Job Description
GC AI is the fastest-growing and most trusted legal AI platform for in-house legal teams. We're building the future of legal work and we're doing it fast. You'll join at a pivotal moment—when decisions matter impact is immediate and the runway to shape your career is wide open. We’re a high-performing team where you'll have real ownership and influence from day one.
More than 1700 companies use GC AI to drive their business forward including 150+ public companies 25+ unicorns and brands such as News Corp Miro Bass Pro Shops Snyk Skims Liquid Death Vercel Zscaler and TIME.
We've 10x'd revenue in 12 months raised a $60 million Series B ($555 million valuation) and are growing faster than ever. We are backed by incredible investors including Scale Venture Partners Northzone Sound Ventures and Guillermo Rauch CEO of Vercel.
If you thrive when the stakes are high and the path isn't paved you'll love it here. Our six guiding principles are: 1% better every day customer obsession ship today find a way care deeply and own it completely. Come shape the future of legal work with us.
About The RoleAs Senior Privacy & Security Counsel you will own GC AI's privacy data protection and security compliance legal work reporting to the General Counsel initially. You will be the go-to lawyer for everything from GDPR and CCPA compliance to SOC 2 and ISO certification programs DPA negotiations and AI governance. You will partner with the Privacy & Compliance team on operational execution work alongside the commercial legal team on customer-facing data protection terms and advise product and engineering on privacy-by-design. At a company that builds legal AI you will also be shaping how privacy and security counsel work gets done in the future.
The Impact You Will HaveOwn GC AI's privacy and security legal posture across every regulatory framework that touches the business.
Serve as the internal subject matter expert that product engineering sales and the commercial legal team rely on for privacy and security guidance.
Directly enable enterprise deals by handling the DPA and security addendum negotiations
that sophisticated customers require.
Build and maintain the privacy and security playbook positions that scale with GC AI's growth.
Keep GC AI ahead of the regulatory curve on AI governance international privacy
frameworks and emerging US state privacy laws.
Own the legal framework for GC AI's SOC 2 ISO 27001 and ISO 42001 compliance
programs partnering with the GRC and Compliance team on operational execution.
Advise product and engineering on privacy-by-design data protection impact assessments and AI governance requirements.
Own GC AI's regulatory compliance posture for GDPR CCPA/CPRA EU AI Act and emerging US state privacy laws.
Serve as the escalation point for complex DPA and security addendum negotiations working alongside the commercial legal team.
Directly handle DPA and security addendum redlines for strategic and high-value customer deals.
Maintain and evolve GC AI's standard DPA security addendum and Information Security Addendum templates and playbook positions.
Support enterprise sales by joining security calls with sophisticated prospects and responding to detailed security and privacy inquiries.
Assist with managing relationships with external auditors and compliance vendors (e.g. SOC 2 auditors penetration testing firms privacy tooling providers).
Advise on incident response legal obligations breach notification requirements and customer communications.
Own the legal review of the Trust Center security marketing claims and subprocessor disclosures.
Provide guidance on cross-border data transfers international privacy frameworks and jurisdiction-specific data protection requirements.
Assist with other compliance projects (including entity compliance management)
Take on additional projects and tasks as needed in response to the evolving needs of a fast- growing startup.
JD and active bar membership in at least one US jurisdiction.
5-10 years of privacy and security legal experience with a meaningful portion in-house at a technology or SaaS company.
Deep working knowledge of GDPR CCPA/CPRA and the broader US and international data protection regulatory landscape.
Experience supporting sales processes at a B2B SaaS company including security reviews procurement questionnaires and customer-facing calls.
Experience negotiating DPAs and data protection terms in a B2B SaaS context including GDPR Article 28 processor obligations standard contractual clauses and cross-border transfer mechanisms.
Demonstrated ability to work independently prioritize competing demands and deliver under pressure.
Comfort working at startup pace with ambiguity shifting priorities and limited precedent.
CIPP/US CIPP/E or similar privacy certification.
Experience with AI governance frameworks (EU AI Act NIST AI RMF) or ISO 42001.
Hands-on experience supporting security compliance programs (SOC 2 ISO 27001 or similar) including policy drafting audit support and gap analysis.
Background in cybersecurity incident response or breach management.
Experience at a high-growth startup or scale-up company (Series B through pre-IPO).
Prior big law firm experience in privacy data protection or technology transactions
This is a remote role unless you fall within the following parameters. If you live within approximately 50 miles of our San Mateo CA or Provo UT office the position follows a hybrid schedule with in-office days on Tuesdays Wednesdays and Thursdays.
GC AI is an equal opportunity employer that supports workplace diversity and does not discriminate on the basis of race color religion gender identity/expression national origin age military service eligibility veteran status sexual orientation marital status physical or mental disability or any other protected class. GC AI is committed to working with and providing reasonable accommodation to applicants with physical and mental disabilities. #LI-GCAI
To protect yourself against phishing and recruitment fraud please note that GC AI only accepts job applications through our official careers page at https://gc.ai/careers and through sponsored jobs on LinkedIn. All legitimate communication from our team regarding job opportunities will come from a GC AI team member with a @gc.ai or @getgc.ai email address.
GC AI will never:
Refer you to external websites to apply
Conduct interviews over email chat platforms or messaging apps
Ask you to provide payment or purchase equipment
Request personal or financial information such as your mailing address social security number credit card numbers or banking information during the application process
Examples of fraudulent email addresses:
Any email address ending in @gmail.com @yahoo.com or other free email services
If you are contacted by someone claiming to be from GC AI via an unofficial channel or from a suspicious email address please do not share any information. Mark the communication as "phishing" or "spam" and do not respond.
Skills Required
- JD and active bar membership in at least one US jurisdiction
- 5-10 years of privacy and security legal experience with meaningful portion in-house at a technology or SaaS company
- Deep working knowledge of GDPR CCPA/CPRA and international data protection regulatory landscape
- Experience supporting sales processes at a B2B SaaS company including security reviews procurement questionnaires and customer-facing calls
- Experience negotiating DPAs and data protection terms including GDPR Article 28 processor obligations SCCs and cross-border transfer mechanisms
- Demonstrated ability to work independently prioritize competing demands and deliver under pressure
- Comfort working at startup pace with ambiguity shifting priorities and limited precedent
- CIPP/US CIPP/E or similar privacy certification
- Experience with AI governance frameworks (EU AI Act NIST AI RMF) or ISO 42001
- Hands-on experience supporting security compliance programs (SOC 2 ISO 27001) policy drafting audit support and gap analysis
- Background in cybersecurity incident response or breach management
- Experience at a high-growth startup or scale-up (Series B through pre-IPO)
- Prior big law firm experience in privacy data protection or technology transactions
GC AI Compensation & Benefits Highlights
How does GC AI ensure its pay and bonus plans are competitive?
GC AI ensures its pay and bonus plans are competitive through a structured and transparent compensation approach. The company publishes pay transparency uses defined pay bands with transparent earning potential and sets defined commission tiers and policies for applicable roles. Its compensation package also includes company equity and a 401(k) giving employees a clear view of both immediate pay and long-term financial upside.
GC AI reinforces that compensation philosophy with practices that create consistency and clarity across the employee experience. The company promotes from within supports learning and development and maintains defined working hours availability expectations and goal-setting through an OKR operating model. For job seekers that signals a workplace where compensation is tied to clearly established expectations growth opportunities and a rewards structure designed to stay competitive as the company scales.
GC AI Insights
What We Do
GC AI is the leading legal AI platform built specifically for in-house teams to solve the high-precision workflows they face every day. With powerful features like Easy Prompt™ Exact Quote™ citations and native Microsoft Word integration GC AI enables legal professionals to be strategic business partners through faster and more accurate drafting reviewing researching and redlining. Purpose-built for sensitive high-stakes matters the platform leverages five large language models while maintaining enterprise-grade security as a SOC 2 Type II certified provider that never uses confidential data for training. Founded by three-time General Counsel Cecilia Ziniti and AI engineer Bardia Pourvakil GC AI is trusted by over 1600 legal teams globally including brands like News Corp Skims TIME Inc. Liquid Death and Vercel. Discover the difference of becoming an AI-powered lawyer. Try it free or book a demo at gc.ai.
Why Work With Us
GC AI offers a rare opportunity to join a high-growth category leader at the intersection of generative AI and deep legal expertise. Our culture is defined by a "1% better every day" philosophy favoring curious customer-obsessed builders who thrive in a high-ownership environment where they can see the immediate impact of their work.
Gallery
GC AI Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
Many roles are eligible for remote work in the U.S. and Canada. For folks who live within 50 miles of our San Mateo CA or Provo UT offices we value in-person collaboration and work in the office on Tuesday Wednesday and Thursday.
Explore More
Date Posted
07/02/2026
Views
0
Similar Jobs
Full Stack Developer first UK - Better Futures Multi Academy Trust
Views in the last 30 days - 0
View Details
