Senior Counsel

November 5

Apply Now

Receive Emails with Similar Jobs

Chainguard

WebsiteLinkedInAll Job Openings

Security • SaaS • Cybersecurity

Chainguard is a company that specializes in building secure container images to enhance software security and compliance. Their products include low-to-zero CVE container images, which are updated daily to maintain security and compliance standards such as FedRAMP, NIST 800-53, PCI-DSS, SOC2, and CIS benchmarks. Chainguard focuses on reducing vulnerabilities, automating compliance, and supporting development workflows without compromising on innovation and productivity. The company serves a wide range of industries, including highly regulated sectors, by providing hardened image solutions to mitigate software supply chain risks and enhance application security.

51 - 200 employees

Founded 2021

🔐 Security

☁️ SaaS

🔒 Cybersecurity

📋 Description

• You are an experienced privacy and commercial privacy attorney who owns customer/vendor DPA and Security Addendum negotiations end to end and runs day-to-day privacy tasks (notice updates, DSARs, DPIAs/PIAs, cookies, data mapping). • You’ll track and translate evolving frameworks (EU AI Act, NIS2, Cyber Resilience Act, DORA, and various U.S. state privacy/AI laws) into crisp guidance, templates, and playbooks that help the business move faster. • Ensure our global processing complies with all applicable data protection laws, including CCPA and GDPR. • Provide key privacy/AI insights to partner teams for vendor due diligence and third-party tooling security assessments. • Run core privacy program work: update and draft global privacy notices, handle DSARs, complete DPIAs/PIAs, manage cookie compliance, and maintain data maps/inventories. • Track and implement regulatory requirements (EU AI Act, NIS2, Cyber Resilience Act, DORA, and various U.S. state privacy/AI laws) and turn them into practical, business-ready guidance. • Partner cross-functionally and level up our legal operations (templates, playbooks, regulatory gap assessments, sales-enablement slides to educate customers on how we are tackling new privacy challenges, and white papers). • Jump in with general legal support as needed.

🎯 Requirements

• JD from an accredited law school; active bar in at least one U.S. state (or eligible for in-house counsel registration). • 6+ years of privacy and/or commercial privacy experience (global law firm + in-house mix ideal), familiarity with U.S. state privacy laws, and comfort with EU frameworks. • In-depth privacy expertise interpreting local and international AI laws, regulations, and frameworks. Hands-on experience building out DSAR processes, conducting DPIAs/PIAs, drafting global privacy and employee notices, and overseeing cookie compliance. • Working knowledge of, or keen interest in, open-source licensing in commercial settings. • Clear, pragmatic communicator with excellent stakeholder management; thrive in fast-moving, multi-threaded environments. • Bonus: experience in technology, cybersecurity, open source, or SaaS companies; incident-response exposure is a plus; CIPP/US and/or CIPP/E preferred.

🏖️ Benefits

• Flexible & Remote-First Culture: Work remotely with team meetup opportunities, bi-annual destination summits, and a monthly stipend for coworking spaces, phone and internet costs. • Our Approach to Equity: Receive stock options upon hire and promotion. Plus, you can participate in secondary offerings and have 10 years to exercise your options (yes, you read that correctly: 10 years!). • 100% Covered Health Insurance: We cover 100% of your health, vision and dental insurance premiums for you and your dependents. Nothing comes out of your paycheck. • ∞ Flexible Time Off: Take the time you need – to do our best work, we need to recharge and reset. • 18 Weeks Paid Parental Leave: We offer 18 weeks for birthing parents and 12 weeks for non-birthing parents, with the option to use it all at once or throughout your child's first year.