Commercial Counsel

About SecurityScorecard:

SecurityScorecard is the global leader in cybersecurity ratings, with over 12 million companies continuously rated, operating in 64 countries. Founded in 2013 by security and risk experts Dr. Alex Yampolskiy and Sam Kassoumeh and funded by world-class investors, SecurityScorecard’s patented rating technology is used by over 25,000 organizations for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting; making all organizations more resilient by allowing them to easily find and fix cybersecurity risks across their digital footprint. 

Headquartered in New York City, our culture has been recognized by Inc Magazine as a "Best Workplace,” by Crain’s NY as a "Best Places to Work in NYC," and as one of the 10 hottest SaaS startups in New York for two years in a row. Most recently, SecurityScorecard was named to Fast Company’s annual list of the World’s Most Innovative Companies for 2023 and to the Achievers 50 Most Engaged Workplaces in 2023 award recognizing “forward-thinking employers for their unwavering commitment to employee engagement.”  SecurityScorecard is proud to be funded by world-class investors including Silver Lake Waterman, Moody’s, Sequoia Capital, GV and Riverwood Capital.

 

About the Role

SecurityScorecard is transitioning from the global leader in cybersecurity ratings to the pioneer of Agentic TPRM — a future where autonomous, AI-driven workflows transform how organizations understand and manage third-party risk at scale. As we accelerate this transformation, Team Legal plays a mission-critical role in enabling the commercial velocity that fuels it.

We are seeking a sophisticated, high-caliber Commercial Counsel to join the team and serve as a trusted strategic partner to our go-to-market and technology organizations. This is not a paper-shuffling contract role — we want a lawyer who brings genuine business judgment, commercial creativity, and a command of the legal landscape surrounding AI, cybersecurity, and SaaS. You will be embedded deeply in the business, counseling across a wide range of complex commercial, regulatory, and strategic issues, and you will be expected to build and modernize the legal infrastructure that supports a company moving at startup speed with enterprise stakes.

Reporting to the General Counsel, this role will collaborate closely with all members of Team Legal as well as Sales, Finance, Partnerships, Product, and Privacy. You will be a core driver of legal operational excellence and a steward of the company's commitment to agentic, AI-native workflows — including the automation and intelligent management of our global contracting processes.

 

Core Mandate

• Commercial Excellence: You bring deep fluency in complex SaaS, data, and technology contracts. You close deals thoughtfully and fast, protecting the company without being a roadblock to growth.
• Agentic & AI-Native Mindset: You embrace AI-powered legal tools and automation as first-line instruments — not afterthoughts. You will actively contribute to and champion the buildout of automated contracting, AI-assisted contract review, and scalable legal workflows aligned with our Agentic TPRM vision.
• Strategic Business Partnership: You earn trust by being a practical, solutions-oriented partner who understands that legal is a business function. You balance risk and opportunity with sound judgment.
• Operational Rigor: You help build the infrastructure of Team Legal — playbooks, escalation frameworks, metrics, and processes that make the legal function faster, smarter, and more transparent.
• Product & Regulatory Awareness: You stay ahead of the evolving legal landscape in cybersecurity, AI, and data privacy, advising the business on how these issues intersect with our products and commercial relationships.

 

Key Responsibilities

• Review, draft, and negotiate a broad range of commercial agreements, including enterprise SaaS agreements, data processing addenda, partnership and reseller agreements, professional services agreements, technology vendor contracts, and NDAs — with a strong emphasis on high-value and high-complexity enterprise deals.
• Serve as the primary legal point of contact for the Sales organization, providing responsive, practical guidance that enables deal velocity without sacrificing legal integrity.
• Counsel the business on legal issues arising from SSC's AI-powered and agentic product capabilities, including issues related to data use, model liability, intellectual property, and evolving regulatory requirements.
• Develop and maintain contract playbooks, standard forms, fallback positions, and internal approval frameworks to create consistency, speed, and scalability across commercial contracting.
• Lead and advance Team Legal's automation and AI adoption efforts — evaluating and implementing contract lifecycle management tools, AI-assisted review platforms, and other legal tech solutions aligned with the company's broader Agentic TPRM roadmap.
• Work with Team Legal on cross-functional legal matters including data privacy (GDPR, CCPA, and emerging frameworks), intellectual property, employment law, regulatory compliance, and corporate governance.
• Track and report on key legal metrics (cycle time, deal volume, escalation patterns, risk exposure) to support data-driven decision-making within Team Legal and with executive stakeholders.
• Contribute to the ongoing development of Team Legal's operational processes, ensuring the function scales effectively as the business grows.

 

Required Qualifications

• JD from an accredited law school; licensed to practice law in at least one U.S. state.
• 5–8 years of commercial legal experience, with a meaningful combination of law firm and in-house roles. Prior in-house experience at a SaaS, cybersecurity, or technology company strongly preferred.
• Demonstrated mastery of enterprise technology and SaaS contracting, including deep familiarity with data processing agreements, IP ownership and licensing provisions, limitation of liability structures, and SLA frameworks.
• Proven ability to manage high deal volumes with speed and quality, building trust with Sales and Go-To-Market teams as a true enabler.
• Excellent written and verbal communication skills, with the ability to explain complex legal concepts clearly to non-lawyers and executive stakeholders.
• Sound judgment and intellectual honesty — you know when to hold firm and when to be pragmatic, and you communicate your reasoning clearly.
• Comfort operating in ambiguity, managing competing priorities, and making quality decisions under time pressure.
• Genuine enthusiasm for AI, automation, and legal technology as tools for transforming how legal work gets done.

 

Bonus Qualifications

• Experience advising on AI product features, machine learning data rights, or the commercialization of AI-powered offerings.
• Background in or strong familiarity with cybersecurity, third-party risk management, or the regulatory frameworks governing them (e.g., NIST, ISO 27001, NIS2, DORA).
• Experience implementing or administering contract lifecycle management (CLM) platforms or other legal tech tools.
• Familiarity with global data protection regimes (GDPR, CCPA/CPRA) and how they intersect with enterprise commercial agreements.

 

Keys to Success

• You show up as a business partner first and a lawyer second — without ever compromising your professional obligations.
• You are proactively curious about SSC's products, customers, and competitive landscape, and that curiosity makes you a better counselor.
• You bring a strong sense of ownership: you identify problems and fix them, rather than waiting to be asked.
• You operate with urgency and a bias toward action, while remaining thoughtful about risk.
• You embrace SSC's agentic, AI-native culture and actively look for ways to apply automation and intelligent tools to your own work.
• You are a collaborative team player who elevates everyone around you and builds trust across the organization.

 

Benefits:

Specific to each country, we offer a competitive salary, stock options, Health benefits, and unlimited PTO, parental leave, tuition reimbursements, and much more!

Actual compensation for the position is based on a variety of factors, including, but not limited to affordability, skills, qualifications and experience, and may vary from the range. In addition to base salary, employees may also be eligible for annual performance-based incentive compensation awards and equity, among other company benefits. 

SecurityScorecard is committed to Equal Employment Opportunity and embraces diversity. We believe that our team is strengthened through hiring and retaining employees with diverse backgrounds, skill sets, ideas, and perspectives. We make hiring decisions based on merit and do not discriminate based on race, color, religion, national origin, sex or gender (including pregnancy) gender identity or expression (including transgender status), sexual orientation, age, marital, veteran, disability status or any other protected category in accordance with applicable law. 

We also consider qualified applicants regardless of criminal histories, in accordance with applicable law. We are committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. If you need assistance or accommodation due to a disability, please contact talentacquisitionoperations@securityscorecard.io.

Any information you submit to SecurityScorecard as part of your application will be processed in accordance with the Company’s privacy policy and applicable law. 

SecurityScorecard does not accept unsolicited resumes from employment agencies.  Please note that we do not provide immigration sponsorship for this position.   #LI-DNI