Skip to Content

Legal & Compliance Counsel

Legal Contract

DPAs, privacy, subprocessors, and registrar contracts

Apply for this role Applied before? Sign in to track your applications →

We route other companies' traffic, terminate TLS for domains we do not own, and touch DNS across many providers. That means real legal and compliance surface: data processing agreements, privacy law, a subprocessor chain, and contracts with registrars and DNS providers. This is a contract role for counsel who can handle privacy and commercial work for an infrastructure product and give plain, practical answers rather than long memos. You will help us build a compliance posture our customers can trust and verify.

What you will do

  • Draft and maintain our data processing agreements and keep the subprocessor list accurate as our provider and infrastructure chain changes.
  • Own privacy compliance, including GDPR and CCPA, for a product that proxies traffic and handles domain and DNS data.
  • Build our customer MSAs and terms so they are fair, clear, and hold up when an enterprise customer's legal team reads them.
  • Handle the registrar, reseller, and ICANN-adjacent contracts that sit under our domain search, purchase, and transfer flows.
  • Support our security and compliance posture, including the documentation customers ask for during vendor review.

What we are looking for

  • You have done privacy and commercial work for a SaaS or infrastructure company and know DPAs and subprocessor obligations well.
  • You are fluent in GDPR and CCPA and can apply them to a product that handles traffic and DNS data, not just marketing lists.
  • You draft contracts that are clear and defensible, and you explain the tradeoffs in plain language.
  • You are comfortable being the practical legal partner to a small team that moves quickly.

Bonus

  • You have worked on registrar, reseller, or ICANN-adjacent agreements.
  • You have helped a company reach SOC 2 or a similar security posture and know what customers actually ask for.
  • You have supported infrastructure or developer-tools companies where the data flow itself is the legal question.

Where we stand

Equal opportunity employer

We hire on merit and welcome everyone.

Reasonable accommodations

Available for disability and pregnancy, on request.

Participates in E-Verify

We confirm work authorization only after you accept an offer.

No salary history asked

We never ask what you earned before.

Your data, protected

Applicant privacy notice covering GDPR and CCPA.

Custom Domain is an equal opportunity employer. We do not discriminate in hiring or employment on the basis of race, color, religion, sex (including pregnancy, sexual orientation, and gender identity), national origin, age, disability, genetic information, or any other characteristic protected by applicable federal, state, or local law. All employment decisions are based on qualifications, merit, and business need.

Custom Domain participates in E-Verify. We provide the U.S. Department of Homeland Security and the Social Security Administration with information from each new employee's Form I-9 to confirm authorization to work in the United States. We use E-Verify only after you have accepted a job offer and completed Form I-9.

If you need a reasonable accommodation to take part in the application or interview process, write to accommodations@customdomain.ai. We will work with you on accommodations for qualified individuals with disabilities and for known limitations related to pregnancy, childbirth, or related medical conditions.

Applicants have rights under federal employment laws. See the EEOC Know Your Rights notice, and review our Applicant Privacy Notice. We do not ask for your salary history.