Senior Compliance Manager (Fintech)

TL;DR

Senior Compliance Manager (Fintech/SaaS): Own and scale the company’s global compliance program across regulatory, security, and privacy frameworks with an accent on leading external audits and certifications (SOC 2, PCI DSS, ISO 27001). Focus on developing policies and controls, driving vendor risk management, mitigating risks, and partnering with Sales, Product, and Engineering teams to support enterprise deals and security reviews.

Location: Fully remote based in Europe (United Kingdom preferred)

Salary: UK: $90k-$120k USD (approx. £66k-£89k); EU: $70k-$90k USD (approx. €59k-€77k). Final compensation based on experience, skills, and location.

Company

SaaS platform enabling nonprofits to accept donations and manage payments.

What you will do

• Lead external audits and certifications (SOC 2, PCI DSS, ISO 27001), including preparation, execution, and remediation.
• Develop and maintain policies, controls, and governance frameworks aligned with business needs.
• Partner with Sales and Customer teams to support security reviews and enterprise deals.
• Drive vendor risk management and third-party compliance processes.
• Identify, assess, and mitigate compliance and security risks using a risk-based approach.
• Monitor compliance incidents, leverage tools like Vanta for automation and reporting, and deliver internal training programs.
• Advise General Counsel and leadership on compliance strategy and business trade-offs.

Requirements

• 5–10+ years in compliance, risk, IT audit, or security governance roles.
• Experience building and maintaining compliance programs, including audits and risk assessments.
• Strong knowledge of frameworks such as GDPR, SOC 2, PCI DSS, ISO 27001.
• Experience managing audits and working with external auditors.
• Ability to translate regulatory requirements into practical business processes.
• Experience with compliance automation tools, preferably Vanta.
• Strong product and technical understanding to partner with Product and Engineering.
• Experience supporting enterprise sales (security questionnaires, RFPs).

Nice to have

• Deep expertise in one or more security/compliance frameworks (e.g., SOC 2, PCI DSS, ISO 27001).
• Familiarity with vendor risk management and subprocessor oversight.
• Experience operating across US, UK, and EU regulatory environments.
• Certifications in compliance, audit, or security (e.g., CISA, CISM, CISSP, ISO Lead Auditor).
• Experience in SaaS, fintech, payments, healthcare, or other data-heavy environments.

Culture & Benefits

• Fully remote work.
• Eligibility for employee equity plan (stock options).
• Reimbursement for home office expenses and professional development up to $1.5k.
• Generous time off: 21 days PTO (birthday included), 8 holidays of your choice, 2 paid volunteer days.
• Wellness program with fitness and mindfulness classes.