Remotehey

CandidatePost jobSignin

Work anywhere, Live anywhere

Legal.io - remotehey
Legal.io

Paralegal, Privacy

united states / Posted
APPLY

A publicly traded cybersecurity company is seeking a Privacy Paralegal to support it's US team on a contract basis.


This is a fully remote, full-time role (40 hours per week) with an anticipated 6-month duration.


Start: April 2026

Duration: 6 months

Hours: Full-time (40 per week)

Location: US - REMOTE

Rate: $50 - 60/hour


Responsibilities


Review, assess, and respond to privacy questionnaires and vendor due diligence requests to ensure compliance with applicable U.S. privacy laws and internal privacy standards.

Manage the intake, tracking, and fulfillment of Data Subject Access Requests (DSARs), including coordination with internal stakeholders to ensure timely, accurate, and defensible responses.


Negotiate and review basic to moderately complex Data Processing Agreements (DPAs) and related privacy provisions, ensuring consistency with company-approved playbooks, standards, and risk tolerance.


What You’ll Do


  • Serve as a primary administrator for the OneTrust platform, including:
  • DSAR workflow configuration and optimization
  • Vendor risk and privacy assessment management
  • Records of Processing Activities (RoPA) maintenance
  • Privacy notices, consent, and cookie compliance modules (as applicable)
  • Maintain and improve privacy operations processes, playbooks, and documentation to support scalability and audit readiness.
  • Monitor and help operationalize changes to U.S. state privacy laws and applicable international privacy requirements.


What We’re Looking For


  • 4+ years of experience in privacy operations, privacy law, or paralegal support, preferably in an in-house or legal operations environment.
  • Advanced, hands-on experience administering OneTrust (required), including DSARs and vendor/privacy assessments.
  • Strong working knowledge of U.S. privacy laws, including CCPA/CPRA, VCDPA, CPA, CTDPA, and general understanding of GDPR and international data protection principles.
  • Demonstrated experience managing DSAR workflows and negotiating DPAs or privacy contract addenda.
  • High attention to detail with strong analytical and issue-spotting skills.
  • Excellent written and verbal communication skills, with the ability to translate legal requirements into operational actions.
  • Proven ability to work independently, manage competing priorities, and operate effectively in a remote environment.


-----


Legal.io is committed to the principle of equal opportunity. All employment decisions are made without regard to race, color, gender, gender identity, gender expression, sexual orientation, religion (including religious dress and grooming practices), creed, sex (including pregnancy, childbirth, breastfeeding and related medical conditions), marital status, age, national origin, ancestry, physical or mental disability, medical condition (including cancer and genetic characteristics), genetic information, military and veteran status or any other basis protected by the laws or regulations in the locations where we operate.