[Hiring] Privacy and AI Counsel @Lyra Health

Role Description

You will be a critical member of Lyra’s growing legal team, within its US Privacy division, supporting internal stakeholders in fulfilling Lyra’s mission to bring mental and emotional health solutions to large employers across the country and around the world.

This is a full-time remote role and will report to Lyra’s Sr. Director, Associate General Counsel - Global Privacy, and work closely in the US with the Privacy Counsel, US, the Sr. Privacy Manager, and the Senior Privacy Paralegal. The role will also involve working with the Privacy Counsel, International and the Data Protection Specialist, who are both based in the UK.

You will be expected to work independently in managing questions around a broad scope of privacy issues, conducting legal research, counseling internal stakeholders to resolve privacy questions, and leading projects to support the growth of both Lyra’s privacy program and AI governance.

A significant portion of this role will be dedicated to AI-related work, including completing reviews of AI use cases (for example, relating to generative AI and agentic AI), and advising on AI-powered products, services, and tools.

The ideal candidate will be a passionate privacy attorney with a proactive nature, and an enthusiasm for new technologies, such as AI, and their governance, and someone who is searching for a collaborative environment brimming with novel questions.

The privacy division of Lyra’s legal team plays an essential role at the company, responding to and managing complex privacy and AI questions and establishing a framework to support legal and programmatic privacy and AI initiatives. Experienced candidates are welcome to join our dynamic and passionate team.

Responsibilities

• Support Lyra’s privacy program and advise internal stakeholders on privacy concerns related to Lyra’s products and services, and the implementation of new technologies, such as AI.
• Participate extensively in AI use case reviews, including those involving generative AI and agentic AI for internal use at Lyra, and in legal reviews and assessments relating to the development by Lyra of AI-powered products, services, and tools.
• Drive the AI use case review process forward to meet established SLAs, ensuring the business remains agile.
• Draft, maintain, and evolve AI governance documentation, including the Company’s Responsible AI Policy and related standards, procedures, and guidance.
• Coordinate with internal teams to ensure corporate adherence to applicable state and federal privacy laws, including, but not limited to, CCPA and HIPAA.
• Stay abreast of, analyze, and advise on evolving US laws and regulations relating to privacy and AI at both the state and federal level.
• Update the legal team and the business on relevant new regulatory requirements and feed into policy and procedural documentation.
• Support international AI regulatory compliance by partnering with the Privacy Counsel, International on the EU AI Act and other global AI regulations.
• Collaborate with commercial counsel to ensure that privacy provisions in commercial agreements and Business Associate Agreements (BAAs) appropriately manage risk and comply with privacy policies, laws, rules, regulations, and company objectives.
• Review BAAs negotiated by commercial counsel and document data use permissions for new and existing customers.
• Work cross-functionally to advise product and business teams on potential privacy and AI regulatory implications of Lyra’s new and existing product lines.
• Investigate, manage, document and report privacy incidents, including breaches, in accordance with applicable law, contractual requirements and corporate strategy.
• Participate in cross-functional teams working on AI governance and AI use case reviews.
• Other duties as assigned.

Qualifications

• Law degree from top-tier law school and membership in a state bar with good standing.
• A minimum of 3 to 5 years legal experience in-house or at a law firm.
• Experience analyzing and advising on health care privacy laws on the state and federal level; implementation of CCPA or GDPR programs a plus, as is experience advising on AI regulation and governance.
• Excellent problem-solving capabilities, judgment, communication (written and verbal), and interpersonal skills.
• Experience leading projects, including collecting, distilling and summarizing issues from relevant stakeholders and moving projects forward.
• Experience in solving product legal matters, including communicating and collaborating effectively with stakeholders with a wide range of legal and technical experience and knowledge.
• Ability to balance technical AI legal advice with operational process management.
• Experience working in-house with a technology company and/or health care organization strongly preferred.
• Ability to thrive in a high-performance culture, with strong prioritization skills, and the ability to manage multiple competing demands effectively.

Preferred qualifications, experience and attributes

• Strong background in Data Privacy coupled with significant, hands-on AI experience.
• AI-related professional certification (e.g., IAPP Artificial Intelligence Governance Professional (AIGP)) or equivalent professional study relating to AI.
• Privacy-related professional certification (e.g., IAPP CIPP/US).
• Experience of new US state AI regulation, for example: California, Colorado, Texas, Illinois, New York (including NYC), Utah.
• Ability to think quickly on your feet, convey grace under pressure, and manage shifting priorities.
• Ability to operate autonomously, yet collaboratively, apply good judgment as to when to escalate issues to senior members of the team.
• Bring a positive attitude to the workplace.
• Sense of humor.

Benefits

• Comprehensive healthcare coverage (including medical, dental, vision, FSA/HSA, life and disability insurances)
• Lyra for Lyrians; coaching and therapy services
• Equity in the company through discretionary restricted stock units
• Competitive time off with pay policies including vacation, sick days, and company holidays
• Paid parental leave
• 401K retirement benefits
• Monthly tech allowance
• Well-being perks and activities, surprise swag, regular community celebration…and more!