Rodeo
ResourcesPartnersSign in

Cognism

Lead Privacy Counsel

London
Posted about 14 hours ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

The Role

Data compliance is not a peripheral function here — it sits at the heart of the product and the business model. As the company matures and invests in its legal and governance infrastructure, this role has been created to lead and embed a privacy function that is genuinely robust, not just defensible on paper.

Reporting to the CLO, this is a hands-on leadership role with real scope and immediate impact. You will be the primary privacy resource in-house, leading and driving core privacy workstreams across the business, from policy and governance through to privacy by design, AI governance, and training.

This is an opportunity to build something. You will shape the privacy function around genuine business need, working directly with product, engineering, sales, marketing and HR. You will be expected to lead workstreams, not just support them.

What You Will Do

  • Privacy governance and policy - own the full suite of privacy policies, frameworks and governance documentation; build and operationalise a data retention framework; maintain the ROPA and privacy notices; support internal and external audits; manage the subject rights process and privacy incidents end-to-end.
  • Privacy by design - embed a privacy by design programme across product and engineering; develop practical frameworks that allow fast-moving teams to build compliantly; act as the primary legal voice in product development cycles; work directly with engineering to translate legal requirements into implemented solutions.
  • AI strategy and implementation - lead the development of an AI governance framework; advise on privacy implications of AI tools and features; lead DPIAs for AI-related processing; keep the business ahead of regulatory change in this space.
  • Global data complexity - progress Transfer Impact Assessments for non-EEA transfers; support jurisdiction-specific compliance requirements; work with engineering on data dictionary and field-level mapping.
  • Vendor governance - refine the DDQ process; manage vendor audit cadence; review and negotiate DPAs.
  • Training and engagement - design and deliver a refreshed privacy training programme across the business; build genuine privacy literacy, not tick-box compliance; be the adviser people actually want to call.
  • Commercial support - advise on data protection aspects of contracts and supplier arrangements; support the wider legal team on matters with a data dimension.
  • Advise and influence senior leadership, including at C-suite level, on privacy risk, strategy and business impact; translate complex privacy issues into clear, actionable guidance that executives can act on.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

About You

You are a qualified solicitor with 5–8 years' PQE and a strong privacy specialism. You have genuine in-house experience and have owned and delivered privacy workstreams, not just advised on them. You are ready to lead a function, and you want the platform to build something properly rather than inherit someone else's structure.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

You are comfortable working with engineering and product teams, and you understand that implementation matters as much as the legal analysis behind it. You bring sound judgment, a commercial mindset, and the ability to work autonomously in a complex, fast-moving environment. You are calm and structured under pressure.

Essential:

  • Qualified solicitor (England & Wales or equivalent)
  • 5–8 years' PQE in data protection / privacy law
  • In-house experience owning and delivering privacy programmes end-to-end
  • Practical grounding in UK GDPR, EU GDPR, CCPA, EU AI Act and international transfers
  • Experience working directly with engineering or product teams
  • AI governance experience - essential, not desirable
  • Ready to step into a leadership role and build a function

Desirable:

  • Background in B2B data, adtech or a business where data is the product
  • Experience with DSAR automation tooling
  • International privacy experience beyond UK/EU
  • Direct ICO or DPA engagement
  • CIPP/E or equivalent qualification

What This Role Is and Isn't

✅ A leadership role with genuine scope to build a privacy function from a strong foundation

✅ Suited to someone stepping into their first Head of Function role who wants to own something, not inherit it

✅ Execution-focused — you will lead workstreams hands-on, not manage others doing them

🚫 Not a DPO role

🚫 Not a large-team leadership position

🚫 Not a role for someone who advises but does not implement

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Privacy Law
Data Protection
GDPR
AI Governance
Policy Development
Compliance
Legal Analysis
Training
Vendor Management
Risk Management
Data Retention
Subject Rights
Incident Management
Stakeholder Engagement
Contract Review
DPIA

Location

London, England, United Kingdom

Sign up to applySee more jobs like this