Degreed

Privacy Specialist | BR

Brazil Based | RemoteFull-TimeMid-levelOther

Skills

Security

You will be redirected to the company career page

Intro

Degreed is the upskilling platform that fuels growth and innovation through lifelong learning. We bring together everything you need to learn and advance: LMSs, courses, videos, articles, projects, and real-world skill insights, matching you with opportunities that align with your skills, role, and goals.
For businesses, Degreed helps build a culture of learning that attracts, develops, and retains top talent, driving both individual and company success.
We believe learning is the key to unlocking opportunities. Our mission is to discover, empower, and celebrate the next generation of global expertise.
Join us in shaping the future of learning and workforce development!

We are seeking a Privacy & AI Compliance Specialist to join Degreed’s international Privacy team. Reporting to the Head of Privacy, this role plays a critical part in ensuring Degreed’s global compliance with evolving data protection and AI regulatory frameworks while enabling innovation across our SaaS platform.

This position sits at the intersection of privacy, AI governance, product innovation, and client trust. You will advise cross-functional stakeholders and external clients on privacy and AI risk management, regulatory obligations, and practical compliance strategies. The ideal candidate brings a pragmatic, business-first mindset—translating regulatory complexity into scalable, cost-effective solutions that support responsible growth.
This role will also act as Degreed’s Data Protection Officer (DPO) in Brazil.

Key Skills

Deep knowledge of global privacy regulations (LGPD, GDPR, CPRA, and related frameworks)
Working knowledge of emerging AI regulations (e.g., EU AI Act, Colorado AI Act)
Experience advising SaaS or technology organizations in a multinational environment
Strong contract review and negotiation skills (DPAs, AI addendums, data processing terms)
Ability to translate legal/regulatory requirements into operational and product guidance
Cross-functional stakeholder management (Product, IT Security, Marketing, Data Science)
Risk assessment and mitigation planning
Experience managing regulatory inquiries and data subject rights requests
Strong written and verbal communication skills in English and Portuguese (Spanish a plus)
Pragmatic, solutions-oriented mindset with strong business acumen
Deep knowledge of global privacy regulations (LGPD, GDPR, CPRA, and related frameworks)
Working knowledge of emerging AI regulations (e.g., EU AI Act, Colorado AI Act)
Experience advising SaaS or technology organizations in a multinational environment
Strong contract review and negotiation skills (DPAs, AI addendums, data processing terms)
Ability to translate legal/regulatory requirements into operational and product guidance
Cross-functional stakeholder management (Product, IT Security, Marketing, Data Science)
Risk assessment and mitigation planning
Experience managing regulatory inquiries and data subject rights requests
Strong written and verbal communication skills in English and Portuguese (Spanish a plus)
Pragmatic, solutions-oriented mindset with strong business acumen

Key Responsibilities

Inform and advise the business on existing and emerging privacy regulations applicable to Degreed globally, including LGPD, GDPR, CPRA, and related frameworks.
Monitor and advise on AI-related regulatory developments, including the EU AI Act, Colorado AI Act, and other evolving AI governance frameworks.
Provide actionable, business-oriented guidance to cross-functional teams (IT Security, Marketing, Product, Data Science) to ensure compliant product development and data processing practices.
Review, draft, and negotiate privacy and AI-related contractual provisions, including DPAs and AI addendums.
Maintain and oversee Records of Processing Activities (RoPA).
Manage data subject requests, regulatory inquiries, and communications with supervisory authorities.
Track and report on Degreed’s legal and contractual compliance obligations.
Design and deliver internal training programs to employees involved in personal data processing or AI development.
Serve as Degreed’s DPO in Brazil.
Support additional privacy and AI governance initiatives as the regulatory landscape evolves.
Inform and advise the business on existing and emerging privacy regulations applicable to Degreed globally, including LGPD, GDPR, CPRA, and related frameworks.
Monitor and advise on AI-related regulatory developments, including the EU AI Act, Colorado AI Act, and other evolving AI governance frameworks.
Provide actionable, business-oriented guidance to cross-functional teams (IT Security, Marketing, Product, Data Science) to ensure compliant product development and data processing practices.
Review, draft, and negotiate privacy and AI-related contractual provisions, including DPAs and AI addendums.
Maintain and oversee Records of Processing Activities (RoPA).
Manage data subject requests, regulatory inquiries, and communications with supervisory authorities.
Track and report on Degreed’s legal and contractual compliance obligations.
Design and deliver internal training programs to employees involved in personal data processing or AI development.
Serve as Degreed’s DPO in Brazil.
Support additional privacy and AI governance initiatives as the regulatory landscape evolves.

Requirements

Proven experience in a privacy or data protection role within a multinational organization, ideally in a SaaS or technology company.
Demonstrated experience advising on global data protection frameworks (LGPD, GDPR, CPRA).
Familiarity with AI governance and regulatory compliance frameworks.
Law degree preferred but not required.
Fluency in English and Portuguese (required); Spanish is a plus.
Strong organizational, analytical, and interpersonal skills.
Solid understanding of SaaS architecture and data lifecycle management.
Relevant privacy or AI certifications (e.g., IAPP CIPP/E, CIPM, AIGP) are advantageous.
Proven experience in a privacy or data protection role within a multinational organization, ideally in a SaaS or technology company.
Demonstrated experience advising on global data protection frameworks (LGPD, GDPR, CPRA).
Familiarity with AI governance and regulatory compliance frameworks.
Law degree preferred but not required.
Fluency in English and Portuguese (required); Spanish is a plus.
Strong organizational, analytical, and interpersonal skills.
Solid understanding of SaaS architecture and data lifecycle management.
Relevant privacy or AI certifications (e.g., IAPP CIPP/E, CIPM, AIGP) are advantageous.