- Maintain and expand existing PCI, GDPR, and CCPA programs including policies, documentation, audit readiness, and internal controls.
- Manage SOC 2 controls in partnership with Engineering and Security teams and run the annual audit with external partners.
- Oversee vendor compliance reviews and risk assessments.
- Monitor regulatory changes, lead privacy impact assessments, and serve as the point person for compliance, privacy, and legal inquiries.
- Build the legal operations function from the ground up, including contract intake, review workflows, repository organization, and playbooks.
- Coordinate contract review with outside counsel and manage legal spend.
- Oversee trademark filings, renewals, and IP strategy.
Risk ManagementSaaS