Senior Compliance Manager

About The Position

Requirements

• 5–10+ years in compliance, risk, IT audit, or security governance roles
• Experience building, implementing, and maintaining compliance programs, including audits and risk assessments
• Strong knowledge of frameworks such as GDPR, SOC 2, PCI DSS, ISO 27001
• Experience managing audits and working with external auditors
• Ability to translate regulatory requirements into practical business processes
• Strong judgment and ability to interpret and apply regulatory requirements in a practical, business-oriented way
• Experience with compliance automation tools, preferably Vanta, including managing controls and audit workflows

Nice To Haves

• Experience in SaaS, fintech, payments, healthcare, or other data-heavy environments
• Strong product and technical understanding, with ability to partner effectively with Product and Engineering teams
• Experience supporting enterprise sales (e.g., security questionnaires, RFPs, customer compliance requests)
• Deep expertise in one or more security/compliance frameworks (e.g., SOC 2, PCI DSS, ISO 27001)
• Familiarity with vendor risk management and subprocessor oversight
• Experience operating across US, UK, and EU regulatory environments
• Certifications in compliance, audit, or security (e.g., CISA, CISM, CISSP, ISO Lead Auditor)

Responsibilities

• Own and scale the company’s global compliance program across regulatory, security, and privacy frameworks
• Lead external audits and certifications (SOC 2, PCI DSS, ISO 27001), including preparation, execution, and remediation
• Develop and maintain policies, controls, and governance frameworks aligned with business needs
• Partner with Sales and Customer teams to support security reviews and enterprise deals
• Drive vendor risk management and third-party compliance processes
• Identify, assess, and mitigate compliance and security risks across the organization
• Apply a risk-based approach to compliance, making informed trade-offs that balance regulatory requirements with business and product needs
• Monitor and manage compliance incidents, requests, and inquiries, ensuring timely resolution and appropriate escalation
• Leverage tools (e.g., Vanta) to track compliance posture, automate workflows, and improve reporting
• Build and deliver internal compliance training and awareness programs across the organization
• Serve as a key advisor to the General Counsel and leadership team on compliance strategy, risk, and business trade-offs

Benefits

• Fully remote work from the comfort of your home
• Generous time off policy of 21 days (birthday included 🎉), 8 designated/floating holidays, 2 paid volunteer days, and 5+ sick days (dependent on state)
• Employer-sponsored health insurance plan through TriNet, including medical (United Healthcare), dental, vision, and life
• 401(k) retirement plan via TriNet's partner, Empower, with an employer match of up to 4%
• Reimbursement package for home office expenses and professional development, up to $1.5k
• Eligibility for employee equity plan (stock options)
• Wellness program with fitness and mindfulness classes
• Love your work and our mission of serving nonprofits!