Spring Labs is redefining how data is exchanged for the new age of data sharing, security, and consumer privacy through decentralization. Our Spring Protocol Tech Stack, which includes the use of Blockchain and Cryptography, allows institutions to share information among themselves to verify identities and reduce fraud - all while protecting consumer data.
There are a few things we look for at Spring Labs in all qualified candidates, regardless of role or team. First, we look for signals that a candidate will thrive in a culture like ours, where we act like owners, empower and trust others, place ideas over hierarchy, and expect a high level of collaboration and performance. Second, we expect all employees to commit to our mission and become active culture carriers. Finally, we look for humble people, with the desire and capacity to grow and share their expertise.
The Sr. Compliance Manager is responsible for managing Spring Labs’ Compliance Program under the direction of the General Counsel. This includes analyzing any applicable regulatory, security, or operational requirements, and maintaining Standards, Policies and Procedures to ensure adherence to these requirements. This individual contributor is the primary point of contact for Spring Labs’ customers, partners, investors, auditors and third-party vendors for responding to due diligence requests, initiating review processes and audits, and will be responsible for ensuring that all phases of these processes are completed on time.
This person will work under the supervision of the Legal Counsel / Chief Information Security Officer to assist in maintaining and running the Compliance Program. The ideal candidate is a self-starter, who is agile, has a proven ability to learn on the job, and is interested in technology, laws, and regulations related to security, privacy, compliance, and risk management.
What You’ll Do
Manage existing compliance program and stay on top of relevant compliance frameworks
Coordinate external reviews and/or assessments from regulators, audit firms, and client due diligence requests
Manage compliance testing of existing compliance program and monitor current and future regulatory obligations
Conduct internal security risk assessments under the guidance of CISO.
Work with external auditors on SOC 2, PCI DSS, and other identified compliance frameworks in conjunction with legal and tech teams
Ensure compliance with regulations and implement changes where necessary in collaboration with the Legal team
Conduct KYBs periodically on traditional and Web 3.0 companies
Review and process escalated KYCs periodically
Maintain the Risk Management Program
Develop, review, and modify security and privacy policies
Keep up with relevant regulation, emerging threats, forecasts, policies and best practices, and maintain a mindset of constant innovation to consider possibilities in advancing the risk management framework.
What You'll Need
7+ years of related work experience building and/or operating compliance programs to mitigate risk, while ensuring confidentiality, integrity, and privacy.
Prior experience in preparing due diligence responses for regulated enterprises, Risk, Compliance or relevant Audit / Assessments functions
Strong understanding of common compliance and governance framework security controls and how security controls are implemented technically for a fast-growing and fast-paced technology company
Experience in project or program management
Ability to collaborate across interdisciplinary teams to achieve tactical and strategic goals; an innovative teammate, problem solver, and consultant.
Ability to evangelize IT security and compliance to make it a critical part of business operations
Must possess strong presentation skills and communicate professionally in response to emails, customer responses, auditors, and internal teams
Ability to effectively prioritize and execute tasks in high-pressure situations
Bonus Points
Big-4/Consulting experience in an audit or assessor function is a plus
Relevant professional certifications such as CISA, CISM, CRISC, CGEIT, CSX-P, CISSP, CCSK
Strong knowledge of compliance frameworks such as SOC 2, GDPR, PCI DSS, NIST Cyber Security Framework (CSF) / 800-53
Perks
Casual Work Environment
Fully Stocked Kitchen
Free Gym On-site
Weekly Office Events
Flexible PTO
Paid Sick Leave
Comprehensive Medical/Dental/Vision
FSA & DCSA
401(k)
Perks Discount Program
Spring Labs is committed to diversity, inclusion, and equality in its workforce and is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation, or any other basis protected by applicable law. Additionally, Spring Labs participates in the E-Verify program, as required by law.
Spring Labs is also committed to providing reasonable accommodations to individuals with disabilities. If you need reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to recruiting@springlabs.com and let us know the nature of your request and your contact.