Remote Compliance Manager

closed
Logo of Sweed POS

Sweed POS

πŸ“Remote - Worldwide

Job highlights

Summary

The job is for a Compliance Manager in a remote-first cannabis retail tech startup. The successful candidate will ensure regulatory compliance, conduct internal audits, and develop training programs. Requirements include experience in compliance management, IT audit, or related fields, proficiency in English at B2 level, and relevant certifications.

Requirements

  • Experience in compliance management, IT audit, risk management, or a related field
  • Proven experience with SOC 1, SOC 2 certifications or HIPAA, including preparation, auditing, and maintaining compliance
  • In-depth understanding of regulatory requirements, industry standards, and internal policies related to IT compliance
  • Experience conducting risk assessments, internal audits, and preparing audit reports and compliance documentation/policies
  • Ability to understand and implement technical controls and measures to ensure data privacy and security
  • Capability to develop actionable recommendations for addressing compliance issues identified during audits
  • Experience interacting with external regulators, auditors, and other relevant roles
  • Proficiency in English at a minimum level of B2

Responsibilities

  • Create and maintain compliance policies and procedures
  • Ensure compliance with SOC 1, SOC 2, HIPAA; protect sensitive information and ensure data privacy
  • Conduct internal audits to ensure compliance; prepare reports and recommendations for addressing issues
  • Maintain compliance documentation; prepare regular reports for management on compliance status
  • Advise management and employees on compliance issues; support departments in meeting regulatory requirements
  • Maintain contact with regulators and auditors; prepare and submit necessary reports and documentation
  • Track changes in laws and regulations; adapt internal procedures to meet new requirements
  • Identify and evaluate non-compliance risks; develop measures to mitigate these risks
  • Investigate and resolve non-compliance complaints; implement corrective actions based on findings
  • Design and deliver training programs on compliance; keep employees informed about policy changes

Preferred Qualifications

  • Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP) are preferred and will be a plus
  • Experience in maintaining GDPR compliance will be a plus

Benefits

  • Medical insurance becomes available after the probation period
  • Equipment reimbursement for essential items such as laptops and additional equipment like monitors
  • 20 working days per year of vacation
  • 3 days of sick leave
This job is filled or no longer available