We’ve signed up to an ambitious journey. Join us!

As Arrive, we guide customers and communities towards brighter futures and more livable cities, it isn’t a challenge just anyone could take on. Luckily, we have something to help us make it happen. Our people and our values. We Arrive Curious, Focused and Together. Just as our entire brand is inspired by the North Star, the shining light leading travelers to their destinations since time began, our values guide us. They help us be at our best. For our customers. For the cities and communities we serve. For ourselves. As a global team, we are transforming urban mobility. Let’s grow better, together.

The Role

We are looking for a senior attorney with extensive experience in global data privacy, cybersecurity, commercial deals in the technology space, and regulatory matters to join our U.S. office within our global legal department as the Global Data Privacy Counsel and U.S. and Canada Privacy Officer. You will advise the business on complex privacy, data protection, cybersecurity, and emerging technology issues and play a leading role in designing, leading, and continuously improving our global data privacy program.

You will report to our US-based Deputy General Counsel and collaborate closely with a wide range of business leaders and stakeholders worldwide.

This is a hybrid role based in Atlanta, requiring regular engagement with global colleagues.

What You'll Do

Strategic Legal Counsel & Business Partnership

Serve as a trusted strategic legal advisor to executive leadership, business unit and function heads, and the governance committees on global privacy, data protection, and cybersecurity risks, as well as opportunities aligned with rapid business growth and innovation.

Design, lead, and continuously evolve the global privacy and data protection program, ensuring it not only meets regulatory requirements but also supports scalable growth and competitive advantage in a fast-paced, high-growth environment.

Partner closely with product, technology, payments, data, software and hardware sales, marketing, and strategy teams to embed privacy-by-design and data governance principles into all data-driven and payment-related initiatives.

Advise on privacy, data protection, cross-border data processing, and emerging technologies (AI and machine learning), in connection with parking, public transport and other urban mobility technologies and data services (B2B, B2C), to help the company navigate these complex regulatory environments while accelerating innovation.

Balance risk management with enabling agility—help business units achieve their ambitious growth objectives without compromising compliance or customer trust.

Data Privacy Counsel & Leadership

Lead and manage a global, unified privacy and data protection team, including the EU Data Protection Officer and EU Privacy Program Manager, and serve as the global privacy and data protection leader responsible for harmonizing privacy and data protection practices across all regions.

Act as the company’s U.S. and Canada Privacy Officer, overseeing all U.S.-specific and Canada-specific aspects of the global privacy and data protection program.

Own enterprise-wide development, implementation, and continuous improvement of privacy and data protection policies, standards, and frameworks aligned with relevant global privacy and data protection-related regulations.

Develop and maintain a privacy and data protection risk management framework and a dashboard of key privacy metrics to inform leadership decisionmaking and monitor program effectiveness in a high-growth environment.

Lead privacy and data protection audits and program assessments to ensure compliance and identify areas for improvement aligned with rapid company growth.

Identify, assess, and manage emerging risks related to data privacy and data governance, providing timely reports and actionable insights to governance committees and senior leadership.

Promote privacy-by-design methodologies in partnership with technology and product teams.

Drive global privacy and data protection training and awareness programs, cultivating a culture of accountability and privacy-mindedness across diverse teams and geographies.

Lead interactions with external counsel, auditors, and regulators to anticipate, influence, and respond to evolving privacy, data protection and cybersecurity regulations and issues.

Facilitate and review privacy and data protection impact assessments (PIAs/DPIAs) for new products and strategic data-driven initiatives.

Oversee compliance with cross-border data transfer, localization, and data sovereignty requirements, particularly in the context of large-scale data processing.

Provide expert legal counsel and strategic advice on privacy and data protection-related provisions in commercial agreements (sales, third-party, etc.)—actively enabling and accelerating deals and sales while ensuring privacy and compliance are embedded in all business dealings, especially those with cross-border implications.

AI, Emerging Tech & Data Governance

Provide expert counsel on legal and ethical considerations related to AI, machine learning, and other emerging technologies, ensuring compliance with evolving AI governance frameworks and data ethics standards.

Lead privacy risk assessments and governance frameworks for AI/ML projects to promote responsible and transparent AI.

Support innovation while ensuring that AI-driven products and services meet high standards of privacy, security, and regulatory compliance.

Incident Management

Lead and coordinate enterprise privacy incident response in collaboration with Information Security and senior leadership, minimizing legal risks and ensuring effective communication with internal and external stakeholders during an incident.

Advise on proactive incident response plans to ensure efficiencies and collaboration across stakeholders while managing legal risk

What You Will Bring:

Juris Doctor degree from a reputable, accredited U.S. law school.

Active license in good standing with one or more U.S. state bars (Georgia preferred).

10+ years of progressive experience in data privacy and cybersecurity legal matters, with significant in-house experience at a high-growth, technology-driven company.

Deep expertise and knowledge of and hands-on experience with U.S. and international data privacy, cybersecurity, and compliance laws and frameworks (including GDPR, CCPA/CPRA, PCI-DSS, ISO certifications, and other relevant global standards) and leading-edge AI regulations and frameworks.

Demonstrated success in providing strategic legal counsel that balances risk management with enabling innovation and business growth, particularly in payments and data-driven initiatives.

Proven experience leading global privacy and data protection programs, including managing privacy and data protection risk frameworks and governance.

Experience managing external counsel, auditors, and regulators.

Proven ability to lead, develop, and inspire diverse, global teams, including direct leadership experience with Data Protection Officers and other privacy professionals.

Strong business acumen with the ability to translate complex legal concepts into clear, actionable advice that aligns with business objectives and supports deal-making and sales acceleration.

Excellent communication and interpersonal skills, with the ability to influence stakeholders at all levels, including senior executives and cross-functional teams globally.

Proficiency in using Governance, Risk, and Compliance (GRC) systems to manage privacy programs is a plus.

A collaborative, flexible, and pragmatic mindset, eager to work across cultures and geographies in a fast-paced, high-growth environment.

Written and verbal fluency in English required; additional language skills are a valuable asset.

We know there’s no such thing as a “perfect" candidate. We’re all a work in progress and are growing new skills and capabilities all the time. Arrive welcomes those who are passionate about learning and evolving. If this looks like a role where you could do work that excites you, we hope you’ll apply.

About us

Arrive, including brands like EasyPark, Flowbird, RingGo, ParkMobile and Parkopedia, is a leading global mobility platform. Present in over 90 countries and 20,000 cities, the company helps people and decision-makers make smarter decisions about urban mobility and ease the experience of travel worldwide. Arrive delivers a unique combination of the core ingredients to make cities more livable: from smart payments and optimized car parks to data-driven traffic reduction and support for reinvestment in public transport and green space. It’s about more than function, it’s about saving time and simplifying the experience of travel for everyone. Travel is more than a journey, it’s how you Arrive.