Assistant General Counsel – AI, Privacy & Governance

Baseten

Assistant General Counsel leading AI regulatory and governance initiatives at Baseten, a cutting-edge AI infrastructure company. Ensuring compliance with evolving AI laws and data protection regulations.

Posted 6/3/2026full-timeSan Francisco • California, New York • 🇺🇸 United StatesSeniorLead💰 $225,000 - $275,000 per yearWebsite

Tech Stack

Tools & technologies

Cloud

About the role

Key responsibilities & impact

Own Baseten's legal and regulatory positioning under AI regulation — the EU AI Act, U.S. state AI laws, NIST AI RMF, and emerging frameworks
Lead export and trade compliance, including BIS / EAR advanced-computing and semiconductor controls, end-use / end-user diligence, and sanctions screening as they apply to compute access and model distribution — owning the policy and screening framework that Commercial and Infra & Compute apply in their deals
Build and run the privacy program: GDPR / CCPA compliance, the DPA and sub-processor framework, data-subject requests, cross-border transfer mechanics, and Baseten's posture as a processor
Own the governance and controls layer for certifications — SOC 2, ISO/IEC 42001, HIPAA-eligible configurations — partnering with Security and Compliance on policy lifecycle, controls testing, evidence, and audit / regulator readiness
Translate regulatory obligations into operational controls, documentation, and training that engineering, product, and GTM teams will actually adopt
Serve as legal partner to the Security and GRC organizations on regulated-data handling, customer and auditor assurance, and risk-acceptance decisions
Support Model Labs and partnership agreements on AI-law, privacy, export, and IP-provenance terms; support customer and Sales deals on the same as needed
Advise the CLO and leadership on regulatory risk, monitor the evolving landscape, and recommend readiness plans for new or amended regimes
May assist on M&A and other strategic or one-off transactions as needed

Requirements

What you’ll need

JD and active bar membership in good standing
8+ years across some combination of AI / tech regulatory, privacy, export / trade controls, and compliance / governance work, with in-house time at a technology, cloud, or infrastructure company
Working command of data-protection frameworks (GDPR, CCPA) and the operational mechanics of a privacy program — not just the doctrine
Familiarity with AI governance frameworks (EU AI Act, NIST AI RMF, ISO/IEC 42001) and security / assurance regimes (SOC 2, ISO 27001)
Demonstrated ability to operationalize a regulatory regime end to end — controls, documentation, testing, reporting — in genuine ambiguity
Strong cross-functional skills: you can partner credibly with Security, Engineering, and Compliance and turn obligations into controls
Commercially grounded; comfortable supporting live deals and making measured, informed risk calls
The ability to learn, build, and master AI tooling and systems to self-serve and operate at breakneck speed
A desire to become a recognized thought leader in your field.

Benefits

Comp & perks

Competitive compensation, including meaningful equity.
100% coverage of medical, dental, and vision insurance for employee and dependents
Flexible PTO policy including company wide Winter Break (our offices are closed from Christmas Eve to New Year's Day!)
Paid parental leave
Fertility and family-building stipend through Carrot
Company-facilitated 401(k)
Exposure to a variety of ML startups, offering unparalleled learning and networking opportunities.

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

AI regulationexport compliancetrade complianceGDPR complianceCCPA complianceSOC 2ISO/IEC 42001HIPAAregulatory risk managementoperational controls

Soft Skills

cross-functional collaborationrisk assessmentcommunicationleadershipproblem-solvingadaptabilitystrategic thinkingnegotiationtrainingthought leadership

Certifications

JDactive bar membershipSOC 2 certificationISO/IEC 42001 certificationISO 27001 certification