Regulatory Security Compliance Analyst
About the Role
You will own the compliance program across DORA, SOC 2, SOC 1, GDPR, and PCI, ensuring regulatory and audit requirements are met. You will lead compliance audits and certifications end-to-end, maintain and evolve policies, and ensure operational adherence by partnering with engineering, security, legal, and operations. You will identify gaps and drive remediation plans, build a proactive compliance culture, and assist in refining KYB, KYC, and AML processes and procedures.
Requirements
- 3–7+ years of compliance, GRC, or security assurance experience
- Deep familiarity with SOC 2, SOC 1, GDPR, and PCI and proven audit leadership
- Program management skills to coordinate cross-team timelines and workstreams
- Strong attention to detail and ability to translate complex requirements into actionable tasks
- Strong communication and influence skills with engineers, executives, and external auditors
- Nice to have: experience in card issuing, stablecoins, payments, or cross-border fintech products
- Nice to have: familiarity with ISO 27001 or DORA
- Nice to have: experience with Vanta
Responsibilities
- Own the compliance program across DORA, SOC 2, SOC 1, GDPR, and PCI
- Lead compliance audits and certifications end-to-end
- Maintain and evolve compliance policies
- Ensure operational adherence by partnering with engineering, security, legal, and operations
- Build a proactive compliance culture
- Identify gaps and drive remediation plans
- Assist in refining KYB, KYC, and AML processes and procedures
Benefits
- 95% coverage of Medical, Dental, and Vision premiums
- Equity for all team members
- Flexible hybrid setup with a SoHo office for NYC-based teammates
- Unlimited PTO
- Monthly product testing budget
- Monthly wellness stipend
- One-time home office setup stipend
- Frequent company events, team dinners, and offsites