Privacy Manager

The role

The Privacy Manager will work closely with business and technology teams across Nebius to identify privacy risks, help create solutions, and collaborate on strategies to enable business success in this rapidly-evolving regulatory environment. The position is part of a collegial Group Privacy Office, which forms part of the Legal team.

Your responsibilities will include: 

• Advise business teams (including marketing, sales, IT, and operations) regarding compliance with privacy, AI, and related laws and work collaboratively with the Group Privacy Office peers to provide advice for projects with both regional and global scope
• Perform vendor and third-party privacy risk assessments, particularly for cloud providers, data center partners, and managed service vendors
• Support cross-border data transfer assessments, including SCCs, TIAs, and adequacy mechanisms
• Provide clear, practical, pragmatic, guidance in a multicultural environment, balancing regulatory expectations with business realities
• Efficiently advise on data protection terms in agreements including license, vendor, SaaS, technology, master services, confidentiality and other agreements
• Support product development by advising on privacy-by-design and privacy-by-default principles, balancing regulatory requirements with business goals and partner/customer expectations
• Draft, update, and maintain internal and external privacy documentation, including DPIA templates, guidance materials, FAQs, and communication assets. Perform privacy impact assessments, responsible AI assessments, and other governance tasks, and contribute to the maintenance of records of processing and the satisfaction of privacy-by-design and privacy-by-default requirements
• Advise sales and marketing teams on compliance implications of various marketing initiatives including online advertising, behavioral advertising, social networking, email, SMS/text, and other consumer-facing communications
• Work closely with Information Security, Data Governance, Risk, and Audit teams to identify and mitigate data protection compliance risks including issue-spotting and advising related to cybersecurity and data incidents
• Support the privacy aspects of data breach and incident response, including regulatory notifications within EU timelines

We expect you to have: 

Professional Qualifications:

• LLM or J.D. degree or equivalent degree with strong academic performance
• at least 6 years of hands-on experience in privacy, data protection, or related compliance roles preferably within a technology-driven and/or international environment.

Required Skills & Experience:

• Strong, demonstrable knowledge of European data protection laws and global privacy regulations (e.g., UK GDPR, Swiss FADP, CCPA)
• Demonstrable expertise on US privacy legislation Experience interpreting regulatory guidance and drafting relevant privacy notices, policies, and procedures
• Hands-on experience with DPIAs, RoPAs, vendor assessments, and data transfer mechanisms
• Experience advising corporate clients regarding compliance matters
• Experience negotiating and drafting contracts
• Ability to work independently, exercise sound judgment, and make decisions within established guidelines and risk frameworks
• Excellent oral and written communication skills
• Strong problem-solving and issue-resolution capabilities
• Ability to work collaboratively with business partners across levels and show leadership on complex, high priority issues
• Ability to translate complex privacy and regulatory concepts into clear, business-friendly language and apply them to a complex technical environment

It will be an added bonus if you have: 

• Ability to engage in technical discussions with IT teams regarding ad tech, data anonymization, and security/access controls related to cloud computing
• Cultural awareness and ability to work effectively in diverse, global teams
• Understanding of cybersecurity laws such as NIS2/DORA/CRA
• High attention to detail and strong organizational skills
• Ability to manage multiple priorities in a fast-paced infrastructure environment
• Hands on attitude