data minimization.
Evaluate and advise on complex personal data use cases, including sensitive data, automated decision-making, and biometric processing.
Implement best practices around privacy to ensure the competitive edge of the company
Draft and review breach-related communications, including regulator and data subject notices.
Conduct privacy reviews for third-party vendors and tools to ensure alignment with internal standards and legal requirements.
Drive the development, maintenance, and enhancement of the company's privacy compliance program.
Maintain and oversee updates to the Records of Processing Activities (ROPA), and ensure accountability documentation is current and complete.
Partner with security, compliance, and product teams to integrate privacy by design into internal processes and external-facing technologies.
Lead and advise on complex Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
Oversee and conduct Transfer Impact Assessments (TIAs) to assess and document data transfer risks.
Manage Legitimate Interests Assessments (LIAs) and ensure robust justification and safeguards are in place.
Identify privacy and AI-related risks and recommend scalable mitigation strategies across the organization.

Audits, Monitoring & Regulatory Readiness

Support or lead the legal function in responding to privacy audits, regulator inquiries, and due diligence requests.
Prepare documentation, gap analyses, and remediation plans to ensure audit readiness.
Track and interpret global privacy and AI regulatory developments, and support internal implementation efforts.

About you:

Required:

Qualified lawyer (active bar membership in at least one jurisdiction).
1-3+ years of legal experience, with a focus on privacy, data protection, and technology law.
Deep understanding of GDPR, CCPA/CPRA, and global privacy frameworks.
Preferred experience with FedRamp, PCI DSS and ISO frameworks
Extensive experience with PIAs/DPIAs, TIAs, LIAs, and cross-border data transfer mechanisms.
Strong understanding of privacy issues in product development, data science, and AI applications.

Preferred:

CIPP/E, CIPP/US and AIGP
Direct experience working with or interpreting AI legal and regulatory frameworks (e.g., EU AI Act).
Strong negotiation skills, particularly in data protection clauses and international data transfer agreements.

Work Location:

Remote within France, Spain, Germany, or the UK

Harness in the news:

Accelerating Our Mission to Bring AI to Everything After Code
Goldman Sachs leads investment in software delivery startup Harness at $5.5 billion valuation
How Harness runs 16 "startups within a startup" at scale | Jyoti Bansal
Harness Research Shows AI Visibility Crisis Fueling Security Nightmare
Harness has been named to the Inc. Power Partner list for software delivery success

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex or national origin.

At Harness, we care about your privacy and are committed to protecting your personal data. For additional information on this topic, you can visit our privacy Portal.

Note on Fraudulent Recruiting/Offers

We have become aware that there may be fraudulent recruiting attempts being made by people posing as representatives of Harness. These scams may involve fake job postings, unsolicited emails, or messages claiming to be from our recruiters or hiring managers.

Please note, we do not ask for sensitive or financial information via chat, text, or social media, and any email communications will come from the domain @harness.io. Additionally, Harness will never ask for any payment, fee to be paid, or purchases to be made by a job applicant. All applicants are encouraged to apply directly to our open jobs via our website. Interviews are generally conducted via Zoom video conference unless the candidate requests other accommodations.

If you believe that you have been the target of an interview/offer scam by someone posing as a representative of Harness, please do not provide any personal or financial information and contact us immediately at security@harness.io. You can also find additional information about this type of scam and report any fraudulent employment offers via the Federal Trade Commission's website, or you can contact your local law enforcement agency.

Counsel – Privacy, Security & AI Office

About the role:

Support the development and implementation of the AI Governance Program
Draft and implement AI policies, procedures, and best practices for both internal use of AI and product development
Lead internal awareness campaigns to foster a culture of responsible AI across the organization.
Support AI Use Case Intake Assessments
Provide AI advice to key stakeholders (product, procurement)
Support customers queries and questionnaires

Product Compliance

Collaborate closely with product and engineering teams to evaluate and mitigate privacy and AI compliance risks during development and deployment.
Review and assess AI/ML use cases for compliance with legal and ethical standards, including EU AI Act, OECD AI Principles, and NIST AI RMF.
Contribute to development of governance frameworks for responsible AI, including fairness, explainability, and accountability controls.

Privacy & Data Protection Legal Strategy

Lead complex legal analysis and provide strategic privacy advice on global data protection laws (e.g., GDPR, CCPA/CPRA, LGPD, PIPEDA, APPI), with a main focus on US federal and state privacy and EU GDPR
Guide business and technical teams on lawful bases for processing, purpose limitation, transparency, and data minimization.
Evaluate and advise on complex personal data use cases, including sensitive data, automated decision-making, and biometric processing.
Implement best practices around privacy to ensure the competitive edge of the company
Draft and review breach-related communications, including regulator and data subject notices.
Conduct privacy reviews for third-party vendors and tools to ensure alignment with internal standards and legal requirements.
Drive the development, maintenance, and enhancement of the company's privacy compliance program.
Maintain and oversee updates to the Records of Processing Activities (ROPA), and ensure accountability documentation is current and complete.
Partner with security, compliance, and product teams to integrate privacy by design into internal processes and external-facing technologies.
Lead and advise on complex Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
Oversee and conduct Transfer Impact Assessments (TIAs) to assess and document data transfer risks.
Manage Legitimate Interests Assessments (LIAs) and ensure robust justification and safeguards are in place.
Identify privacy and AI-related risks and recommend scalable mitigation strategies across the organization.

Audits, Monitoring & Regulatory Readiness

Support or lead the legal function in responding to privacy audits, regulator inquiries, and due diligence requests.
Prepare documentation, gap analyses, and remediation plans to ensure audit readiness.
Track and interpret global privacy and AI regulatory developments, and support internal implementation efforts.

About you:

Required:

Qualified lawyer (active bar membership in at least one jurisdiction).
1-3+ years of legal experience, with a focus on privacy, data protection, and technology law.
Deep understanding of GDPR, CCPA/CPRA, and global privacy frameworks.
Preferred experience with FedRamp, PCI DSS and ISO frameworks
Extensive experience with PIAs/DPIAs, TIAs, LIAs, and cross-border data transfer mechanisms.
Strong understanding of privacy issues in product development, data science, and AI applications.

Preferred:

CIPP/E, CIPP/US and AIGP
Direct experience working with or interpreting AI legal and regulatory frameworks (e.g., EU AI Act).
Strong negotiation skills, particularly in data protection clauses and international data transfer agreements.

Work Location:

Remote within France, Spain, Germany, or the UK

Harness in the news:

Accelerating Our Mission to Bring AI to Everything After Code
Goldman Sachs leads investment in software delivery startup Harness at $5.5 billion valuation
How Harness runs 16 "startups within a startup" at scale | Jyoti Bansal
Harness Research Shows AI Visibility Crisis Fueling Security Nightmare
Harness has been named to the Inc. Power Partner list for software delivery success

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex or national origin.

At Harness, we care about your privacy and are committed to protecting your personal data. For additional information on this topic, you can visit our privacy Portal.

Note on Fraudulent Recruiting/Offers

What You'll Do

Support the development and implementation of the AI Governance Program

Draft and implement AI policies, procedures, and best practices for both internal use of AI and product development

Lead internal awareness campaigns to foster a culture of responsible AI across the organization.

Support AI Use Case Intake Assessments

Provide AI advice to key stakeholders (product, procurement)

Support customers queries and questionnaires

Skills & Technologies

Business Services & Consulting

Overview

Counsel - Privacy, Security & AI Office (8)

About the Role

Counsel – Privacy, Security & AI Office

What You'll Do

Skills & Technologies