Sumsub is a leading full-cycle verification platform that enables scalable compliance. From identity and business verification to ongoing monitoring, our platform adapts to different risk appetites and market demands, ensuring global compliance. It allows customizing analytics and workflows with a no-code interface.
Over 4,000 clients — including Bitpanda, Wirex, Avis, Bybit, Vodafone, Duolingo, Kaizen Gaming, and TransferGo — trust Sumsub to accelerate growth, prevent fraud, and maintain compliance worldwide.
Now we are looking for a Legal Counsel (Privacy & Data Protection) to join our Data Protection team. As a key member of our global legal team, you will play a pivotal role in shaping and implementing cutting-edge data protection, security, and privacy policies, ensuring compliance across the EMEA, APAC, US and other regions. You will also be responsible for keeping abreast of emerging data protection legislation affecting the regions in which we provide service.
What You Will Be Doing:
* Maintain and update data protection, security, and privacy policies and procedures, and ensure effective consent management.
* Assist with data deletion and DSARs, and respond to privacy-related queries with timely and pragmatic advice.
* Support the review and drafting of data protection contractual terms in agreements with customers and suppliers, including DPAs, DTAs, and other relevant agreements.
* Assist with the onboarding of new technologies and / or vendors.
* Maintaining Records of Processing Activities (ROPA), conducting Data Protection Impact Assessments (DPIAs), and performing Legitimate Interest Assessments (LIAs) to ensure compliance with GDPR and support privacy-by-design across the organization.
* Monitor emerging data protection legislation and oversee data processing registrations across jurisdictions.
* Deliver (or oversee delivery of) GDPR training (in some cases bespoke to the business team) to a new starters, carry out ad-hoc training related to data storage, retention, sharing and deletion of all data.
* Support the maintenance of the firm's ISO 27001, ISO 27701, GDPR, UK GDPR and other data privacy certifications.
About you:
* 5+ years of practical experience of applying relevant data protection and privacy legislation (GDPR, UK GDPR etc.) ideally within tech companies operating on a global scale.
* You are a self-starter who can quickly understand the company's operations and work independently with minimal supervision.
* IAPP CIPP/E, CIPM or CIPT or equivalent certification is desirable.
* A general understanding of technology and security issues impacting privacy projects and programs.
* A genuine interest and desire to work in the privacy field.
* Awareness of ongoing and recent developments across the privacy landscape.
* Attention to detail and commitment to quality, strong written and verbal communication skills.
* Team-focused with a passion for learning, excellence and continuous improvement.
* Strong problem-solving abilities, flexible, able to navigate transformational growth and ambiguity, show initiative and anticipate needs, and able to focus on multiple workstreams at once.
* Experience handling cross-border data privacy matters and implementing local regulatory requirements.
What We Offer:
* Remote-first, trust-based culture. Work from the place that works best for you. No mandatory office days, no attendance trackers. In some locations, we provide offices or coworking spaces, but the choice is yours.
* True flexibility. We do not fix you to a 9-to-5 schedule. You can adjust your working hours when needed, as long as your day stays productive and in sync with the team.
* Extra time off. Your birthday is a holiday here. Add to that 10 personal days each year, seven sick days without paperwork, and extra time to enjoy Christmas and New Year. Time to rest is part of the deal.
* Work that matters. Our mission is to build a digital world that is secure, accessible and inclusive for everyone. From fighting fraud to making online services easier and safer to use, your work will have a real impact on how people experience trust online.
* Compensation. We offer fair and transparent pay, benchmarked to the market.
* Truly global. We work across continents and time zones, with teammates and customers from all over the world. You will run campaigns that cross borders, cultures, and languages, and see your ideas land worldwide.
* Growth built in. Clear goals, open feedback and personal development plans. We support your progress with learning opportunities and by covering role-specific events, from design conferences to marketing forums.
* Team offsites. Sometimes just Slack is not enough. That is why we meet in person a few times a year. Trips are fully covered, so you can meet, collaborate, and recharge together.
* Getting you set up. We make sure you have access to the tools and hardware you need to do your work well.
* Friendly by design. Our logo is a dog for a reason. We keep things human, open and kind. We welcome individuality, quirks and different perspectives, because that is what makes our work smarter and more fun.
The hiring stages: TA screening -> Hiring Manager Interview -> Assignment.
Sounds like a great opportunity for your career development? Then go ahead and apply
We are a global community of innovators, creators, and thinkers, and we believe that diversity fuels our innovation. Sumsub is proud to be an equal opportunity employer, committed to building a diverse and inclusive workforce. We welcome applications from people of all backgrounds, cultures, genders, experiences, abilities and perspectives. Join us in shaping the future inclusively.