Director, Legal - Privacy, Cybersecurity and AI Governance

Want to help us, help others? We’re hiring! 

GoFundMe is a global community of over 150 million people who come together every day with the common purpose of helping one another. Our mission is to help people help each other through our best in class technology. In 2022, GoFundMe joined together with Classy, a leading nonprofit fundraising software company that enables nonprofits to connect supporters with the causes they care about. Together, we have empowered people and organizations to raise more than $30 billion since 2010. Our vision is to become the most helpful place in the world.

Join us! GoFundMe is seeking a Director Legal, Privacy, Cybersecurity and AI Governance to manage and scale our privacy and AI governance programs and support our security team. This role will oversee the continued development of AI governance, ensure compliance with global privacy regulations, support product teams on privacy matters, support the security team on all incident response matters and provide strategic guidance on privacy and AI-related contractual issues. The ideal candidate will have deep expertise in privacy and cybersecurity law, AI governance, and data protection, as well as strong leadership skills to mentor and manage a team.

The Job…

• Leadership & Strategy:
  • Lead and develop a team of three privacy professionals, ensuring strong execution of privacy and AI governance initiatives.
  • Lead communication and collaboration with product, engineering, security, and marketing teams to operationalize privacy and AI governance policies.
  • Report out to leadership regularly on progress of key privacy, cybersecurity, and AI governance risks, developments, and compliance initiatives. 
    
• Privacy & Data Protection Compliance:
  
  • Support the Product team by advising on privacy-by-design strategies, data protection impact assessments (DPIAs), records of processing activities (ROPAs), and other compliance matters.
  • Oversee privacy-related policies, including Data Subject Requests, vendor diligence, and marketing consent management.
  • Work with engineering and security teams on data protection by design, cookie compliance, and incident response.
• AI Governance & Responsible AI Strategy:
  
  • Manage GoFundMe’s AI governance program, ensuring compliance with emerging AI regulations and responsible AI principles.
  • Partner with technical teams to evaluate AI models for fairness, transparency, and accountability.
  • Stay ahead and keep legal team and AI Governance Committee informed of regulatory changes, including the EU AI Act, U.S. AI regulatory developments, and industry frameworks.
• Data Breach & Incident Management:
  • Lead GoFundMe’s legal response to security incidents and data breaches, collaborating with security, engineering, customer care and communications teams.
  • Ensure compliance with global data breach notification laws, including GDPR, CCPA/CPRA, and other regulatory frameworks.
  • Develop and refine incident response playbooks, including escalation protocols, regulatory reporting, and customer communications.
  • Provide legal guidance on forensic investigations, mitigation strategies, and post-breach assessments to enhance future resilience.
• Contracting & Vendor Support:
  • Support the contracts team by reviewing and negotiating privacy and AI-related provisions in vendor and commercial agreements, including data processing agreements (DPAs) and AI-related terms.
  • Provide guidance on third-party AI tools and vendors, ensuring compliance with GoFundMe’s privacy and AI governance standards.
• Cross-functional Collaboration & Training:
  • Serve as a key legal advisor on privacy and AI risks across the company.
  • Ensure we stay abreast of key regulatory trends in order to guide sound decision-making and support of our compliance strategies. 
  • Provide training and guidance to internal teams on privacy, AI governance, and data protection best practices.
  • Engage with leadership and stakeholders to drive privacy and AI governance awareness and adherence.

You… 

• 12+ years of legal experience, with a strong focus on privacy, data governance, and 1+ years of AI governance.
• Expertise in Global privacy regulations (GDPR, CCPA/CPRA, etc.) and AI laws (EU AI Act, emerging U.S. AI regulations).
• Experience with both B2C and B2B technologies
• Experience supporting product teams on privacy-by-design and data protection matters.
• Strong background in negotiating and advising on privacy and AI-related contractual terms.
• Experience managing and mentoring a team.
• Familiarity with privacy management tools (e.g., Transcend, DataGrail), cookie compliance matters and AI governance frameworks.
• CIPP certification or similar privacy credentials preferred.
• Experience in the tech, marketplace, platform, or financial services industries is a plus.

Why Join Us?

• Lead and shape the privacy and AI governance function at a mission-driven company.
• Work on cutting-edge privacy and AI governance issues in a rapidly evolving space.
• Collaborate with passionate and innovative teams across legal, product, marketing, and engineering.

Why you’ll love it here...

• Market competitive pay.
• Rich healthcare benefits including employer paid premiums for medical/dental/vision (100% for employee-only plans and 85% for employee + dependent plans) and employer HSA contributions. 
• 401(k) retirement plan with company matching.
• Hybrid workplace with fully remote flexibility for many roles.
• Monetary support for new hire setup, hybrid work & wellbeing, family planning, and commuting expenses.
• A variety of mental and wellness programs to support employees.   
• Generous paid parental leave and family planning stipend.
• Company provided life and disability coverages.
• Supportive time off policies including vacation, sick/mental health days, volunteer days, company holidays, and a floating holiday.
• Learning & development and recognition programs.
• “Gives Back” Program where employees can nominate a fundraiser every week for a donation from the company.
• Inclusion, diversity, equity, and belonging are vital to our priorities and we continue to evolve our strategy to ensure DEI is embedded in all processes and programs at GoFundMe. Our Diversity, Equity, and Inclusion team is always finding new ways for our company to uphold and represent the experiences of all of the people in our organization.
• Employee resource groups.
• Your work has a real purpose and will help change lives on a global scale.
• You’ll be a part of a fun, supportive team that works hard and celebrates accomplishments together. 
• We live by our core values: impatient to be great, find a way, earn trust every day, fueled by purpose.
• We are a certified Great Place to Work, are growing fast and have incredible opportunities ahead!

GoFundMe is proud to be an equal opportunity employer that actively pursues candidates of diverse backgrounds and experiences. We are committed to providing diversity, equity, and inclusion training to all employees, and we do not discriminate on the basis of race, color, religion, ethnicity, nationality or national origin, sex, sexual orientation, gender, gender identity or expression, pregnancy status, marital status, age, medical condition, mental or physical disability, or military or veteran status.

The total annual salary for this full-time position is $218,500 - $327,500 + equity + benefits.  Our salary ranges are determined by role, level, and location. Individual pay is determined by work location and additional factors including job-related skills, experience, and relevant education or training. 

If you require a reasonable accommodation to complete a job application or a job interview or to otherwise participate in the hiring process, please contact us at accommodationrequests@gofundme.com. 

Dedication to Diversity 

GoFundMe and Classy are committed to leveraging Diversity, Equity, Inclusion, and Belonging to cultivate a culture that embraces and supports the unique identities, experiences, and perspectives of our people and customers.

Our diversity recruiting priority is recognized under our first DEIB Driver: Opportunity Foster Diversity - we identify, recruit, and invest in top talent- ensure our people reflect the unique identities, experiences, and perspectives of the communities we serve and are all given the chance to grow.

Global Data Privacy Notice for Job Candidates and Applicants:

Depending on your location, the General Data Protection Regulation (GDPR) or certain US privacy laws may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available here. By submitting your application, you are agreeing to our use and processing of your data as required. 

Learn more about GoFundMe:

We’re proud to partner with GoFundMe.org, an independent public charity, to extend the reach and impact of our generous community, while helping drive critical social change. You can learn more about GoFundMe.org’s activities and impact in their FY ‘24 annual report.

Our annual “Year in Help” report reflects our community’s impact in advancing our mission of helping people help each other.

For recent company news and announcements, visit our Newsroom.