CrawlJobs Logo

Compliance Manager, Customer Trust & Third Party Risk

figma.com Logo

Figma

Location Icon

Location:
United States , San Francisco

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

149000.00 - 288000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

The Compliance Manager will be responsible for leading third-party vendor reviews and advancing customer trust initiatives. The role is divided equally between performing vendor assessments and collaborating with internal stakeholders to ensure clear communication of our security posture and timely resolution of customer security and compliance inquiries.

Job Responsibility:

  • Conduct and maintain third-party vendor security assessments, monitor ongoing vendor risk, and track remediation efforts to ensure alignment with internal policies and standards
  • Partner with Procurement, Legal, Contracts, and Security teams to embed appropriate risk and compliance controls into vendor agreements and support negotiations or escalations
  • Develop and maintain reporting and metrics that provide leadership visibility into vendor and third-party risk posture
  • Coordinate timely, accurate responses to customer security questionnaires, audits, and other trust-related inquiries by collaborating with IT, Legal, Security, Sales, and Customer Success
  • Prepare, present, and maintain security documentation and reports that demonstrate the organization’s security and compliance commitments
  • Manage customer audits and risk assessments, proactively identifying and addressing customer-raised risks or concerns
  • Create, centralize, and scale security assurance content and evidence, continuously improving processes to enhance customer trust and support sales acceleration

Requirements:

  • Strong understanding of security frameworks and standards (e.g., ISO 27001, NIST, SOC 2)
  • Excellent communication and interpersonal skills, with the ability to convey complex security concepts to non-technical audiences
  • Experience in responding to security questionnaires and managing customer audits
  • Strong organizational and project management skills
  • Ability to build and maintain strong customer relationships

Nice to have:

  • Experience with audit tools, GRC platforms, and automation technologies
  • Ability to work efficiently and independently in a fast-paced, high-volume environment
  • CISA, CRISC, and CISSP
What we offer:
  • equity
  • health, dental & vision
  • retirement with company contribution
  • parental leave & reproductive or family planning support
  • mental health & wellness benefits
  • generous PTO
  • company recharge days
  • a learning & development stipend
  • a work from home stipend
  • cell phone reimbursement
  • sales incentive pay for most sales roles
  • an annual bonus plan for eligible non-sales roles

Additional Information:

Job Posted:
January 05, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Figma - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Compliance Manager, Customer Trust & Third Party Risk

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will play a vita...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master degree in Information Security, Cybersecurity, or a related field
  • 5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
  • Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
  • In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
  • Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
  • Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels
Job Responsibility
Job Responsibility
  • Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
  • Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
  • Develop and implement risk mitigation strategies to address identified vulnerabilities
  • Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
  • Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
  • Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
  • Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
  • Participate in audits as part of the Privacy audit program according to the agreed annual audit plan
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products
  • Fulltime
Read More
Arrow Right

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will contribute ...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master degree in Information Security, Cybersecurity, or a related field
  • 5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
  • Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
  • In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
  • Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
  • Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels.
Job Responsibility
Job Responsibility
  • Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
  • Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
  • Develop and implement risk mitigation strategies to address identified vulnerabilities
  • Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
  • Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
  • Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
  • Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
  • Participate in audits as part of the Privacy audit program according to the agreed annual audit plan.
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products.
  • Fulltime
Read More
Arrow Right

Compliance Analyst

insightsoftware is seeking a detail-oriented and proactive Compliance Analyst to...
Location
Location
United States , Remote
Salary
Salary:
Not provided
insightsoftware.com Logo
insightsoftware
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in information security, Cybersecurity, Computer Science, Risk Management, Legal Studies, Business Administration, or related field
  • Minimum 3+ years of experience in compliance program management, risk management, or information security roles, preferably in regulated industries or technology companies
  • Demonstrated experience responding to third-party risk assessments, security audits, customer security questionnaires, RFPs, and compliance due diligence requests
  • Working knowledge of regulatory frameworks and standards (e.g., ISO 27001, SOC 2 (Type II), NIST, FedRAMP, CMMC, PCI DSS, GDPR, CCPA), trade control regulations (EAR, ITAR), anti-bribery/corruption laws (FCPA, UK Bribery Act), and data privacy principles
  • A strong knowledge of at least one regulatory framework governing matters pertaining to data privacy, cybersecurity, trade compliance, or third-party risk management
  • Experience with third-party screening tools and vendor risk management platforms
  • Familiarity with GRC or data protection management platforms (e.g., OneTrust, ServiceNowMetricStream)
Job Responsibility
Job Responsibility
  • Support the development, implementation, and maintenance of a global compliance program, including trade compliance, anti-bribery/corruption, anti-trust, and business ethics
  • Conduct secondary screening of third parties (vendors, partners, customers) , and assess potential matches against government watchlists of denied, debarred, sanctioned, or restricted parties to ensure compliance with applicable trade compliance, export control and sanctions regulations (e.g., U.S. Department of the Treasury Office of Foreign Assets Control ("OFAC"), U.S. Department of Commerce Bureau of Industry and Security ("BIS"), U.K. Office of Financial Sanctions Implementation ("OFSI"), European Union, and United Nations)
  • Assist with export classification determinations and licensing requirements for software products and services, including evaluation of Export Control Classification Numbers ("ECCNs")
  • Support the company's compliance with applicable data protection regulatory frameworks (e.g., GDPR, CCPA)
  • Support the Corporate Counsel, Data Privacy, AI, Cybersecurity with data protection initiatives and obligations including data mapping exercises, processing activity records, and privacy impact assessments, and coordinate responses to data subject access requests ("DSARs") and privacy-related inquiries
  • Support privacy management tools and platforms for consent management and privacy workflow automation
  • Partner with company counsel, InfoSec, and other stakeholders with compliance audits, data privacy questionnaires, and third-party risk assessment processes including vendor due diligence and ongoing monitoring
  • Support risk and control self-assessments ("RCSA"), audit management, and remediation tracking
  • Collaborate with stakeholders including the Chief Information Security Officer ("CISO") and the team to quantify, monitor, and report on security and compliance performance
  • Maintain GRC platforms (e.g., ServiceNow, Archer, MetricStream) to track compliance activities, risks, and controls
Read More
Arrow Right

Ethics & Compliance Manager

The Manager, Ethics & Compliance provides leadership and support for all element...
Location
Location
United States , Alpharetta
Salary
Salary:
104000.00 - 121000.00 USD / Year
avanos.com Logo
Avanos
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or its non-U.S. equivalent – required
  • 4+ years of experience at a medical device, pharmaceutical, or other healthcare organization implementing a compliance program or other complementary job experience (such as roles within Internal Audit, Finance or Legal functions)
  • Expertise in Marketing or other fields will be considered upon demonstration of skill sets needed to perform the job duties
  • Experience in Healthcare industry – Device, Pharma, or Biotech is preferable
  • English language fluency required
  • Valued Advisor to business leaders with experience finding solutions to complex ethical issues
  • Excellent research, writing, and communication skills, and excellent ability to analyze complex matters and present them simply and clearly
  • Excellent organizational and time management skills with the ability to prioritize and manage a heavy and multi-directional workload
  • Demonstrates Integrity and commitment to the highest ethical standards and personal values
  • Ability to work independently and as part of a team (cooperative, encourages collaboration, builds consensus, easily gains the trust and support of superiors and peers, and finds common ground and solves problems)
Job Responsibility
Job Responsibility
  • Oversight: Supports the implementation of the Global Compliance Program under the direction of the Chief Ethics & Compliance Officer
  • Advice and Guidance: Provides day-to-day advice and guidance to relevant business teams on Ethics & Compliance matters
  • Risk Assessment Activities: Supports the annual Risk Assessment and reviews activity-specific plans by the business teams
  • Written Standards: Provides support on the drafting, implementation and communication of Compliance-related policies and procedures
  • Program Management: Implements actions as specified in the annual work plan and KPIs
  • Training and Communications: Supports the implementation of the annual training and education plans
  • Monitoring and Auditing: Supports the Audit, Monitoring and Investigations teams in activities as required
  • Third Party Management: Supports Third Party Seller and Non-seller Third Party (NSTP) compliance management and initiatives
  • Investigations: Conducts and/or assists in investigations to the extent requested
  • Corrective Actions: Implements and tracks appropriate and consistent corrective actions for identified compliance issues and assessment activities
What we offer
What we offer
  • incentive compensation program
  • benefits on day 1
  • free onsite gym
  • onsite cafeteria
  • generous 401(k) employer match of 100% of each pretax dollar you contribute on the first 4% and 50% of the next 2% of pay contributed with immediate vesting
  • uncapped sales commissions
  • Fulltime
Read More
Arrow Right

Customer Trust & Security Compliance Program Manager

We're looking for a Customer Trust & Security Compliance Program Manager to own ...
Location
Location
United States
Salary
Salary:
135000.00 - 150000.00 USD / Year
justvanilla.com Logo
Vanilla Technologies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5 years in a technical and/or security role with customer facing experience
  • Minimum of 3 years experience in program management, customer trust, or DDQ/RFP management within the tech industry with highly regulated customers
  • Proven track record in driving security processes and operational plans
  • Requires strong attention to detail, organizational skills, good judgement, and the ability to prioritize tasks, manage timelines, and meet tight deadlines
  • Strong contract review and negotiation skills related to security and compliance
  • Knowledge of security risks, vulnerabilities, and threat management
  • Background in supporting customer audits and engagements
Job Responsibility
Job Responsibility
  • Lead customer due diligence questionnaire (DDQ) and RFP response process and third-party risk management process
  • track and manage high volume of DDQ and RFP requests
  • Coordinate and collaborate with internal teams to meet tight deadlines
  • Handle a high volume of requests and interactions in a fast-paced environment
  • Support enterprise sales with technical customer security discussions
  • Lead SOC 2 Type II audit preparation, evidence collection, and remediation
  • Conduct third party vendor security assessments, collaborate on third party risk management processes
  • Implement and manage third party tool and new processes to create efficiencies
  • Develop the security narrative and conduct security reviews for new product functionality to enable GTM
  • Review and negotiate security and compliance language in customer contracts in collaboration with Legal team
What we offer
What we offer
  • Flexible paid time off policy and 10 company-wide paid holidays
  • Parental leave, 4 weeks for all full-time employees and up to 12 weeks for birthing parents
  • Medical, dental, and vision benefits coverage for employees and their families
  • 401K eligibility after one month of employment
  • Free estate planning documents
  • Budget for learning & development and home office setup
  • Paid parking or transit for hybrid and in office employees
  • Fulltime
Read More
Arrow Right

Director of Governance, Risk, Compliance and Trust

Everlaw is seeking a pragmatic and execution-oriented Director of GRCT to lead o...
Location
Location
United States , Oakland
Salary
Salary:
230000.00 - 312000.00 USD / Year
everlaw.com Logo
Everlaw
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in Information Security, Risk, or Compliance
  • Senior ownership of FedRAMP Moderate/High programs from authorization through steady-state operations
  • Hands-on experience implementing modern GRC automation platforms
  • Experience driving a shift from manual compliance processes toward Continuous Control Monitoring
  • Strong risk judgment, evaluating control gaps, exception requests, and architectural trade-offs pragmatically
  • Technical literacy to lead Security Impact Analyses (SIA) and embed compliance into DevOps and CI/CD workflows
  • Experience supporting customer assurance and GTM efforts—from complex security questionnaires to executive-level conversations
  • Operational and people leadership skills, skilled at establishing operating rhythms, defining meaningful program metrics, driving predictable execution, and coaching high-ownership teams
  • Clear and credible communicator, able to distill complex technical and regulatory topics
  • Bachelor’s degree in Information Security, Computer Science, Engineering, Information Systems, or a related field (or equivalent practical experience)
Job Responsibility
Job Responsibility
  • Public Sector Compliance Ownership: Own Everlaw’s public sector compliance posture, including FedRAMP and GovRAMP authorization and ongoing maintenance
  • Regulatory & Contractual Requirements: Ensure compliance with specialized regulatory and contractual requirements (e.g., CJIS, FTI)
  • Global & Industry Certifications: Accountable for global and industry certifications, including SOC 2, ISO 27001/27017/27018, UK CE+, GDPR, and HIPAA
  • Audit Readiness & Execution: Ensure sustained audit readiness through clear control ownership, effective evidence management, and scalable compliance processes
  • Strategic Certifications & Market Access: Own the go/no-go framework for pursuing new certifications or regulatory authorizations (e.g., ISO 42001)
  • Regulatory Awareness: Continuously monitor emerging regulatory and industry requirements and advise leadership on impact, readiness, and timing
  • Security Risk Identification & Management: Oversee the identification, assessment, and tracking of information security risks
  • Security Impact Analysis (SIA): Partner with Security Engineering to lead the SIA process for major system, infrastructure, and product changes
  • Third-Party Security Risk: Oversee the vendor security risk lifecycle, from onboarding through ongoing monitoring and renewal
  • Pragmatic Governance & Decision Support: Maintain security policies, standards, and exception processes
What we offer
What we offer
  • Equity program
  • 401(k) retirement plan with company matching
  • Health, dental, and vision
  • Flexible Spending Accounts for health and dependent care expenses
  • Paid parental leave and approximately 10 days (80 hours) per year of sick leave
  • Seventeen paid vacation days plus 11 federal holidays
  • Membership to Modern Health to help employees prioritize mental health and wellness
  • Annual allocation for Learning & Development opportunities and applicable professional membership dues
  • Company-sponsored life and disability insurance
  • Work in Uptown Oakland, just steps from the BART line and dozens of restaurants and walking distance to Lake Merritt
  • Fulltime
Read More
Arrow Right

Associate Director, Investigations

The Associate Director, Investigations provides senior leadership and advanced s...
Location
Location
United States , Alpharetta
Salary
Salary:
154000.00 - 180000.00 USD / Year
avanos.com Logo
Avanos
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or its non-U.S. equivalent – required
  • Advanced degree, including MBA, JD, or equivalent - required
  • 7+ years of experience at a medical device, pharmaceutical, or other healthcare organization implementing a compliance program or other complementary job experience (such as roles within Internal Audit, Finance or Legal functions)
  • Expertise in Marketing or other fields will be considered upon demonstration of skill sets needed to perform the job duties
  • Experience in Healthcare industry – Device, Pharma, or Biotech is preferable
  • English language fluency required
  • Valued Advisor to business leaders with experience finding solutions to complex ethical issues
  • Excellent research, writing, and communication skills, and excellent ability to analyze complex matters and present them simply and clearly
  • Excellent organizational and time management skills with the ability to prioritize and manage a heavy and multi-directional workload
  • Demonstrates Integrity and commitment to the highest ethical standards and personal values
Job Responsibility
Job Responsibility
  • Oversight: Supports the implementation of the Global Compliance Program under the direction of the Chief Ethics & Compliance Officer
  • Risk Assessment Activities: Supports the annual Risk Assessment and reviews activity-specific plans by the business teams
  • Third Party Management: Leads the Third Party Seller and Non-seller Third Party (NSTP) compliance management and initiatives
  • Investigations: Leads the investigations into Ethics & Compliance related issues, allegations, or identified areas of risk
  • Helpline: Owns the helpline vendor relationship and managements the system, data flows and communications with internal and external stakeholders
  • Corrective Actions: Implements and tracks appropriate and consistent corrective actions for identified compliance issues and assessment activities
  • Written Standards: Provides support on the drafting, implementation and communication of Compliance-related policies and procedures
  • Program Management: Implements actions as specified in the annual work plan and KPIs
  • Training and Communications: Supports the implementation of the annual training and education plans
  • Monitoring and Auditing: Supports the Audit, Monitoring and Investigations teams in activities as required
What we offer
What we offer
  • benefits on day 1
  • free onsite gym
  • onsite cafeteria
  • HQ region voted 'best place to live' by USA Today
  • uncapped sales commissions
  • generous 401(k) employer match of 100% of each pretax dollar you contribute on the first 4% and 50% of the next 2% of pay contributed with immediate vesting
  • attractive incentive compensation program
  • Fulltime
Read More
Arrow Right

Head of Financial Crime

Responsible for oversight of the 2nd line financial crime team and maintaining a...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
socialvalueportal.com Logo
Social Value Portal Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven financial crime expertise, preferably with a strong understanding of the Lloyd’s market and framework
  • Regulator relations experience in an insurance-related and/or financial services company/organisation
  • Expert knowledge of financial crime regulation, policies and procedures, particularly UK/EU/UN/OFAC Sanctions regimes, the Economic Crime and Corporate Transparency Act (ECCTA), the UK Proceeds of Crime Act Section 7, FCA SYSC Handbook 6.3, FCA Financial Crime Guide Parts 1 & 2, UK Bribery Act, UK Fraud Act, JMLSG Guidance, and Suspicious Activity Reporting
  • Degree level educated
  • and/or Relevant professional qualification and experience
  • Ability to build strong partnering relationships with a wide range of stakeholders
  • Ability to interact professionally and with credibility and manage expectations of senior management and key stakeholders
  • Proven management experience, with experience of leading / managing strategic change
  • Experience of dealing with financial crime regulatory agencies, including OFAC, OFSI & EU, in relation to sanctions issues
  • Experience of working in a global and fast paced business environment is essential
Job Responsibility
Job Responsibility
  • Line management of the financial crime team to include regular team meetings, 1:1s, action setting and tracking, performance assessment and associated responsibilities
  • Member of appropriate governance forums/committees as required
  • Management of any relevant external advisors as required
  • Manage and maintain an effective Financial Crime function supporting and protecting the group against the six pillars of financial crime risk (Bribery & Corruption, Fraud, Market Abuse, Money Laundering, Sanctions Evasion and Tax Evasion) and related reputational risk ensuring that the needs of all stakeholders are met
  • Ensure the resourcing model, quantity and quality of resources enable the Financial Crime Function to meet the group’s needs
  • Develop and maintain Beazley’s financial crime policy in line with legislative and regulatory obligations, ensuring the policy remains up to date
  • Produce regular financial crime reports and present to appropriate Boards and Committees when required
  • Act in an advisory capacity to support business heads and management focus on the financial crime risk in individual business areas
  • Assist senior management in development and maintaining an effective financial crime compliance culture
  • Ensure that the firm’s risk management policies, risk assessment profile and their application are adequately documented and approved by Beazley’s Executive Committee and Board of Directors
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy