Are you passionate about technology and enjoy explaining complex solutions in a way that everybody gets excited? If so, read on!
About Picus
Picus Security, the leading security validation company, gives organizations a clear picture of their cyber risk based on business context. Picus transforms security practices by correlating, prioritizing, and validating exposures across siloed findings so teams can focus on critical gaps and high-impact fixes. With Picus, security teams can quickly take action with one-click mitigations to stop more threats with less effort.
The Picus Security Validation Platform easily reaches across on-prem environments, hybrid clouds and endpoints coupled with Numi AI to provide exposure validation.
The pioneer of Breach and Attack Simulation, Picus delivers award-winning threat-centric technology that allows teams to pinpoint fixes worth pursuing, offering a 98% recommendation in Gartner Peer Review.
About The Role
If you’re a results-driven early-career legal professional with an entrepreneurial mindset, this is a great opportunity to build your expertise in a fast-growing cybersecurity SaaS company. In this role, you will support the end-to-end legal and compliance operations that enable the global adoption of Picus Security Validation Platform.
As a Legal & Compliance Associate, you will work closely with our Commercial, Product, Security, and Operations teams to review contracts, support compliance programs, participate in audit processes, and help coordinate documentation for enterprise and government customers. This role is ideal for someone who is eager to learn, comfortable working in a dynamic environment, and enthusiastic about emerging technologies and AI-related regulatory developments.
We aim to deliver value through pragmatic legal guidance, strong regulatory awareness, and trusted relationships with customers and partners as we continue our digital transformation journey.
Picus is headquartered in Ankara, with a regional office in Istanbul, but our team is remote across Türkiye. Please note that all CVs must be submitted in English.
What You’ll Do
Support the review and drafting of commercial agreements, including Master Service Agreements, NDAs, Reseller/Partner Agreements, Purchase Agreements, and Managed Service Provider agreements.
Assist in coordinating contract negotiations with internal stakeholders and external partners.
Gain a deep understanding of Picus products and reflect product-specific requirements in legal documentation.
Prepare and coordinate documentation for RFP/RFI processes, including letters (MAF, non-blacklisting, compliance confirmations, specifications) and other mandatory forms for enterprise and government tenders.
Ensure timely collection of non-legal inputs from relevant teams and compile final submissions.
Act as a first-line contact for day-to-day compliance and privacy queries under the guidance of senior counsel.
Contribute to regulatory research and implementation efforts related to emerging frameworks such as the EU AI Act, DORA, and global data protection developments.
Assist in updating internal compliance policies and supporting adherence across departments.
Support ISO certification and SOC 2 audit processes in collaboration with the Information Security team.
Maintain accurate documentation, contract repositories, and compliance records.
Collaborate with remote teams across multiple geographies.
What You Have
Bachelor’s degree in Law. (Bar membership is a plus.)
2–3 years of experience in a legal, compliance, or contract-focused role; SaaS or technology sector experience is an advantage.
Strong command of written and spoken English.
Ability to understand and summarize legal concepts for non-legal teams.
Familiarity with commercial contracts, compliance frameworks, and data protection concepts.
Interest or experience in government tender processes.
Strong organizational skills and ability to manage multiple tasks with attention to detail.
Self-motivated, eager to learn, and comfortable working in a fast-paced startup environment.
Team-oriented mindset with experience working cross-functionally.
Understanding of cybersecurity products or standards is highly desirable.
Working at Picus
Fascinating work - a chance to shape and lead an exciting, fast-growing cyber security segment. Security Validation is a concept that helps organizations evaluate their security posture in a continuous, automated, and repeatable way. This approach allows for the identification of imminent threats, provides recommended actions, and produces valuable metrics about cyber-risk levels.
Unlimited opportunity! We are growing. At Picus, you'll be provided with as much responsibility as you can handle - new career development opportunities constantly arise given our rate of growth.
Global exposure - Get a lot of experience working not only in a fast-growing startup but also interact with customers all around the world.
Be part of a global remote team who is taking on Exposure Validation and a growing market segment.
We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to age, sex, race, color, national origin, religious belief, gender or gender reassignment, sexual orientation, marriage or civil partnership, pregnancy and maternity, disability, protected veteran status, or any other characteristic protected by International law. Upon conditional offer of employment, candidates are required to complete reference and identity checks in line with local labor laws and as per the Company’s employment policy.
