About Ramp

Ramp is building the smart infrastructure for finance teams, embedded in the transaction flow of every dollar a business spends. We automate how over $100B in annualized spend flows in and out of 50,000+ companies: authorizing payments, flagging risk, categorizing spend, and closing books.

The problems are high-stakes, data-dense, and unforgiving.

We hire people with high agency and high urgency. We look for slope over intercept. We care less about where you trained and more about what you’ve built. At Ramp, everyone is a builder who owns problems end to end and makes consequential decisions that shape the outcome.

The median Ramp customer saves 5% and grows revenue 16% in their first year – far in excess of businesses operating without Ramp. We believe every ambitious company deserves the same.

If you want to build systems that directly shape how companies move and manage billions, Ramp is the place to do it.

About the Role

As Ramp’s Privacy & AI Counsel, you’ll serve as a key legal advisor on data privacy, cybersecurity, data governance, and AI matters—helping Ramp navigate a rapidly evolving regulatory landscape while enabling our product and engineering teams to build and ship at responsibly, at high velocity, and at scale. You’ll report to our Senior Privacy Counsel.

This is a high-impact role at the intersection of law, technology, and trust. You’ll work cross-functionally with Engineering, Product, Security, and Compliance to embed privacy and security-by-design principles into everything we build. As Ramp continues to expand its AI capabilities and global footprint, you’ll play a central role in shaping strategy, frameworks, policies, and practices at Ramp.

What You’ll Do

• Privacy & AI Governance: Advise on global privacy and AI laws (e.g. CCPA, other state privacy and marketing laws, GDPR, EU AI Act, and PIPEDA) and other international laws and frameworks), including data mapping, data subject requests (DSRs), and privacy impact assessments

• Privacy Compliance Automation: Manage and help automate privacy program work, such as data mapping, data subject requests (DSRs), and privacy impact assessments

• Product Counseling: Partner with Product and Engineering teams to advise on and help ship new features and products

• Incident Management and Business Continuity: Collaborate with Information Security, Engineering, and other stakeholders to support incident management and business continuity work, including improving and maintaining policies and plans, conducting training and tabletop exercises, and helping manage the response and recovery in the event of a security incident or other business continuity event

• Commercial Support: Draft, review, and assist with negotiation of data processing agreements (DPAs), and data, AI, and information security provisions in customer, vendor, and partner contracts

• Regulatory Monitoring: Proactively track and analyze developments in privacy, cybersecurity, AI, and data governance regulation at the federal, state, and international levels, and translate those developments into actionable business advice

• Training: Create and deliver privacy, AI, and information security training to internal stakeholders to build awareness and increase business partner enablement

What You’ll Need

• J.D. from an ABA-accredited law school and active membership in good standing in at least one U.S. state bar (ability to register as in-house counsel in New York preferred)

• 4–7 years of experience in data privacy, cybersecurity, or AI law, with a combination of law firm and in-house experience preferred

• Deep familiarity with U.S. privacy and data security frameworks (e.g. CCPA/CPRA, CAN-SPAM, TCPA, 23 NYCRR Part 500, and state breach notification statutes) and working knowledge of international regimes (e.g. GDPR, PIPEDA, and LGPD)

• Demonstrated experience advising on AI governance, including AI risk assessments, model governance, and emerging AI regulatory frameworks (EU AI