Legal Counsel (Product and Privacy)

About the Job:

👋 I’m Kelly https://www.linkedin.com/in/kelly-fish-52116924/, Senior Legal Counsel at Ashby. I joined Ashby recently as the first dedicated legal hire and am now building out the legal team to support our next phase of growth!

After 12 years building and scaling in-house legal teams, I was drawn to Ashby for its ambition, product vision, and the exceptional talent across the company. Working alongside smart, low-ego, high-ownership operators every day is energizing and inspires you to bring your best ideas forward. The Ashby leadership team is decisive and thoughtful, making intentional choices that balance speed, customer focus, and long-term growth.

Ashby builds AI-powered hiring software used by thousands of companies globally, and we have ambitious plans for product expansion. We’re looking for someone experienced partnering as the key legal advisor to SaaS product teams who is experienced in privacy law and navigating changing regulations, highly pragmatic and commercial, and excited to be the go-to expert on these issues across the company.

This is a hands-on role - you’ll partner deeply with Product and Engineering teams to get ahead of the product roadmap, translating complex legal and regulatory requirements into practical guidance for internal teams, customers and enable the business to move fast. You’ll need to be comfortable diving into the details of the product, understanding data flows, and identifying potential issues without slowing progress down. Your role is to solve problems collaboratively, partner on clear and pragmatic solutions, and build scalable approaches that allow Ashby to innovate with confidence.

You’ll own and refine our data subject access process and partner closely with Ashby’s commercial counsel on privacy and product related questions from prospects and customers. Privacy, data and product counselling will be your core focus but you’ll also contribute to other areas of the business, including items such as advising on global expansion, IP, security incidents, corporate governance, employment, and legal operations, and helping shape the foundations of Ashby’s growing legal function.

You will be at the heart of product and privacy decisions, working closely with Product, Engineering, Security, and Customer Success. If you thrive in a high-growth, fast-paced environment, enjoy building strong cross-functional relationships, and are motivated by the opportunity to shape a best-in-class legal function while directly enabling responsible product innovation and business success, this role is for you.

Responsibilities

• Partner with Ashby’s Product Team and individual Product Managers to provide proactive legal advice on new products and features, particularly those involving AI and candidate data, addressing areas such as privacy, PII handling, transparency, bias mitigation, and anti-discrimination/equal opportunity.

• Own privacy compliance, including global DPA playbooks, privacy policy updates, and working with our DSAR team to streamline responses to data subject requests.

• Respond to customer security and compliance questionnaires, and develop scalable processes to handle volume.

• Contribute to the creation of customer-facing compliance documentation, FAQs, and GTM materials in partnership with product, security and marketing.

• Partner closely with the Ashby Security team to respond to any security incidents, including drafting relevant security related communications.

• Provide proactive advice by staying up to date on relevant industry regulations and developments, particularly in the regulation of the use of AI in the hiring process across our key regions and privacy law developments e.g., GDPR, EU AI Act, and U.S. federal and state AI/privacy laws.

• Advise on data practices, data retention, and cross-border data transfers.

• Support vendor due diligence and negotiations on privacy and compliance terms.

• Work on a wide range of legal matters as they arise or are proactively identified, including IP, employment, global expansion and fundraising.

• Help shape the legal function’s operations and structure as Ashby continues to grow, including identifying opportunities for innovation through technology.

Qualifications

• JD from an accredited law school and active license to practice law in the US (or equivalent qualification in relevant jurisdiction)

• 6-8 years of legal experience with significant focus on product counselling, privacy, and data protection.

• In-house experience at a fast growing technology company with demonstrated experience in closely supporting internal product teams; pure law firm backgrounds are likely not a fit for this role.

• Exposure to AI, SaaS, or high-growth technology product environments, including working closely with Product, Engineering, and Security teams.

• Strong technical curiosity and ability to understand product architecture and features, SaaS platforms, and data flows, enabling practical and actionable legal guidance.

• Commercial mindset - you understand that legal enables product velocity, not the reverse

• Excellent written and verbal communication; able to translate complex regulatory requirements into clear guidance and actionable recommendations.

Bonus:

• Experience building or scaling a privacy or product legal function.

• Privacy certifications such as CIPP (US, EU, or APAC), CIPM, or CIPT demonstrating expertise in privacy law or technical/privacy considerations.

• Experience using legislative and regulatory tracking platforms (e.g., FiscalNote, LexisNexis State Net, Quorum, or similar) to monitor emerging legislation affecting product development and compliance.

You should apply if:

• You're pragmatic, commercial and are excited to contribute to growth. You fundamentally view the role of an in-house legal team as a key contributor and cross-functional partner to fuel Ashby’s significant growth, rather than as a gatekeeper. You give advice that enables the business to move fast while managing risk appropriately.

• You see the regulatory environment as an opportunity to shape how a company builds products responsibly, not a compliance burden.

• You are skilled at building cross-functional relationships. This role will require you to work with many different Ashby teams including product, engineering, security and with some of our 3,700+ customers. Establishing strong relationships, particularly with product team members is crucial to the success of this role.

• You are proactive, solutions-oriented, and can ruthlessly prioritize. You provide highly commercial and clear legal advice that clearly considers relevant business context and you have strong operational follow-through.

• You are detail-oriented and want to be the expert. You’ll be the go-to person on product and privacy matters at Ashby. Understanding the specifics of our products and business and applying relevant legal advice are critical in this role.

• You’re comfortable evaluating complex situations, sometimes with incomplete or imperfect information, and adapting guidance as new details emerge to recommend practical, actionable next steps aligned with product and business goals.

• You want ownership. This isn't a role where you'll be handed a playbook. You'll build the compliance program, define the processes, and own the outcomes.

Why you shouldn’t apply:

• You prefer deep specialization in a single area (e.g., pure privacy) without broader product counseling responsibilities.

• Your preference is for academic legal and advisory work. We are looking for a lawyer who is primarily focused on driving growth at Ashby, tailors advice and recommendations to our business context and is highly practical.

• You're most comfortable in environments with established compliance programs and clear regulatory guidance.

• You have only law firm experience. We need someone who understands the pace and trade-offs of in-house w