Head of Legal and Compliance

We’re looking for a Head of Legal and Compliance to join Aibidia and own our commercial legal engine, champion privacy and security, and shape the governance that powers our next stage of growth. As Aibidia’s Head of Legal and Compliance you’ll drive complex commercial negotiations, steer GDPR and infosec programmes, and partner with leadership to help us scale with confidence.

In this role, you’ll lead on the development of a robust legal and compliance framework that supports innovation while mitigating risk. You’ll work cross-functionally to embed best practices into every aspect of our operations, from contract lifecycle management to data protection strategy. Your expertise will help us navigate global regulatory landscapes, empower commercial teams with clear guidance, and ensure that trust and integrity remain at the heart of everything we do.

At our core, we’re a diverse, fast-growing company with 100+ employees from 27 nationalities, bringing expertise across Sales, Tax, Technology, Legal, Marketing, and Product. We’re backed by top-tier investors Activant, DN Capital, Global Founders Capital and Icebreaker VC, and we’re just getting started.

This role will be based in our vibrant HQ in Helsinki.. We have a hybrid working model with some flexibility to also contribute remotely.

What you’ll do

Core legal

• Draft, review, and negotiate a wide range of commercial agreements, including customer, vendor, partnership, licensing, and SaaS contracts.

• Advise management and the board on corporate governance, maintain corporate records, and ensure compliance with Finnish and EU corporate laws.

• Identify, assess, and mitigate legal risks across business activities with a can-do mindset, offering pragmatic, growth‑enabling solutions.

• Monitor and interpret changes in relevant laws and regulations across tech, privacy, employment, commercial, and consumer protection, and advise on business impact.

• Manage pre‑litigation and litigation matters as needed, coordinating external counsel and overseeing dispute resolution.

Compliance

• Lead or support implementation and maintenance of information security compliance frameworks (e.g. ISO 27001, SOC 2), including internal audits, gap assessments, and remediation planning.

• Serve as the subject matter expert on GDPR, ensuring compliance, handling data subject requests, and embedding Privacy by Design in product development.

• Develop, update, and roll out internal legal, privacy, and compliance policies. Deliver training to foster a culture of compliance.

• Lead or coordinate responses to data breaches, security incidents, and regulatory investigations, including communications with authorities and affected stakeholders.

• Oversee third‑party and vendor legal and compliance due diligence, ensuring contractual safeguards and adherence to Aibidia’s information security and privacy standards.

What you’ll bring

Must‑haves

• 8+ years post‑qualification experience, largely in‑house at tech companies or at leading firms supporting tech clients.

• Strong experience in commercial contract law, corporate law, and general business legal matters.

• Hands‑on involvement with information security frameworks such as ISO 27001 and SOC 2.

• Strong working knowledge of GDPR and practical experience implementing privacy programmes in a tech environment.

• Experience advising in scaleups or high‑growth tech companies, ideally post‑Series B or C.

• Ability to independently manage projects, prioritise competing demands, and communicate complex topics to non‑specialists.

• Track record of proactively identifying risks and implementing practical, business‑enabling solutions.

• Fluency in English. Finnish is a strong plus for regulatory and contractual work in Finland.

Nice to have

• Exposure to broader regulatory regimes, e.g., DORA, EU AI Act, or sector‑specific regulations.

• Experience with international expansion, cross‑border transactions, or multi‑jurisdictional compliance.

• Familiarity with ESG compliance or sustainability reporting.

• Background in regulated sectors such as fintech, payments, SaaS, or digital health.

• Relevant certifications: privacy (CIPP/E, CIPM), information security (CISM, CISSP), or compliance (ICA, ACAMS).

Our Benefits:

• A fair share of Aibidia's success, benefiting from a competitive compensation and incentive package.

• Flexible working hours with a hybrid working policy.

• Comprehensive healthcare package.

• Genuine drive towards physical and mental wellbeing, with initiatives by an internal organisational health and wellbeing committee.

• The latest technology to ensure you can do your best work with the best tools.

• A boost for your professional development - performance-based growth is part of the company culture and there is a designated learning budget for every employee.

• An opportunity to be part of a global, fast-growing SaaS company revolutionising a traditional industry.

• Regular team social events.

• A non-hierarchical atmosphere and stellar culture at the office.

We are committed to fostering an inclusive culture that celebrates diversity, we want you to bring you, no matter your background, gender, race or sexual orientation!