What you’ll do..

    • Support legal and business teams on privacy, data protection and spam marketing related matters.
    • Work with product, technology and data services teams – including security, data governance and product compliance/regulatory – on existing and new data use cases and product features to ensure compliance with Xero’s approach to responsible data use, including working through data protection impact assessments (DPIAs) where appropriate.
    • Take ownership over privacy and data protection projects and drive cross-functional engagement.
    • Support data incident management.
    • With the Global Privacy Counsel, take ownership of Xero’s response to enquiries from data protection regulators.
    • Work closely with Customer Experience to ensure compliance with data subjects rights obligations.
    • Help evaluate the impact of evolving legislative and regulatory environments for data protection on Xero’s various business units.
    • Collaborate with key internal stakeholders to champion data protection and compliance across the business while continuing to enable commercial opportunities in a fast-paced environment, including through the development and delivery of training and the promotion of awareness.
    • Work with the compliance team and business leaders to support implementation of compliance procedures that will ensure Xero continues to optimise data sets for enhanced customer benefit
    • Review and advise on data processing addenda and data protection/privacy related clauses in intra-group agreements and contracts with third parties.
    • Coach and mentor junior members of the legal team.
    • Support data protection related matters as part of M&A activity.
    • Contribute to internal data protection policy and process development (including training)Liaise with and manage Xero’s external legal advisors as required

Criticial Competencies

    • Strong drafting, analytical, and interpretation skills.
    • Strong commercial acumen and a pragmatic approach.
    • Practical and proactive problem solving skills.
    • Excellent written and verbal communication skills.
    • High level of attention to detail.
    • Ability to work autonomously.
    • Ability to take a proactive and creative approach to solving legal issues.
    • Collaborative, growth and innovation mindset.
    • Ability to convey complex legal matters in a digestible, plain-english format


    • 6+ years post-qualification legal, privacy and data protection experience (in-house legal experience desirable).
    • Detailed knowledge and experience of privacy laws and data protection frameworks, including the existing EU General Data Protection Regulation
    • Law degree (strong academic results)
    • Current practising certificate.
    • Experience providing advice to companies in the technology sector preferred.
    • Experience with fintech or financial services a plus
Job Overview
Job alerts

Subscribe to our weekly job alerts below and never miss the latest jobs

Sign in

Sign Up

Forgotten Password