- Company Name
- Shipt
- Job Title
- Director, Counsel Privacy, Cybersecurity & AI
- Job Description
-
**Job Title**
Director, Counsel Privacy, Cybersecurity & AI
**Role Summary**
Lead the legal strategy and governance for privacy, cybersecurity, and AI across the organization. Drive program design, policy implementation, and regulatory compliance while partnering with product, engineering, and senior leadership to enable rapid, responsible innovation. Manage a small, high‑impact team and provide executive‑level counsel on data, AI, and platform risk.
**Expectations**
- Deliver strategic direction and operational execution for privacy, cybersecurity, and AI governance.
- Navigate regulatory landscapes (CCPA/CPRA, HIPAA, TCPA, GDPR) and industry frameworks (NIST, SOC 2).
- Translate complex legal requirements into actionable, risk‑reducing processes that do not impede product development.
- Provide timely legal leadership in incident response and risk mitigation.
- Serve as a trusted advisor to legal and executive leaders on long‑term data, AI, and platform strategy.
**Key Responsibilities**
1. **Privacy & Data Strategy** – Own organization‑wide privacy strategy and operating model, ensuring scalability with growth, new data uses, and evolving business models.
2. **AI Governance & Responsible Innovation** – Lead AI governance and Responsible AI programs; advise on deployment of agentic AI, automation, and decision‑support tools; identify and mitigate legal and ethical risks.
3. **Cybersecurity & Incident Leadership** – Provide executive‑level legal oversight of cybersecurity risk management; align with NIST, SOC 2, and other frameworks; lead legal response for security incidents.
4. **Team & Program Leadership** – Supervise two direct reports; build and maintain a high‑performing legal team.
5. **Strategic Advising** – Advise legal leadership and executives on data, AI, and platform strategy; contribute to long‑term business roadmaps.
**Required Skills**
- Extensive in‑house legal experience (12+ years) focused on privacy, cybersecurity, data protection, and emerging technologies.
- Strong partnership experience with product and engineering teams.
- Deep knowledge of U.S. privacy and security laws: CCPA/CPRA, HIPAA, TCPA; familiarity with global frameworks (GDPR).
- Proven ability to operate at both strategic and execution levels.
- Experience leading AI governance or Responsible AI programs in production environments (preferred).
- Excellent communication, stakeholder management, and influence skills.
**Required Education & Certifications**
- Juris Doctor (J.D.) from an accredited law school.
- Active membership in at least one U.S. state bar.
- Additional certifications in cybersecurity law, data privacy, or AI ethics are considered an advantage.
Birmingham, United states
Hybrid
02-02-2026