Compliance Manager

Summary

Join TeamSnap as a Compliance Manager and lead our security and compliance program. You will manage policy creation, coordinate cross-functional ownership, and ensure compliance with SOC 2 Type 2 and other frameworks. Responsibilities include program governance, stakeholder alignment, audit and certification ownership, control operation and monitoring, risk management, and employee training. Success is measured by audit readiness, completed control activities, and clear compliance visibility to leadership. The ideal candidate has 5+ years of experience in information-security compliance, preferably in a SaaS environment, and demonstrated ownership of a full SOC 2 Type 2 audit cycle. TeamSnap offers a fully remote work environment with competitive compensation and a comprehensive benefits package.

Requirements

• 5+ years in information-security compliance, ideally within a SaaS environment
• Demonstrated ownership of at least one full SOC 2 Type 2 audit cycle
• Strong project-management skills: ability to run parallel work-streams, influence without authority, and meet tight deadlines
• Working knowledge of common control frameworks (SOC 2, ISO 27001, NIST CSF, etc..)
• Familiarity with security tooling for evidence collection (e.g., Vanta) and ticketing systems (Jira)
• Excellent written and verbal communication; adept at translating control requirements for technical and non-technical audiences

Responsibilities

• Draft, publish, and maintain information-security and privacy policies, standards, and procedures
• Establish a living compliance calendar covering control tests, access reviews, vendor assessments, and policy refresh cycles
• Facilitate working sessions so Engineering, IT, PeopleOps, and Legal understand their accountability for controls such as vulnerability management, change management, and incident response, etc
• Track and report control ownership status; escalate gaps or overdue actions
• Lead annual SOC 2 Type 2 audits end-to-end: scoping, readiness assessments, evidence collection, auditor coordination, and remediation follow-up
• Maintain audit work-papers and a centralized evidence repository
• Execute and document periodic controls: quarterly user access reviews, privileged-access attestations, vendor risk assessments, business continuity tests, and vulnerability-remediation SLAs
• Automate evidence capture wherever feasible through tooling integrations (e.g., Vanta, Jira, Slack)
• Conduct security risk assessments for new products and vendors; track mitigation plans to closure
• Monitor regulatory and industry changes; update policies and training content accordingly
• Generate KPIs and board-level metrics on compliance health, audit findings, and risk trends
• Develop and deliver role-based security and privacy training; ensure coverage and completion tracking
• Promote a culture of accountability through regular communications, lunch-and-learns, and compliance office hours

Preferred Qualifications

• CISSP, CISA, CISM, or similar certification
• Experience building RACI matrices and running cross-functional governance forums
• Background in vulnerability management processes or secure SDLC

Benefits

• We're proud to be remote-first . We've been remote since 2009, long before COVID made it cool
• Unlimited PTO and paid parental leave for ALL parents (not just primary or secondary)
• 100% premium coverage of medical/dental/vision for you and your family
• 401K to help you invest for the future
• $1,500 annual learning and development stipend
• Travel to fun locations for all-company meetings and team events
• Generous home office allowance to set you up for success
• TeamSnap SWAG to our store upon starting and a $50 credit on every work anniversary thereafter
• A monthly stipend reimbursement for health & wellness and so much more!