SI
HR Operations & Administration
Company
SmartRecruiters Inc
Location
Remote, Germany
Employment type
Contract
Seniority
Mid level
Primary category
HR Operations & Administration
Posted date
7 Apr 2026
Valid through
6 Jun 2026
This opportunity allows you to work with our largest enterprise customers, candidates, data privacy institutions, and internal teams. You will be responsible for the following activities:
Strategic Legal Advisor: serve as a subject-matter expert on the evolving AI, global privacy and security landscape. Translate complex legal developments, enforcement actions, and best practices into clear, actionable guidance for both legal and technical leadership.
Post-Acquisition Governance: be a key stakeholder in the AI, privacy and security consolidation for SmartRecruiters as a newly acquired SAP company. Drive cross-entity collaboration to harmonize data protection standards, review legacy processes, and build scalable governance frameworks that align with parent-company requirements.
Sales Enablement: Develop and maintain high-impact, internal and external-facing privacy and AI collateral and FAQs to empower the Sales organization, accelerate deal cycles, in achieving company financial and product goals.
Privacy by Design: providing daily support to the Product Team on topics such as data retention, international data transfers, telecommunications (SMS/Emailing), Privacy in AI systems, legal basis, data retention, UX reviews (dark patterns), TOMs. Provide clear product recommendations. Train and maintain related policies.
Cross-Functional Counsel: Provide specialized AI, privacy and security expertise to support broader legal advocacy across the organization, including Executive, Corporate, Employment, Product, and Commercial teams at SmartRecruiters and SAP
Cybersecurity Governance: Drive complex, cross-functional cybersecurity legal initiatives (e.g., implementing new regulatory frameworks) with clear milestones and measurable outcomes. Own the continuous improvement of incident response policies and playbooks to meet global data protection standards.
Daily Compliance: Oversee the end-to-end management of Data Subject Rights (DSRs), cookie consent across web and cloud applications, and the maintenance of the Register of Processing Activities (RoPA), particularly within an M&A context.
Technical Risk Assessment: Lead the execution of DPIAs and PIAs, collaborating directly with Product and Engineering teams to embed privacy-by-design into the development lifecycle.