Privacy & Compliance Coordinator

Summary: GC AI is the fastest-growing and most trusted legal AI platform for in-house legal teams. The Privacy & Compliance Coordinator will support the company's security questionnaire process and daily privacy and compliance operations, ensuring accurate responses to customer inquiries and maintaining compliance as the company scales. Responsibilities: - Assist with the security questionnaire process: draft responses using existing templates and the centralized answer repository, coordinate with internal subject matter experts, and track deadlines - Help maintain and update the centralized repository of security questionnaire responses under the guidance of your manager - Support privacy and compliance program operations, including updating records of processing activities, data maps, and policy documentation - Assist with preparation for and maintenance of security certifications and frameworks (SOC 2, ISO 27001, etc.) by gathering evidence and organizing documentation - Track privacy and compliance regulatory developments flagged by the Legal team, and help keep internal tracking materials current - Coordinate with Security Engineering to collect technical inputs for questionnaire responses and compliance documentation - Support internal audits, vendor assessments, and third-party due diligence requests by compiling requested materials - Help maintain and update GC AI's privacy policies, cookie policies, and customer-facing compliance documentation as directed - Assist the Legal team with DPA-related tasks such as logging requests, tracking status, and organizing executed agreements - Take on additional projects and tasks as needed in response to the evolving needs of a fast-growing startup Required Qualifications: - Bachelor's degree - 0-2 years of professional experience (internships, co-ops, or part-time roles count) - Strong organizational skills with the ability to track multiple tasks and deadlines with close attention to detail - Excellent written communication: you can write clearly, accurately, and concisely - High attention to detail and a low tolerance for errors - Comfort learning new software tools quickly (Google Workspace, Slack, project management tools) - Genuine interest in privacy, data protection, information security, or compliance as a career path - A proactive attitude: you follow instructions carefully, ask good questions when something is unclear, and don't let tasks fall through the cracks Preferred Qualifications: - 2-5 years of professional experience - Coursework, internship, or early career experience in privacy, compliance, information security, legal operations, or a related field - Exposure to security questionnaires, RFPs, or compliance assessments in any capacity - Familiarity with concepts like SOC 2, ISO 27001, GDPR, or CCPA (even from coursework or self-study) - Privacy or security certification in progress or planned (CIPP/US, CIPP/E, CIPM, CompTIA Security+, or similar) - Experience with tools like Vanta, Drata, OneTrust, or Whistic - Experience working in or interning at a SaaS, AI, or legal technology company - You are already a GC AI user Required Skills: Privacy compliance, Data protection, Security questionnaires Nice-to-Have Skills: Learning new software Benefits: Equity for all full-time roles, Exceptional benefits, Commission plans for applicable roles