About the Team: 

Sift is looking for an experienced Sr Compliance Manager to join our small, but mighty Legal & Compliance team. You will report to our Director of Security & Compliance, and work closely with our Security team to accomplish our company’s security-related and data protection compliance objectives. We’re a team that aims to execute quickly, but thoughtfully, always balancing risk with business objectives. 

What We’re Looking For: 

We’re looking for a self-starter, who will drive our compliance efforts and risk management programs. This includes being our policy go-to -- researching, developing, writing and updating security and related policies that align with various compliance and security objectives, such as SOC II Type 2, ISO 27001 and PCI-DSS (or other initiatives you advise the company to take on). You’ll keep up-to-date on upcoming compliance changes that may impact Sift and be a (pragmatic) advocate for changes that align with the company’s goals. 

What you’ll do:

• Lead and drive our compliance efforts, building and cultivating positive working relationships across departments and advising on compliance roadmap. 
• Lead and further develop our risk management program, including working with other departments, such as Security, Engineering, IT, Legal, HR, in annual compliance audits and preparing assessment and audit documentation for regular reviews.
• Regularly conduct internal audits to track adherence and perform gap assessments to track compliance readiness.
• Develop, update and maintain security policies, procedures and methodologies.
• Assist with completing security questionnaires from customers and answering customer questions with respect to compliance; work with the marketing team to create customer collateral to educate internal staff and aid in the sales process.
• Work closely with our Security Engineering and Product teams to ensure our products are validated against compliance standards (e.g., SOC2 Type II).
• Manage vendor security reviews and perform vendor risk assessments. 

• Knowledge of global privacy laws and regulations are a plus. 

What would make you a strong fit:

• Bachelor's degree
• 10+ years in compliance including, writing security policies/procedures and risk assessment 
• Advanced compliance knowledge (SOC II Type 2, ISO 27001 and PCI-DSS); experience in broader data protection is a plus.
• Experienced in organizing, documenting, tracking and executing projects
• Professional certifications in security, privacy risk management, and audit areas are a plus, such as CISSP, CIPP, or CISA. 

A great teammate with a sense of humor! 

A little about us:

Sift is the leading innovator in Digital Trust & Safety.  Hundreds of disruptive, forward-thinking companies like Airbnb, Zillow, and Twitter trust Sift to deliver outstanding customer experience while preventing fraud and abuse.

The Sift engine powers Digital Trust & Safety by helping companies stop fraud before it happens. But it’s not just another anti-fraud platform: Sift enables businesses to tailor experiences to each customer according to the risk they pose. That means fraudsters experience friction, but honest users do not. By drawing on insights from our global network of customers, Sift allows businesses to scale, win, and thrive in the digital era.

Benefits and Perks:

• Competitive total compensation package
• 401k plan
• Medical, dental and vision coverage
• Wellness reimbursement
• Education reimbursement
• Flexible time off

Sift is an equal opportunity employer. We make better decisions as a business when we can harness diversity in our experience, data, and background. Sift is working toward building a team that represents the worldwide customers that we serve, inclusive of people from all walks of life who can bring their full selves to work every day.

This document provides transparency around the way in which Sift handles personal data of job applicants: https://sift.com/recruitment-privacy