Senior Privacy Attorney Jobs (NOW HIRING)

About Lyra Health
Lyra Health is a leading provider of evidence-based mental health care, serving more than 20 million people globally in partnership with employers and more than 100 million through health plan and partner relationships. The company has delivered more than 15 million sessions of mental health care, published more than 35 peer-reviewed studies, and delivered unmatched outcomes in terms of access, clinical effectiveness, and cost efficiency. Extensive peer-reviewed research confirms Lyra's transformative care model helps people recover twice as fast and results in a 26% annual reduction in overall healthcare claims costs. Lyra is transforming access to life-changing mental health care through Lyra Empower, the only fully integrated, AI-powered platform combining the highest-quality care and technology solutions.
About the Role
You will be a critical member of Lyra's growing legal team, within its US Privacy division, supporting internal stakeholders in fulfilling Lyra's mission to bring mental and emotional health solutions to large employers across the country and around the world.
This is a full-time remote role and will report to Lyra's Sr. Director, Associate General Counsel - Global Privacy, and work closely in the US with the Privacy Counsel, US, the Sr. Privacy Manager, and the Senior Privacy Paralegal. The role will also involve working with the Privacy Counsel, International and the Data Protection Specialist, who are both based in the UK.
You will be expected to work independently in managing questions around a broad scope of privacy issues, conducting legal research, counseling internal stakeholders to resolve privacy questions, and leading projects to support the growth of both Lyra's privacy program and AI governance.
A significant portion of this role will be dedicated to AI-related work, including completing reviews of AI use cases (for example, relating to generative AI and agentic AI), and advising on AI-powered products, services, and tools.
The ideal candidate will be a passionate privacy attorney with a proactive nature, and an enthusiasm for new technologies, such as AI, and their governance, and someone who is searching for a collaborative environment brimming with novel questions.
The privacy division of Lyra's legal team plays an essential role at the company, responding to and managing complex privacy and AI questions and establishing a framework to support legal and programmatic privacy and AI initiatives. Experienced candidates are welcome to join our dynamic and passionate team.
Responsibilities

• Support Lyra's privacy program and advise internal stakeholders on privacy concerns related to Lyra's products and services, and the implementation of new technologies, such as AI.
>
• As a core component of the role, participate extensively in AI use case reviews, including those involving generative AI and agentic AI for internal use at Lyra, and in legal reviews and assessments relating to the development by Lyra of AI-powered products, services, and tools. Drive the AI use case review process forward to meet established SLAs, ensuring the business remains agile.
>
• Draft, maintain, and evolve AI governance documentation, including the Company's Responsible AI Policy and related standards, procedures, and guidance.
>
• Coordinate with internal teams to ensure corporate adherence to applicable state and federal privacy laws, including, but not limited to, CCPA and HIPAA.
>
• Stay abreast of, analyze, and advise on evolving US laws and regulations relating to privacy and AI at both the state and federal level. Update the legal team and the business on relevant new regulatory requirements and feed into policy and procedural documentation.
>
• Support international AI regulatory compliance by partnering with the Privacy Counsel, International on the EU AI Act and other global AI regulations, including leading horizon scanning efforts and proactively delivering insights and updates to the legal team and broader Lyra business.
>
• Collaborate with commercial counsel to ensure that privacy provisions in commercial agreements and Business Associate Agreements (BAAs) appropriately manage risk and comply with privacy policies, laws, rules, regulations, and company objectives.
>
• Review BAAs negotiated by commercial counsel and document data use permissions for new and existing customers.
>
• Work cross-functionally to advise product and business teams on potential privacy and AI regulatory implications of Lyra's new and existing product lines, including reviewing and approving product requirement documents (PRDs).
>
• Investigate, manage, document and report privacy incidents, including breaches, in accordance with applicable law, contractual requirements and corporate strategy.
>
• Participate in cross-functional teams working on AI governance and AI use case reviews.
>
• Other duties as assigned.
>

Qualifications

• Law degree from top-tier law school and membership in a state bar with good standing.
>
• A minimum of 3 to 5 years legal experience in-house or at a law firm.
>
• Experience analyzing and advising on health care privacy laws on the state and federal level; implementation of CCPA or GDPR programs a plus, as is experience advising on AI regulation and governance.
>
• Excellent problem-solving capabilities, judgment, communication (written and verbal), and interpersonal skills.
>
• Experience leading projects, including collecting, distilling and summarizing issues from relevant stakeholders and moving projects forward.
>
• Experience in solving product legal matters, including communicating and collaborating effectively with stakeholders with a wide range of legal and technical experience and knowledge.
>
• Ability to balance technical AI legal advice with operational process management.
>
• Experience working in-house with a technology company and/or health care organization strongly preferred.
>
• Ability to thrive in a high-performance culture, with strong prioritization skills, and the ability to manage multiple competing demands effectively.
>

Preferred qualifications, experience and attributes

• Strong background in Data Privacy coupled with significant, hands-on AI experience.
>
• AI-related professional certification (e.g., IAPP Artificial Intelligence Governance Professional (AIGP)) or equivalent professional study relating to AI.
>
• Privacy-related professional certification (e.g., IAPP CIPP/US).
>
• Experience of new US state AI regulation, for example:
  
  • California
  >
  • Colorado
  >
  • Texas
  >
  • Illinois
  >
  • New York (including NYC)
  >
  • Utah.
  >
• Ability to think quickly on your feet, convey grace under pressure, and manage shifting priorities.
>
• Ability to operate autonomously, yet collaboratively, apply good judgment as to when to escalate issues to senior members of the team,
>
• Bring a positive attitude to the workplace.
>
• Sense of humor.
>

$134,000 - $184,000 a year
As a full-time Privacy & AI Counsel, you will be employed by Lyra Health, Inc. The anticipated annual base salary range for this full-time position is $134,000 to $184,000. The base range is determined by role and level, and placement within the range will depend on a number of job-related factors, including but not limited to your skills, qualifications, experience and location. This role may also be eligible for discretionary bonuses.
Annual salary is only one part of an employee's total compensation package at Lyra. We also offer generous benefits that include:
-Comprehensive healthcare coverage (including medical, dental, vision, FSA/HSA, life and disability insurances)
-Lyra for Lyrians; coaching and therapy services
-Equity in the company through discretionary restricted stock units
-Competitive time off with pay policies including vacation, sick days, and company holidays
-Paid parental leave
-401K retirement benefits
-Monthly tech allowance
-We like to spread joy throughout the year with well-being perks and activities, surprise swag, regular community celebration...and more!
We can't wait to meet you.
"We are an Equal Opportunity Employer. We do not discriminate on the basis of race, color, religion, sex (including pregnancy), national origin, age, disability, genetic information or any other category protected by law.
By applying for this position, you acknowledge that your personal information will be processed as per the Lyra Health Workforce Privacy Notice. Through this application, to the extent permitted by law, we will collect personal information from you including, but not limited to, your name, email address, gender identity, employment information, and phone number for the purposes of recruiting and assessing suitability, aptitude, skills, qualifications, and interests for employment with Lyra. We may also collect information about your race, ethnicity, and sexual orientation, which is considered sensitive personal information under the California Privacy Rights Act (CPRA) and special category data under the UK and EU GDPR. Providing this information is optional and completely voluntary, and if you provide it you consent to Lyra processing it for the purposes as described at the point of collection, for example for diversity and inclusion initiatives. If you are a California resident and would like to limit how we use this information, please use the Limit the Use of My Sensitive Personal Information form. This information will only be retained for as long as needed to fulfill the purposes for which it was collected, as described above. Please note that Lyra does not "sell" or "share" personal information as defined by the CPRA. Outside of the United States, for example in the EU, Switzerland and the UK, you may have the right to request access to, or a copy of, your personal information, including in a portable format; request that we delete your information from our systems; object to or restrict processing of your information; or correct inaccurate or outdated personal information in our systems. These rights may be subject to legal limitations. To exercise your data privacy rights outside of the United States, please contact [email protected]. For more information about how we use and retain your information, please see our Workforce Privacy Notice."
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, summarizing interviews, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.