- Own the legal framework for SOC 2, ISO 27001, and ISO 42001 compliance programs.
- Advise product and engineering on privacy-by-design, data protection impact assessments, and AI governance.
- Manage regulatory compliance for GDPR, CCPA/CPRA, EU AI Act, and emerging US state privacy laws.
- Serve as the escalation point for complex DPA and security addendum negotiations.
- Handle DPA and security addendum redlines for strategic and high-value customer deals.
- Maintain standard DPA, security addendum, and Information Security Addendum templates.
- Support enterprise sales by participating in security calls and responding to privacy inquiries.
- Manage relationships with external auditors, penetration testing firms, and privacy tooling providers.
- Advise on incident response, breach notification, and customer communications.
- Review Trust Center content, security marketing claims, and subprocessor disclosures.
SaaS