Lead Privacy Counsel, Infrastructure & Data Governance

About this team and role

We are seeking a strategic, pragmatic, and proactive Privacy Counsel to join our privacy legal team! This role will focus primarily on building, operationalizing, and maintaining Mozilla’s core privacy compliance infrastructure and scalable privacy governance processes across our global organization. Working remotely, you will serve as frontline privacy counsel for internal privacy matters, advising teams across Mozilla on operational privacy risks, enterprise data governance, third-party risk management, and incident response.

This is a highly collaborative and execution-oriented role for someone who thrives in ambiguity, takes ownership of complex initiatives, and can independently drive programs from strategy through implementation.

What you'll do

• Lead the development, implementation, and ongoing maintenance of Mozilla’s core privacy compliance infrastructure, including enterprise data mapping and records of processing activities.
• Independently drive complex cross-functional privacy initiatives and operationalize scalable governance processes with minimal oversight.
• Evaluate and advise on evolving U.S., European, and international privacy and AI related regulatory developments and industry guidelines relevant to enterprise operations and internal data governance.
• Design and operationalize scalable global privacy compliance processes, controls, and documentation frameworks across Mozilla’s internal systems and enterprise functions.
• Manage and advise on third-party privacy risk assessments, including vendor DPIAs, LIAs, TIAs, and related due diligence processes.
• Support and help manage Mozilla’s privacy incident response program, including triage, risk assessment, escalation management, and remediation coordination.
• Develop scalable training, intake, and operational processes to improve organizational privacy maturity and reduce friction for internal stakeholders.
• Provide privacy advice in M&A transactions and post-close integration activities.

What you'll bring

• J.D. degree and membership in a state bar with good standing (or foreign equivalent).
• 8+ years of relevant legal experience, including substantial experience advising on global privacy and data governance matters as in-house counsel.
• Demonstrated experience building and maintaining privacy compliance infrastructure, including data mapping, records of processing activities, governance frameworks, and risk rubrics.
• Demonstrated ability to operate independently, take ownership of complex cross-functional initiatives, and drive practical, scalable outcomes.
• Ability to balance multiple projects simultaneously and build consensus across cross-functional teams.
• Excellent written and verbal communication skills with the ability to distill nuanced concepts for diverse audiences.

Bonus points for

• Experience with privacy engineering, governance tooling, or automated compliance workflows.
• Experience supporting incident response or privacy investigations.
• High fluency in internet technologies and software development.
• CIPP or related certifications.