Senior Compliance Engineer

Posted:
11/22/2024, 11:02:41 AM

Experience Level(s):
Senior

Field(s):
Software Engineering

Workplace Type:
Hybrid

TRM is on a mission to build a safer financial system for billions of people. We deliver a blockchain intelligence data platform to financial institutions, crypto companies, and governments to fight cryptocurrency fraud and financial crime. We consider our business — and our profit — as a way to move towards our mission sustainably and at scale. 

Team Summary

  • The Security Team is responsible for and committed to securing all things at TRM. From our customers to our code, and everything in between, the security team is involved in all aspects of the business.

Job Summary:

  • We are looking for a Senior Compliance Engineer to own TRM’s compliance and GRC initiatives that ensure we continue to deliver best-in-class security and trust for our customers.

The impact you will have here:

  • Develop scalable and sustainable processes and tools for normalized controls, collecting audit evidence, monitoring controls, and conducting gap analyses.
  • Manage TRM’s existing security compliance and certification lifecycle (e.g., SOC 2 Type II) while planning for and prioritizing future compliance needs.
  • Develop a compliance program to achieve FedRAMP certification.
  • Manage customer due diligence requests including developing and maintaining security collateral for customers (e.g., SIG, CAIQ).
  • Conduct enterprise risk assessments and manage the risk registry.
  • Develop a vendor risk management program.
  • Identify areas for improvement based on input from customers, the go-to-market teams, and overall business objectives. Anticipate customer needs with respect to compliance and due diligence.

What we’re looking for:

  • Develop automation to programmatically implement controls validations and evidence collections. Experience with Python or other programming and scripting languages is required.
  • Work to align advanced technologies and Privacy by Design principles from the first stages of development and ensure that the data use meets established regulatory compliance needs.
  • Strong understanding of Public Sector compliance security standards including NIST 800-53, SOC 2, CMMC, ISO, CyberEssentials UK, and other common compliance frameworks.
  • Experience with leading a cloud-first SaaS company through the FedRAMP Moderate certification process.
  • Strong focus on normalizing controls across frameworks and standards, with an eye toward improving maturity, scalability, and consistency over time, while looking beyond just “checking the box”.
  • Privacy and GDPR experience is a plus.
  • Security certifications (e.g., CISSP, CISM) are a plus.

 


Life at TRM Labs

Leadership Principles

Our Leadership Principles are foundational element of our strategy, guiding how we make decisions, how we treat each other, and how we behave day-to-day.

  • Impact-Oriented Trailblazer: We put customers first, driving for speed, focus, and adaptability.
  • Master Craftsperson: We prioritize speed, high standards, and distributed ownership.
  • Inspiring Colleague: We value humility, candor, and a one-team mindset.

Build a Career 

Joining TRM means being part of a mission-driven team comprised of industry leaders. At TRM, you'll experience:

  • Purpose and Mission: Have a real-world impact, from disrupting terrorist networks to returning stolen funds.
  • Inspiring Colleagues: Collaborate with industry leaders and learn something new daily.
  • Personal Growth: We're not just using technology; we're inventing it and taking category-defining products to market.

Work Environment

  • Remote First: Our HQ is online. Tools like Zoom and Slack ensure seamless collaboration, but we also value in-person interactions, organizing regular meetups and offsites for team bonding. Clear communication is key in our decentralized setup. With tools like Slack, Loom, and voice notes, we document meetings and decisions, promoting transparency and efficiency.
  • Ownership & TRM Speed: Small teams drive big goals at TRM. Every team member has significant ownership and responsibility, fostering an environment of initiative and direct impact. While there's no strict clocking in or out, we expect team members to balance personal schedules and team needs. We move “surprisingly fast” while maintaining a high bar in service of our customers and mission. This can feel both intense and rewarding. Our unique approach to projects emphasizes quick wins, rapid iterations, and constant feedback.
  • Diversity and Inclusion: Diversity at TRM encompasses backgrounds, experiences, and perspectives. Every day is an opportunity to learn from a colleague, whether they're a law enforcement expert or a tech pioneer.
  • Annual Company Offsite: Once a year, TRMers come together from around the world to attend a 1-week mandatory company offsite. This is designed to foster in-person relationships, creativity, and strategic alignment. Employee attendance is required of all TRMers.  

Join Us

We're looking for team members who love building from the ground up and want to work hard in a fast-paced and ambitious environment. We are remote-first, with exceptionally talented team members located around the world. If you like solving tough problems quickly and seeing your work improve the lives of billions of people, we want you at TRM.

We encourage you to reach out even if your experience doesn't precisely match the job description. Don't worry about picking exactly the right job; we can always explore other options after starting the conversation. Your passion and interests will set you apart, especially if your background or career is unconventional.  

To all recruitment agencies: TRM Labs does not accept unsolicited agency resumes. Please do not forward resumes to TRM Labs employees. TRM Labs is not responsible for any fees related to unsolicited resumes and will not pay fees to any third-party agency or company that does not have a signed agreement with the Company.

TRM Labs

Website: https://www.trmlabs.com/

Headquarter Location: San Francisco, California, United States

Employee Count: 101-250

Year Founded: 2018

IPO Status: Private

Last Funding Type: Series B

Industries: Big Data ⋅ Blockchain ⋅ Compliance ⋅ Cryptocurrency