Aimed at mid-level commercial lawyers with SaaS and cybersecurity expertise who thrive in AI-driven legal operations.
Derived from job-description analysis by Serendipath's career intelligence engine.
Original posting from Securityscorecard via Greenhouse
About SecurityScorecard:
SecurityScorecard is the global leader in cybersecurity ratings, with over 12 million companies continuously rated, operating in 64 countries. Founded in 2013 by security and risk experts Dr. Alex Yampolskiy and Sam Kassoumeh and funded by world-class investors, SecurityScorecard’s patented rating technology is used by over 25,000 organizations for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting; making all organizations more resilient by allowing them to easily find and fix cybersecurity risks across their digital footprint.
Headquartered in New York City, our culture has been recognized by Inc Magazine as a "Best Workplace,” by Crain’s NY as a "Best Places to Work in NYC," and as one of the 10 hottest SaaS startups in New York for two years in a row. Most recently, SecurityScorecard was named to Fast Company’s annual list of the World’s Most Innovative Companies for 2023 and to the Achievers 50 Most Engaged Workplaces in 2023 award recognizing “forward-thinking employers for their unwavering commitment to employee engagement.” SecurityScorecard is proud to be funded by world-class investors including Silver Lake Waterman, Moody’s, Sequoia Capital, GV and Riverwood Capital.
About the Role
SecurityScorecard is transitioning from the global leader in cybersecurity ratings to the pioneer of Agentic TPRM — a future where autonomous, AI-driven workflows transform how organizations understand and manage third-party risk at scale. As we accelerate this transformation, Team Legal plays a mission-critical role in enabling the commercial velocity that fuels it.
We are seeking a sophisticated, high-caliber Commercial Counsel to join the team and serve as a trusted strategic partner to our go-to-market and technology organizations. This is not a paper-shuffling contract role — we want a lawyer who brings genuine business judgment, commercial creativity, and a command of the legal landscape surrounding AI, cybersecurity, and SaaS. You will be embedded deeply in the business, counseling across a wide range of complex commercial, regulatory, and strategic issues, and you will be expected to build and modernize the legal infrastructure that supports a company moving at startup speed with enterprise stakes.
Reporting to the General Counsel, this role will collaborate closely with all members of Team Legal as well as Sales, Finance, Partnerships, Product, and Privacy. You will be a core driver of legal operational excellence and a steward of the company's commitment to agentic, AI-native workflows — including the automation and intelligent management of our global contracting processes.
Core Mandate
Commercial Excellence: You bring deep fluency in complex SaaS, data, and technology contracts. You close deals thoughtfully and fast, protecting the company without being a roadblock to growth.
Agentic & AI-Native Mindset: You embrace AI-powered legal tools and automation as first-line instruments — not afterthoughts. You will actively contribute to and champion the buildout of automated contracting, AI-assisted contract review, and scalable legal workflows aligned with our Agentic TPRM vision.
Strategic Business Partnership: You earn trust by being a practical, solutions-oriented partner who understands that legal is a business function. You balance risk and opportunity with sound judgment.
Operational Rigor: You help build the infrastructure of Team Legal — playbooks, escalation frameworks, metrics, and processes that make the legal function faster, smarter, and more transparent.
Product & Regulatory Awareness: You stay ahead of the evolving legal landscape in cybersecurity, AI, and data privacy, advising the business on how these issues intersect with our products and commercial relationships.
Key Responsibilities
Review, draft, and negotiate a broad range of commercial agreements, including enterprise SaaS agreements, data processing addenda, partnership and reseller agreements, professional services agreements, technology vendor contracts, and NDAs — with a strong emphasis on high-value and high-complexity enterprise deals.
Serve as the primary legal point of contact for the Sales organization, providing responsive, practical guidance that enables deal velocity without sacrificing legal integrity.
Counsel the business on legal issues arising from SSC's AI-powered and agentic product capabilities, including issues related to data use, model liability, intellectual property, and evolving regulatory requirements.
Develop and maintain contract playbooks, standard forms, fallback positions, and internal approval frameworks to create consistency, speed, and scalability across commercial contracting.
Lead and advance Team Legal's automation and AI adoption efforts — evaluating and implementing contract lifecycle management tools, AI-assisted review platforms, and other legal tech solutions aligned with the company's broader Agentic TPRM roadmap.
Work with Team Legal on cross-functional legal matters including data privacy (GDPR, CCPA, and emerging frameworks), intellectual property, employment law, regulatory compliance, and corporate governance.
Track and report on key legal metrics (cycle time, deal volume, escalation patterns, risk exposure) to support data-driven decision-making within Team Legal and with executive stakeholders.
Contribute to the ongoing development of Team Legal's operational processes, ensuring the function scales effectively as the business grows.
Required Qualifications
JD from an accredited law school; licensed to practice law in at least one U.S. state.
5–8 years of commercial legal experience, with a meaningful combination of law firm and in-house roles. Prior in-house experience at a SaaS, cybersecurity, or technology company strongly preferred.
Demonstrated mastery of enterprise technology and SaaS contracting, including deep familiarity with data processing agreements, IP ownership and licensing provisions, limitation of liability structures, and SLA frameworks.
Proven ability to manage high deal volumes with speed and quality, building trust with Sales and Go-To-Market teams as a true enabler.
Excellent written and verbal communication skills, with the ability to explain complex legal concepts clearly to non-lawyers and executive stakeholders.
Sound judgment and intellectual honesty — you know when to hold firm and when to be pragmatic, and you communicate your reasoning clearly.
Comfort operating in ambiguity, managing competing priorities, and making quality decisions under time pressure.
Genuine enthusiasm for AI, automation, and legal technology as tools for transforming how legal work gets done.
Bonus Qualifications
Experience advising on AI product features, machine learning data rights, or the commercialization of AI-powered offerings.
Background in or strong familiarity with cybersecurity, third-party risk management, or the regulatory frameworks governing them (e.g., NIST, ISO 27001, NIS2, DORA).
Experience implementing or administering contract lifecycle management (CLM) platforms or other legal tech tools.
Familiarity with global data protection regimes (GDPR, CCPA/CPRA) and how they intersect with enterprise commercial agreements.
Keys to Success
You show up as a business partner first and a lawyer second — without ever compromising your professional obligations.
You are proactively curious about SSC's products, customers, and competitive landscape, and that curiosity makes you a better counselor.
You bring a strong sense of ownership: you identify problems and fix them, rather than waiting to be asked.
You operate with urgency and a bias toward action, while remaining thoughtful about risk.
You embrace SSC's agentic, AI-native culture and actively look for ways to apply automation and intelligent tools to your own work.
You are a collaborative team player who elevates every