Big Ideas. Real People.

At Orca, in the right environment and with the right team, talent has no boundaries. This team spirit, together with our drive to always aim high, has quickly earned us unicorn status and turned us into a global cloud security innovation leader. So if you’re ready to join an amazing team of people who inspire each other every day, now is the time to find your place in our pod.

We’re looking for driven and talented people like you to join our CISO team and our mission to change the future of cloud security. Ready to dive in and swim with our pod?

Highlights:

• High-growth: Over the seven years, we’ve consistently achieved milestones that take other companies a decade or more. During this time, we’ve significantly grown our employee base, expanded our customer reach, and rapidly advanced our product capabilities.
• Disruptive innovation: Our founders saw that traditional security didn’t work for the cloud, so they set out to carve a new path. We’re relentless pioneers who invented agentless technology and continue to be the most comprehensive and innovative cloud security company.
• Well-capitalized: With a valuation of $1.8 billion, Orca is a cybersecurity unicorn dominating the cloud security space. We’re backed by an impressive team of investors such as Capital G, ICONIQ, GGV, and SVCI, a syndicate of CISOs who invest their own money after conducting their due diligence.
• Respectful and transparent culture: Our executives pride themselves on being accessible to everyone and believe in sharing knowledge with the employees. Each employee has a place in shaping the future of our industry.

About the role:

We are seeking an experienced Regulatory Compliance Counsel to lead and strengthen our global privacy and regulatory compliance program, with a strong focus on enterprise customer engagements and contractual compliance. This role combines internal privacy governance with extensive customer facing compliance work in a fast growing global technology environment.

Key Responsibilities -

Customer & Contractual Compliance (Primary Focus)

• Lead privacy and regulatory engagements with B2B enterprise customers
• Support contract negotiations related to privacy, data protection, and compliance commitments
• Review and negotiate DPAs, security addendums, and regulatory clauses
• Support RFI/RFP processes and enterprise due diligence
• Complete privacy & security questionnaires
• Participate in customer compliance and audit calls
• Maintain and govern the company Trust Center

Privacy Governance

• Lead privacy-by-design across product development and system changes
• Conduct and manage DPIAs and Records of Processing
• Maintain and advance our ISO/IEC 27701 framework
• Oversee data mapping and privacy documentation

Regulatory Compliance

• Monitor and operationalize global regulations including:
• DORA
• FedRAMP
• Cyber Resilience Act
• AI-related regulations (EU AI Act)
• Manage corporate compliance policies and regulatory gap assessments

AI & Emerging Risk Governance

• Provide input on AI-related privacy and compliance considerations
• Support ISO 42001 (AI) roadmap and governance planning.

About you:

• 3+ years in Privacy, Compliance, Legal, or GRC roles
• Proven experience working with B2B enterprise customers
• Hands-on experience managing privacy and compliance engagements with international clients
• Experience reviewing and negotiating customer-facing privacy and compliance agreements (DPAs, security addendums)
• Strong experience with ISO 27701 and global privacy frameworks
• Experience supporting enterprise sales processes (RFI/RFP)
• Ability to work cross-functionally with Product, Security, Legal, and Sales
• Strong analytical and documentation skills
• Flexibility to work with international customers across different time zones

Nice to have:

• AI governance exposure
• Experience in SaaS / cloud environments