Summary

What you'll do

1. Oversee Privacy and Compliance Frameworks:
2. Oversee GDPR compliance practices and drive certification efforts with TrustArc/eTrust, a leading privacy compliance governance certifier. 
3. Design and execute privacy and security programs and risk registers aligned with regulatory frameworks (e.g., SOC2, GDPR, ISO 27001).
4. Lead security and privacy program initiatives collaboratively across teams.
5. Act as a point of contact for privacy-related inquiries and audits.

1. Manage Security Protocols:
2. Develop and implement security protocols to ensure data integrity and protection.
3. Conduct system security audits and drive penetration testing.
4. Define access control measures, encryption standards, and secure data transfer protocols.

1. Technical Leadership:
2. Lead vulnerability assessments and remediation strategies.
3. Collaborate with engineering teams to integrate privacy-by-design and security-by-design principles.

1. Develop Training Programs:
2. Establish company-wide privacy and security training initiatives.
3. Stay current with evolving regulations and security threats, adapting strategies accordingly.

What we’re looking for

1. Bachelor’s or Master’s degree. 
2. 4-8 years of experience driving security/privacy engineering, business practices, and programs in a fintech SaaS or HRIS/payroll platform.
3. Proven track record managing GDPR, SOC2, or ISO 27001 implementations.
4. Strong understanding of encryption, authentication, and network security.
5. Familiarity with compliance management platforms like TrustArc or Drata.
6. Excellent written and verbal communication skills with the ability to simplify complex ideas for diverse audiences.

Certificates preferred

1. Certified Information Systems Security Professional (CISSP).
2. Certified Information Privacy Professional (CIPP/E, CIPP/US)ISO 27001.
3. Lead Implementer certification.

Skills

• Communications Skills
• Legal Consulting
• Team Collaboration