Legal Intern

What this role is

We don't have internal general counsel. What we do have is a growing portfolio of client projects that touch sensitive data, regulated industries, and the kinds of decisions that benefit from someone who's read the statute — not just the blog post about it.

This is a working role. You'll be embedded with the team, reading the actual contracts, reviewing the actual data handling, and flagging the actual risks. Not filing. Not coffee.

What you'll be doing

• Drafting and reviewing customer contracts, service agreements, and engagement terms
• Maintaining and updating our data compliance documentation as regulations evolve
• Reviewing client projects during development to validate that data handling practices meet applicable compliance requirements — HIPAA, CCPA, GDPR, and others as relevant
• Coordinating with our external counsel on matters that require bar-licensed sign-off
• Helping define how we handle PHI, PII, and other regulated data types — storage, residency, retention, and access controls — across client engagements
• Building out the internal legal infrastructure a growing software company actually needs

What we're looking for

You're in your third year of law school. You've thought seriously about tech law, privacy, or corporate practice — not because someone told you it was a growth sector, but because you find it interesting. You're comfortable reading a technical spec and asking the right questions about what it means for data liability.

You don't need to know how to write React. You do need to understand what it means when a React app sends user data to a third-party API — and what obligations that creates under HIPAA, CCPA, GDPR, or whatever framework governs that client's data.

Term

This is a fixed-term internship running August 27, 2026 – April 8, 2027.

What happens after

This internship has a defined end date. That said, we're a growing company and this role sits at the intersection of two areas we're actively building out — internal legal infrastructure and client-side compliance advisory. For the right person, there's a real path forward here, whether that's a general counsel function or a product-side role helping clients navigate data regulations through the full lifecycle of a technology engagement.

Qualifications

• 3rd-year law student (or entering final year at time of internship)
• 1–2 years of relevant work experience (legal, compliance, cybersecurity, or adjacent fields)
• Demonstrated interest in data privacy, technology law, or regulatory compliance
• Ability to read and interpret contracts, statutes, and regulatory frameworks
• Comfortable working alongside engineers and understanding technical data flows at a conceptual level
• Strong written communication skills — especially in translating legal risk into clear, actionable guidance
• High attention to detail when reviewing contracts, data handling practices, and compliance documentation

Nice to Have

• Exposure to frameworks such as HIPAA, CCPA, or GDPR
• Experience with contract drafting or legal clinics
• Familiarity with cybersecurity concepts or incident response
• Interest in building legal infrastructure within a startup or early-stage company

How to apply

Send your resume to careers@glacode.com with a brief intro, your law school, your expected graduation date, and anything that's relevant — a clinic you worked, a paper you wrote, a compliance problem you found interesting. External counsel we work with may be involved in the hiring conversation.