ABOUT BASETEN
Baseten powers mission-critical inference for the world's most dynamic AI companies, like Cursor, Notion, OpenEvidence, Abridge, Clay, Gamma and Writer. By uniting applied AI research, flexible infrastructure, and seamless developer tooling, we enable companies operating at the frontier of AI to bring cutting-edge models into production. We're growing quickly and recently raised our $300M Series E, backed by investors including BOND, IVP, Spark Capital, Greylock, and Conviction. Join us and help build the platform engineers turn to to ship AI products.
THE ROLE
Baseten is AI inference infrastructure — we run the models our customers bring, reliably and at scale. That position shapes everything about how we approach AI law, privacy, and regulation. Our customers control model selection, training data, and safety decisions; we comply as the infrastructure layer and as a processor under our DPA. We're hiring an Assistant General Counsel, AI, Privacy & Governance to own that regulatory spine.
This is a build role at the intersection of AI regulation, data protection, export controls, and security. You'll be the owner of Baseten's position under emerging AI law, the architect of our privacy program, and the legal partner to Security and Compliance as we pursue and maintain certifications. You'll also be a commercial enabler — supporting Model Labs and partnership deals where these questions are most acute, and pitching in on customer and Sales deals alongside the rest of the team. Your center of gravity is Baseten's regulatory program — AI law, privacy, export, and governance — and that work comes first even as you support live deals.
RESPONSIBILITIES
- Own Baseten's legal and regulatory positioning under AI regulation — the EU AI Act, U.S. state AI laws, NIST AI RMF, and emerging frameworks
- Lead export and trade compliance, including BIS / EAR advanced-computing and semiconductor controls, end-use / end-user diligence, and sanctions screening as they apply to compute access and model distribution — owning the policy and screening framework that Commercial and Infra & Compute apply in their deals
- Build and run the privacy program: GDPR / CCPA compliance, the DPA and sub-processor framework, data-subject requests, cross-border transfer mechanics, and Baseten's posture as a processor
- Own the governance and controls layer for certifications — SOC 2, ISO/IEC 42001, HIPAA-eligible configurations — partnering with Security and Compliance on policy lifecycle, controls testing, evidence, and audit / regulator readiness
- Translate regulatory obligations into operational controls, documentation, and training that engineering, product, and GTM teams will actually adopt
- Serve as legal partner to the Security and GRC organizations on regulated-data handling, customer and auditor assurance, and risk-acceptance decisions
- Support Model Labs and partnership agreements on AI-law, privacy, export, and IP-provenance terms; support customer and Sales deals on the same as needed
- Advise the CLO and leadership on regulatory risk, monitor the evolving landscape, and recommend readiness plans for new or amended regimes
- May assist on M&A and other strategic or one-off transactions as needed
REQUIREMENTS
- JD and active bar membership in good standing
- 8+ years across some combination of AI / tech regulatory, privacy, export / trade controls, and compliance / governance work, with in-house time at a technology, cloud, or infrastructure company
- Working command of data-protection frameworks (GDPR, CCPA) and the operational mechanics of a privacy program — not just the doctrine
- Familiarity with AI governance frameworks (EU AI Act, NIST AI RMF, ISO/IEC 42001) and security / assurance regimes (SOC 2, ISO 27001)
- Demonstrated ability to operationalize a regulatory regime end to end — controls, documentation, testing, reporting — in genuine ambiguity
- Strong cross-functional skills: you can partner credibly with Security, Engineering, and Compliance and turn obligations into controls
- Commercially grounded; comfortable supporting live deals and making measured, informed risk calls
- The ability to learn, build, and master AI tooling and systems to self-serve and operate at breakneck speed
- A desire to become a recognized thought leader in your field
NICE TO HAVE
- Direct experience with BIS / EAR export controls, CFIUS, or trusted-supplier / country-of-origin programs
- Experience standing up or scaling a privacy or compliance program from an early stage
- Relevant certifications (CIPP/E, CIPM, IAPP AIGP, or comparable)
- Exposure to AI-specific contracting — model licensing, data provenance, training-data representations
- Experience at an AI, ML, or developer-infrastructure company
BENEFITS
- Competitive compensation, including meaningful equity.
- 100% coverage of medical, dental, and vision insurance for employee and dependents
- Flexible PTO policy including company wide Winter Break (our offices are closed from Christmas Eve to New Year's Day!)
- Paid parental leave
- Fertility and family-building stipend through Carrot
- Company-facilitated 401(k)
- Exposure to a variety of ML startups, offering unparalleled learning and networking opportunities.
Apply now to embark on a rewarding journey in shaping the future of AI! If you are a motivated individual with a passion for machine learning and a desire to be part of a collaborative and forward-thinking team, we would love to hear from you.
At Baseten, we are committed to fostering a diverse and inclusive workplace. We provide equal employment opportunities to all employees and applicants without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status.
We are an Equal Opportunity Employer and will consider qualified applicants with criminal histories in a manner consistent with applicable law (by example, the requirements of the San Francisco Fair Chance Ordinance, where applicable).