Senior Program Manager: Privacy & AI

At Docker, we make app development easier so developers can focus on what matters. Our remote-first team spans the globe, united by a passion for innovation and great developer experiences. With over 20 million monthly users and 20 billion image pulls, Docker is the #1 tool for building, sharing, and running apps—trusted by startups and Fortune 100s alike. We’re growing fast and just getting started. Come join us for a whale of a ride!

Docker is hiring a Senior Program Manager: Data Privacy and AI.

This role reports directly to our VP and Head of Legal.

Role Summary:

This is a hands-on role for someone who has demonstrated experience building and running privacy programs inside a technology company, and understands how modern SaaS and AI products process and utilize data.

You will be the go-to Dockhand for data privacy and AI compliance across the company.

In this role you’ll work closely with Engineering, Product, Security, Sales, Compliance, IT, and Legal to ensure our products and practices meet global privacy and emerging AI regulations. You will not just interpret rules, you’ll translate them into practical, scalable processes that ensure compliance while optimizing product innovation and company growth.

Your work will directly impact how we safeguard the personal information of our customers, partners, and employees across domestic and international operations.

Why This Role Matters:

Docker is expanding its AI and cloud offerings. Privacy and AI compliance are central to how we build trust with customers and scale responsibly.

You will work directly with senior leadership and influence how privacy and AI governance evolve as our products grow.

This is high-visibility, high-impact work with real ownership and room to expand scope, based on need, as the company evolves.

Role Scope & Responsibilities:

• Lead privacy and AI risk assessments and audits for new and existing products

• Own DPIAs, maintain records of processing activities, and manage DSAR workflows

• Partner with Product and Engineering during launches to assess data use, retention, cross-border transfers, and AI implications

• Proactively recommend updates to DPAs, AI addendums, terms, and related legal documentation as products evolve

• Monitor and analyze changes in global privacy and AI regulations and advise leadership on required updates

• Collaborate with Legal, Compliance, IT, and Security to ensure privacy documentation, controls, and processes remain current and aligned with product changes

• Support investigation and resolution of privacy-related inquiries in partnership with Legal and Security

• Support customer privacy and security questionnaires alongside Sales, Deal Desk, and GRC

• Design and deliver internal privacy and AI training

• Improve and scale privacy tools, intake processes, and cross-functional workflows

Required Qualifications:

• Bachelor’s degree in Computer Science, Engineering, Law, or related field, or equivalent demonstrated professional experience

• 5+ years of hands-on experience in data privacy, data protection, and/or AI within a technology or SaaS company

• Demonstrated experience conducting privacy risk assessments, DPIAs, audits, and implementing mitigation measures

• Practical working knowledge of GDPR and CCPA/CPRA with day-to-day implementation experience

• Experience supporting or implementing AI governance practices, including assessing how AI systems use and process company or customer data

• AI-Native prompting capability.

• Experience collaborating with Security or GRC teams in regulated environments such as SOC 2 or ISO 27001

• Experience managing or materially contributing to DSAR processes and maintaining records of processing activities

• Experience working on DPAs and privacy-related contract terms

• At least one current privacy certification such as CIPP/E or CIPP/US (or equivalent)

Strongly Preferred:

• Direct experience operationalizing data privacy for developer-focused software

• Familiarity with emerging AI regulations such as the EU AI Act

• Familiarity with additional regulatory frameworks such as HIPAA or industry-specific compliance standards

• Experience delivering privacy or compliance training

• Experience supporting customer privacy and security questionnaires

• Experience working with privacy management tools or workflow systems

This role could be a great fit for someone who has been in the weeds building processes, working cross-functionally, and improving programs over time in a developer-focused company.

It is not a fit for someone who has not directly operationalized compliance inside a technology organization.

What to Expect -

First 30 Days:

• Meet with the Head of Legal to understand Docker’s privacy and AI vision

• Review existing privacy policies, documentation, and security controls

• Become familiar with Docker’s data flows and product architecture

• Build relationships with Product, Engineering, Sales, Deal Desk, Marketing, IT, and Security

• Begin supporting customer privacy and data protection questionnaires

First 90 Days:

• Establish a structured process for maintaining and updating Docker’s privacy and AI compliance program

• Deliver a data-driven 6-month and 12-month roadmap for privacy and AI program improvements

• Participate in customer calls to address privacy and AI-related questions

• Take ownership of privacy and AI components of customer data protection questionnaires

• Collaborate with Legal and outside counsel on privacy and AI-related contractual requests

One Year Outlook:

• Maintain strong working cadence with cross-functional teams

• Provide regular updates to Legal leadership on program maturity and risk posture

• Streamline and scale Docker’s privacy and AI program to support domestic and international growth

• Establish the privacy function as a trusted, proactive partner that enables product innovation and customer trust

Docker does not offer any type of visa sponsorship for this role.

We use Covey as part of our hiring and / or promotional process for jobs in NYC and certain features may qualify it as an AEDT. As part of the evaluation process we provide Covey with job requirements and candidate submitted applications. We began using Covey Scout for Inbound on April 13, 2024.

Please see the independent bias audit report covering our use of Covey here.

Perks

• Freedom & flexibility; fit your work around your life

• Designated quarterly Whaleness Days plus end of year Whaleness break

• Home office setup; we want you comfortable while you work

• 16 weeks of paid Parental leave

• Technology stipend equivalent to $100 net/month

• PTO plan that encourages you to take time to do the things you enjoy

• Training stipend for conferences, courses and classes

• Equity; we are a growing start-up and want all employees to have a share in the success of the company

• Docker Swag

• Medical benefits, retirement and holidays vary by country

• Remote-first culture, with offices in Seattle and Paris

Docker embraces diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our company will be.

#LI-REMOTE