Corporate Compliance Counsel

Who are we?

Checkmarx is the leader in application security and ensures that enterprises worldwide can secure their application development from code to cloud. Our consolidated platform and services address the needs of enterprises by improving security and reducing TCO, while simultaneously building trust between AppSec, developers, and CISOs. At Checkmarx, we believe it’s not just about finding risk but remediating it across the entire application footprint and software supply chain with one seamless process for all relevant stakeholders.

We are honored to serve more than 1,800 customers, which includes 40 percent of all Fortune 100 companies, including Siemens, Airbus, Salesforce, Stellantis, Adidas, Walmart, and Sanofi.

What are we looking for?

Checkmarx is seeking an experienced, execution-focused Corporate Compliance Counsel to scale and mature our global compliance, data protection, and regulatory programs. This role will build strategic compliance frameworks, drive enterprise-wide adoption of best practices, and oversee operational activities across GDPR, AI governance, DORA, sanctions/export controls, ESG, and related domains.

The ideal candidate combines deep subject-matter expertise with the ability to design, scope, and manage complex workplans. This leader will collaborate closely with technical, product, R&D, marketing, GRC, ESG, and commercial teams, while providing clear, data-driven updates to senior management and the board.

How will you make an impact?

GDPR & Data Protection

• Serve as the company’s privacy expert, leading gap analyses, remediation, and ongoing compliance activities (DPIAs, LPIAs, ROPAs).
• Draft and maintain privacy policies, procedures, and documentation.
• Manage data subject requests, complaints, and dispute resolution processes.
• Support the business with DPA drafting, negotiation, and privacy guidance.
  
  

• Lead the development of the company’s AI compliance and governance framework, including risk assessment, governance structure, and responsible AI practices.
• Partner with R&D, product, and GRC teams to operationalize responsible AI principles.
• Deliver internal training and monitor emerging AI regulatory standards and requirements.
  
  

• Support ESG policy development, reporting, and annual disclosures.
• Coordinate responses for ESG rating platforms and investor questionnaires.
• Manage ESG-related supply chain compliance and flow-down requirements.
  
  

• Oversee sanctions screening, partner diligence, and export control workflows.
• Manage reporting obligations and program updates in response to evolving regulatory or geopolitical conditions.
  
  

• Serve as subject matter expert on DORA, the EU AI Act, and other regulatory frameworks.
• Monitor global regulatory developments and advise internal stakeholders.
• Draft policies and develop training for technical and non-technical audiences.
• Manage junior compliance team members supporting sanctions, diligence, GDPR, and ESG work.
• Maintain visibility into operational metrics such as screening volumes, diligence activity, and related reporting.
  
  

• 8–12+ years of experience in compliance, with strong expertise in GDPR and growing experience in AI governance – MUST.
• Demonstrated ability to design and execute multi-workstream compliance programs.
• Proven policy drafting and training development skills.
• Strong cross-functional leadership and communication abilities, including experience working with engineering, product, and commercial teams.
• Ability to synthesize regulatory requirements into clear, actionable processes.
• Native-level written and spoken English is a must.
  
  

• Experience in technology, SaaS, cybersecurity, or other fast-paced, regulated environments.
• Certifications such as CIPP/E, CIPM, or AI governance-related credentialing.
• Familiarity with ESG frameworks and sanctions/export control regulations.