Remote IT Risk Compliance Manager

Remote IT Risk Compliance Manager: Make a Real Impact from Anywhere Let’s Talk About the Big Picture You know how some teams just want someone to “tick boxes” and call it compliance? Yeah… that’s not us. Here, you’ll shape how we stay secure, smart, and ahead of the game. We’re remote-first, which means you can work from wherever you feel most productive—home office, coffee shop, or somewhere tropical (just don’t rub it in during Zoom calls). As our IT Risk Compliance Manager, you’ll be the steady hand behind the systems that keep our company safe and audit-ready. Your voice will matter. Your ideas will land. And your work? It’ll directly influence how we manage risk in a digital-first world. Wondering What You’ll Actually Do? We get it—job titles can be vague. Let’s break it down: Own Our Risk and Compliance Strategy You won’t just “follow policy”—you’ll write it, shape it, and refine it. You’ll:

• Build and maintain our IT risk management framework (not from scratch—we’ve got the bones, but we want your brain behind it)
• Lead internal audits, control assessments, and remediation efforts
• Keep us aligned with frameworks like NIST, ISO 27001, and SOC 2 (yeah, we’re aiming high)
• Translate regulations into actions—so everyone from engineers to execs actually gets it Be the Glue Between Teams Ever been the go-to person who explains things like GDPR or HIPAA without sounding like a robot? Perfect. You’ll:
• Work closely with IT, Security, Legal, HR, and vendors
• Be part of change management conversations
• Help new hires understand how we do things and why
• Jump into conversations early, not just when something’s gone wrong Keep Us Audit-Ready, Always Let’s be real: audits can be stressful. But when you’re on top of things, they don’t have to be. You’ll:
• Prep for annual SOC 2 and ISO 27001 audits
• Keep documentation clean, clear, and current
• Train teams on compliance best practices
• Manage vendor risk assessments and ensure third-party compliance Real People, Real Moments Actually, here’s a quick story. Last year, our lead DevOps engineer, Chris, nearly got buried under a mountain of access reviews during audit week. It was chaos. Then you came in (well, someone like you), and rolled out a clean, automated process with alerts, logs, and dashboards. Auditors smiled. Chris didn’t cry. Victory. That’s the kind of ripple effect we’re talking about. Let’s Get Into the Nitty-Gritty Alright, here’s what we hope you bring to the table: The Essentials
• 5+ years in IT risk, compliance, or cybersecurity
• Experience with frameworks like SOC 2, ISO 27001, NIST, HIPAA, or PCI-DSS
• Solid understanding of cloud security (AWS, Azure, GCP)
• You’ve built or managed audit/compliance programs before The Human Stuff
• You’re organized but flexible. You like plans, but you also know when to pivot.
• You ask the right questions. It’s not just about asking what went wrong—it’s about digging into why it happened in the first place and “How can we prevent it?”
• You know how to talk to people. From engineers to execs, you tailor the message.
• You care. About security, privacy, clarity, and helping people do their best work. Your Day-to-Day Might Look Like This: No two days are the same, but here’s a vibe check:
• Morning check-in with Security and IT on recent risk events
• Review third-party vendor risk reports
• Update documentation for new processes
• Meet with Legal to align on upcoming privacy laws
• Answer a Slack question from someone who’s confused about MFA requirements
• Review audit prep checklist and delegate tasks
• End the day with a quick 15-minute sync with your remote compliance team The Remote Life, Done Right Working remotely isn’t about disappearing into the void. It’s about flexibility and connection. Here’s how we stay close:
• Weekly team huddles to align and vent (in a good way)
• Virtual “deep dive” sessions for brainstorming big ideas
• Async updates so you’re not stuck in meetings all day
• Slack channels where memes and milestones live side by side Honestly, we like working this way. And we think you will too. Tools You’ll Use (and Love) We don’t expect you to be a wizard with all of these, but you’ll probably touch:
• GRC platforms (like Vanta, Drata, OneTrust, or LogicGate)
• JIRA or similar project tracking tools
• Worklith Workspace or M365
• Slack for daily comms
• Confluence or Notion for documentation What Success Looks Like After 6 Months You’re not just “settling in.”
• The audit process runs smoothly because of the systems you built.
• Team leads know precisely where to go for compliance answers.
• We’re tracking risk proactively, not reactively.
• People trust you. They ask for your input. They send GIFs when your projects go live. Salary and Perks
• Annual salary: $142,000
• Fully remote setup
• Flexible PTO
• Home office stipend
• Professional development support
• Health, dental, and vision (because, obviously) Let’s Wrap It Up This isn’t just a compliance job. It’s a chance to m

Apply tot his job Apply To this Job