Job Title

Head of Legal & ComplianceLocation: Toronto, ON (Hybrid)Department: Legal & ComplianceReports to: CEO / Co-FoundersType: Full-time, PermanentSalary: C$140,000Website: https://prospeo.ioLinkedIn: https://www.linkedin.com/company/%CF%81r%CE%BF%D1%95%D1%80%D0%B5%CE%BF/About ProspeoProspeo is a B2B SaaS sales intelligence platform trusted by thousands of sales teams worldwide. We help businesses find verified contact data with 97%+ accuracy through triple verification. Our team of 20 is growing fast, and we are looking for our first dedicated legal and compliance hire to build the foundation that will support our next phase of growth.The RoleAs our Head of Legal & Compliance, you will be the single owner of everything legal, regulatory, data privacy, security compliance, and accounting coordination at Prospeo. This is a hands-on, individual contributor role with full autonomy. You will report directly to the co-founders, build our compliance infrastructure from the ground up, and serve as our Data Protection Officer (DPO). You will also be responsible for sourcing and managing the relationship with an external accounting firm, setting up the tools and processes to keep our financial records organized and audit-ready. On the HR side, you will handle lightweight people operations (time-off tracking, pay stubs, onboarding paperwork) using our existing HR software.This is a role for someone who thrives in ambiguity, builds systems from scratch, and uses AI as a daily tool to multiply their output. You will not manage a team (yet), but you will own a function that touches every part of the business.ResponsibilitiesLegal & Data Privacy (Core)Serve as the company's Data Protection Officer (DPO) and primary legal authorityOwn and manage our GDPR and CCPA compliance framework end to end, including data subject requests, data processing agreements, and privacy policiesDraft, review, and negotiate commercial contracts, terms of service, DPAs, NDAs, and partnership agreementsHandle regulatory registrations and filings across all jurisdictions where Prospeo operatesBuild and maintain internal compliance policies, training materials, and documentationServe as the go-to resource for all legal questions across the company, leveraging AI tools to accelerate research and draftingSecurity & Certification ComplianceLead our SOC 2 Type II and ISO 27001 certification processes using Vanta (or similar compliance automation platform)Work directly with our engineering team to implement security controls, policies, and monitoring required for certificationCoordinate with external auditors and manage the audit lifecycle from readiness assessment through completionMaintain ongoing compliance monitoring and ensure continuous adherence to certification requirementsAccounting CoordinationSet up and manage Dext (or equivalent) for invoice capture, receipt management, and expense categorizationSource, select, and manage the relationship with an external accounting firm for bookkeeping, tax filings, and financial reportingEnsure invoices, receipts, and financial records flow smoothly to the accounting firm on an ongoing basisCoordinate annual and quarterly tax reporting with the external firmPeople Operations (Lightweight)Manage time-off tracking, pay stubs, and basic HR administration using our existing HR softwareHandle onboarding and offboarding paperwork for new hires and departuresEnsure the company remains compliant with Canadian employment and labor lawRequirementsMust Have5+ years of experience in legal, compliance, or legal operations at a B2B SaaS or data-focused companyHands-on experience building (not just maintaining) a compliance program, including at least one SOC 2 or ISO 27001 auditDeep practical knowledge of GDPR and CCPA, including managing data subject requests and drafting DPAsExperience working with compliance automation platforms (Vanta, Drata, Secureframe, or similar)Comfort liaising with external accounting firms and managing financial documentation workflowsStrong contract drafting and review skillsProficient in using AI tools (e.g. ChatGPT, Claude) to accelerate legal research, contract drafting, policy writing, and compliance workflows, while applying your own expertise to validate and refine every outputHighly autonomous and self-directed; able to operate with minimal supervision in a fast-paced startup environmentFluent in EnglishNice to HaveCIPP/E, CIPM, or equivalent data privacy certificationLaw degree or paralegal background (not required)Experience with Dext or similar bookkeeping automation toolsFamiliarity with Canadian corporate and employment lawExperience in the sales intelligence or data enrichment industryPrior experience as a designated DPOWhat We OfferCompetitive salary: C$140,000Full ownership of a critical function with a direct line to the co-foundersHybrid work setup in Toronto, mostly remote.Growth opportunity in a young startup, performance review every 6 months.AI-forward environment: we actively encourage using AI tools to work smarter and faster