Key skills
PythonCompliance frameworksSecurity certificationsRisk managementVendor risk managementPrivacy by DesignPublic Sector complianceTechnical expertiseGoAIAnalyticsBlockchainSaaSRisk Management
About this role
TRM Labs is a provider of blockchain analytics and AI solutions aimed at helping various sectors detect and investigate financial crimes. The Senior Compliance Engineer will be responsible for managing compliance initiatives, developing scalable processes, and ensuring regulatory certifications are maintained.
Responsibilities:
- Develop scalable and sustainable processes and tools for normalized controls, collecting audit evidence, monitoring controls, and conducting gap analyses
- Manage TRM’s existing security compliance and certification lifecycle (e.g., SOC 2 Type II, ISO 27001/27701, FedRAMP, CMMC) while planning for and prioritizing future compliance needs
- Operationalize the GRC program to maintain our regulatory certifications
- Manage customer due diligence requests including developing and maintaining security collateral for customers (e.g., SIG, CAIQ)
- Conduct enterprise risk assessments and manage the risk registry
- Develop a vendor risk management program
- Identify areas for improvement based on input from customers, the go-to-market teams, and overall business objectives. Anticipate customer needs with respect to compliance and due diligence
Requirements:
- Experience with Python or other programming and scripting languages is required
- Strong understanding of Public Sector compliance security standards including NIST 800-53, SOC 2, CMMC, ISO, CyberEssentials UK, and other common compliance frameworks
- Experience with leading a cloud-first SaaS company through the audit processes
- Strong focus on normalizing controls across frameworks and standards, with an eye toward improving maturity, scalability, and consistency over time, while looking beyond just 'checking the box'
- Privacy and GDPR experience is a plus
- Security certifications (e.g., CISSP, CISM) are a plus