Sr. Data Privacy & Risk Counsel

About Engine: Engine is a fast-growing, highly disruptive travel and fintech platform on an ambitious mission to transform how modern corporate enterprises manage travel, dynamic expenses, and real-time cash flow. Trusted by over 30,000 businesses to support more than 1 million corporate travelers and process billions in annual bookings, Engine replaces fragmented legacy logistics with a centralized software ecosystem that brings together exclusive commercial rates, industry-leading rewards, corporate charge cards, and intelligent automation. Backed by elite institutional investors including Telescope Partners, Blackstone, and Permira, Engine has been widely honored across the industry on the Deloitte Technology Fast 500 and Built In’s Best Places to Work.

Position Overview

We are seeking a highly autonomous, legally rigorous, and regulatory-fluent Sr. Data Privacy & Risk Counsel to claim absolute strategic ownership over Engine’s corporate data privacy, AI governance architectures, and information risk compliance functions under a permanent, full-time remote layout open across the United States. In this business-critical corporate legal role, you will lead the end-to-end framework instrumentation that ensures Engine stays ahead of the evolving state and federal regulatory landscapes. Shifting completely away from routine non-regulated data transcription loops, generic frontend visual website layout configurations, or basic copy typing, you will operate an active data privacy compliance, automated rights handling (e.g., CCPA/CPRA workflows), and algorithmic risk mitigation laboratory. Partnering directly with distributed Security, Product, and Finance cells, you will provide definitive legal advisory to protect material findings through structural privilege while fostering seamless commercial growth. This position requires a privacy law authority with 4–6 years of hands-on experience (either in-house or at a designated privacy firm practice), holding a Juris Doctor (J.D.) degree with an active, uncompromised bar admission in good standing.

Key Responsibilities

• Core Privacy Architecture Governance: Formulate, coordinate, and execute innovative strategies to build and operate Engine’s enterprise-wide data privacy, compliance auditing, and risk management systems natively utilizing Legal Consultant frameworks.
• AI & Algorithmic Governance Leadership: Establish and scale structured compliance frameworks for artificial intelligence governance, automated model training evaluations, and generative tool usage limits.
• Automated Rights Workflow Engineering: Design, deploy, and supervise automated operational workflows to handle consumer privacy requests, managing programmatic compliance for CCPA, CPRA, and emerging state privacy architectures.
• Tiered Vendor Risk Compliance: Architect and direct a scalable, tiered vendor risk management program to systematically vet third-party financial tech integrations, software processors, and cloud systems.
• Cross-Functional Risk Harmonization: Collaborate face-to-face with embedded Engineering, Security, Product, and Finance cells to ensure newly launched fintech products, charge cards, and spend management services remain legally compliant.
• Strategic Legal Advisory & Support: Act as the premier internal advisor on regulatory trends, conducting deep risk evaluations and leading prompt, data-protected responses to potential data incident scenarios.
• Material Protection & Privilege: Structure and insulate analytical privacy impact assessments and data governance audits to protect corporate material discoveries through formal legal privilege parameters.

Required Skills & Qualifications

• Possess a formal Juris Doctor (J.D.) degree from an accredited law school, backed by an active, uncompromised regional Bar Admission in good standing.
• A minimum of 4–6 years of proven, successful professional history operating inside an In-House Privacy Counsel, Data Protection Officer, Senior Privacy Associate, Regulatory Risk Attorney, or closely matching tech-focused legal capacity.
• Expert Privacy Framework Command: Deep, practical working literacy and production-grade knowledge navigating CCPA, CPRA, U.S. state privacy laws, and FTC Section 5 consumer protection standards.
• Demonstrated experience building automated data compliance operations or managing complex third-party risk evaluations inside a fast-paced environment.
• Outstanding written, verbal, and visual analytical communication strengths in English, with a verified history of structuring formal legal briefs and translating intricate regulations into scannable paths for C-suite leaders.
• Location Context: Position operates under remote guidelines open exclusively to qualified privacy attorneys residing permanently within the United States.

Preferred Strategic Indicators (Nice to Have)

• Prior legal or compliance background operating natively inside the FinTech, B2B SaaS, corporate spend management, or high-volume e-commerce travel tech sectors.
• Fluent, hands-on administrative familiarity navigating modern data privacy management suites, explicitly including OneTrust platforms or matching tracking networks.
• Possess recognized professional privacy certifications (such as CIPP/US, CIPP/E, CIPM, or identical IAPP credentials).

What We Offer

• Top-Tier US Corporate Legal Compensation Matrix: A highly competitive annual base salary structure of $182,800 - $253,000 USD calibrated to your regulatory history, supplemented by attractive corporate equity allocations and performance-tied variable bonuses.
• 100% remote workspace infrastructure autonomy anywhere within the United States under our flexible hybrid-hub remote setup model.
• Direct High-Volume Fintech Governance Scale: Elite professional growth milestones achieved by directing the flagship data privacy and AI guardrails protecting information for over 1 million travelers and billions in annual bookings.
• Comprehensive health preservation benefits, providing premium medical, dental, and vision network coverage avenues alongside disability and life insurance protections.
• Access to observed national holidays, generous flexible time-off configurations, travel perks, corporate retirement match provisions, and structured merit-driven tracks across an organization honored on Built In’s Best Places to Work.