Senior Counsel, Data Privacy

About Airwallex

Airwallex is the only unified payments and financial platform for global businesses. Powered by our unique combination of proprietary infrastructure and software we empower over 200000 businesses worldwide including Brex Rippling Navan Qantas SHEIN and many more with fully integrated solutions to manage everything from business accounts payments spend management and treasury to embedded finance at a global scale.

Proudly founded in Melbourne we have a team of over 2000 of the brightest and most innovative people in tech across 26 offices around the globe. Valued at US$8 billion and backed by world-leading investors including T. Rowe Price Visa Mastercard Robinhood Ventures Sequoia Salesforce Ventures DST Global and Lone Pine Capital Airwallex is leading the charge in building the global payments and financial platform of the future. If youre ready to do the most ambitious work of your career join us.

Attributes We Value

We hire successful builders with founder-like energy who want real impact accelerated learning and true ownership. You bring strong role-related expertise and sharp thinking and youre motivated by our mission and operating principles. You move fast with good judgment dig deep with curiosity and make decisions from first principles balancing speed and rigor.

Youre humble and collaborative; turn zerotoone ideas into real products and you get stuff done end-to-end. You use AI to work smarter and solve problems faster. Here youll tackle complex highvisibility problems with exceptional teammates and grow your career as we build the future of global banking. If that sounds like you lets build whats next.

About the team

The Legal Risk & Compliance (LRC) team at Airwallex is a collaborative group of legal and compliance minds and risk management experts. Were passionate about safeguarding Airwallexs operations fostering a culture of compliance and ethical conduct and ensuring we navigate the global financial landscape with integrity. We provide expert guidance and support to all areas of the business proactively identifying mitigating and managing legal and financial risks.

Within LRC the Data & Privacy team provides specialist guidance on data protection data privacy data governance and AI partnering closely with other LRC teams as well as Product Engineering Information Security Operations and other business units across all regions. We support a global financial platform handling large volumes of customer and enduser data under financialservices regulation and data protection laws worldwide. Strong data protection practices are therefore essential for regulatory and customer trust and for our brand.

What youll do

You will join as Senior Lead Counsel Data & Privacy with primary responsibility for data and privacy legal and regulatory matters across the US and broader Americas. You will be a key partner to senior stakeholders on topics spanning data protection AI cybersecurity crossborder data access and US financial privacy regulation. Youll help shape and execute Airwallexs data and privacy strategy in the Americas region design scalable compliance approaches for complex fintech and AIdriven products and translate fastmoving regulatory requirements into pragmatic solutions that enable growth.

This role is based in Seattle.

Responsibilities:

• Serve as lead data and privacy counsel for the US and Americas region providing riskbased businessoriented advice on US Canada and South American data protection AI and cybersecurity issues (including crossborder access and nationalsecurityadjacent topics) grounded in global data protection regulation and frameworks.

• Spearhead AI governance development and implementation globally providing guidance on relevant global and US AI frameworks and executing a fit-for-purpose AI governance approach at Airwallex including developing and implementing AI policies procedures privacy-related AI mitigations and accountability frameworks.

• Develop and help execute privacy and data protection compliance programs for the Americas specifically focused on compliance with US federal and state consumer financial privacy frameworks (GLBA FCRA CalFIPA) compliance Executive Order 14117 and comprehensive state privacy compliance.

• Partner closely with Product Engineering Information Security Regulatory Legal Regulatory Compliance Commercial Legal and Risk to embed privacy and securitybydesign in product development technical architecture UX and gotomarket including by spearheading DPIAs/PIAs AI risk assessments and other privacy impact assessments.

• Draft review and negotiate complex data protection and datasharing terms (including DPAs crossborder transfer terms and AIrelated clauses) with customers vendors financial partners and other third parties acting as an escalation point for highrisk matters.

• Coordinate and oversee international data flows touching the Americas ensuring appropriate transfer tools and governance (e.g. SCCs or equivalent) and supporting initiatives on data localisation storage and access controls.

• Colead the privacy and dataprotection workstream for security and data incidents related to the Americas with Information Security and other stakeholders including triage investigation regulatory and customer notifications remediation and lessons learned.

• Advise on highrisk or novel processing activities (e.g. new AI use cases advanced analytics innovative platform and embeddedfinance data models) helping structure appropriate safeguards governance and documentation.

• Support interactions with US and Americas regulators and policymakers on privacy cybersecurity dataaccess and related topics in close coordination with Regulatory Legal and Regulatory Compliance.

• Help build and refine tools and processes for privacy workflows (e.g. intake assessment DPIA/PIA/DPIA for AI ROPA DSRs) including the use of specialist tooling metrics and dashboards to track and evidence compliance.

• Contribute to training and enablement for Product Engineering Sales Operations and other teams on privacy data AI and cybersecurity topics using playbooks guidance and officehours to make it easy to do the right thing by default.

Who you are

Were looking for people who meet the minimum requirements for this role. The preferred qualifications are great to have but are not mandatory.

Minimum qualifications:

• U.S. legal qualification (or foreign equivalent) and active license to practice in at least one US jurisdiction.

• 8 years of experience in an inhouse legal department and/or in private practice advising on technology data and privacy issues related to technical platforms and products.

• Strong knowledge of US federal and state privacy and datasecurity laws (such as CCPA/CPRA and GLBA/Reg P) and how they intersect with payments and broader financialservices regulation plus working knowledge of GDPR and Canadian/South American privacy requirements (such as LGPD).

• Experience providing guidance on US related privacy adtech requirements and technologies including varying consent frameworks under US state privacy laws and operationalizing consent management requirements.

• Demonstrated experience partnering with technical teams (Product Engineering Information Security) to translate legal and regulatory requirements into practical technical designs controls and processes.

• Demonstrated experience advising on emerging US and global AI legal requirements and AIgovernance best practices and experience advising on AI/ML tools vendors or products from a privacy and dataprotection perspective.

• Experience providing data and privacy legal support during security or privacy incidents including incident assessment notification analysis and remediation planning.

• Excellent written and verbal communication skills with the ability to explain complex legal concepts to nonlawyers and senior executives and to drive clear decisions in ambiguous timesensitive situations.

• High degree of ownership resilience and pragmatism; comfortable working in a fastpaced highgrowth fintech environment and managing multiple complex matters in parallel.

Preferred qualifications:

• Experience advising on data privacy AI and cybersecurity issues in financial services payments or fintech including US financialprivacy rules and nationalsecurityadjacent dataaccess considerations.

• Experience interacting with regulators (privacy regulators financial regulators or other authorities) on privacy cybersecurity AI or dataaccess issues whether in supervisory licensing or enforcement contexts.

• Experience contributing to or leading elements of a global privacy program (such as acting as or supporting a DPOstyle function or building regional privacy frameworks and playbooks).

• Relevant privacy and/or AI certifications (e.g. CIPP/US CIPP/E CIPM AIGP) or demonstrably equivalent experience in global privacy program design and execution.

• Prior inhouse experience at a rapidly scaling tech or fintech company and working with globally distributed teams across time zones.

Applicant Safety Policy: Fraud and Third-Party Recruiters

To protect you from recruitment scams please be aware that Airwallex will not ask for bank details sensitive ID numbers (i.e. passport) or any form of payment during the application or interview process. All official communication will come from an @ email address. Please apply only through or our official LinkedIn page.

Airwallex does not accept unsolicited resumes from search firms/recruiters. Airwallex will not pay any fees to search firms/recruiters if a candidate is submitted by a search firm/recruiter unless an agreement has been entered into with respect to specific open position(s). Search firms/recruiters submitting resumes to Airwallex on an unsolicited basis shall be deemed to accept this condition regardless of any other provision to the contrary.

Equal opportunity

Airwallex is proud to be an equal opportunity employer. We value diversity and anyone seeking employment at Airwallex is considered based on merit qualifications competence and talent. We dont regard color religion race national origin sexual orientation ancestry citizenship sex marital or family status disability gender or any other legally protected status when making our hiring decisions. If you have a disability or special need that requires accommodation please let us know.

Required Experience:

Senior IC