Compliance Lead

Title: Compliance Lead

Komprise is an enterprise SaaS specializing in analytics-driven unstructured data management. Komprise founders started the company to address a gap in innovation for managing massively growing volumes of unstructured data which was creating complexity and stretching IT budgets from the endless need to buy more storage. Komprise Intelligent Data Management is one platform to analyse, move and manage unstructured data. We work with large enterprises across many sectors so they can optimize storage and backup costs, automate AI data workflows, reduce compliance and security risks and gain greater value from file and object data. We are looking for someone who is bright, passionate, wants to work on something new and disruptive and who enjoys a dynamic environment where they can make an impact.  

Job Summary

At Komprise, our premise for success lies in our strong foundations of policies and regulations that comply with the highest of ethos. We’re seeking a seasoned compliance lead to help us uphold our company-wide policies, in the most efficient and effective approach. The compliance lead role requires the candidate to be proficient in the developing and transitional compliance laws globally.

Working as a compliance lead, the candidate in question must take charge of developing and maintaining an information security program and effectively communicating program requirements and responsibilities to employees and stakeholders. The compliance manager job involves high proficiency in some soft skills such as communication, organizational abilities, and strong interpersonal skills, as it involves liaising with different stakeholders, internally and externally.

Key Responsibilities

• Corporate Regulatory Compliance: Ensure compliance with domestic and international regulations, such as GDPR, CCPR, HIPAA, PCI DSS, and other privacy and industry-specific standards.
• Risk Assessment and Mitigation: Monitor and assess projects and business activities for compliance risks, developing plans for potential issues or violations.
• Policy and Program Management: Create, implement, and manage corporate compliance policies, programs, and procedures to align with legal and regulatory requirements.
• Security Evaluation Management: Manage Komprise response to prospect and customer security evaluations, assessments, and questionnaires, and define and implement Komprise processes to achieve relevant security certifications, e.g., SOC 2
• Training and Education: Educate employees and stakeholders about compliance requirements and best practices
• Audit and Monitoring: Conduct internal audits and assessments of processes and procedures to identify areas for improvement and ensure adherence to standards.
• Regulatory Monitoring & Reporting: Track changes in relevant laws and regulations, collecting and analyzing data to inform and improve compliance initiatives. Prepare and submit compliance reports to senior management and regulators.
• Data Protection: Ensure the security and confidentiality, integrity, and availability of sensitive company and customer data, aligning with data protection laws and regulations.
• Stakeholder Communication: Liaise with internal departments (e.g., Engineering, Marketing, Product Management, Legal) and external bodies (regulators, industry associations) on compliance-related issues.
• Documentation and Reporting: Maintain comprehensive records and generate reports to demonstrate compliance efforts.

Essential Skills

• Excellent Organizational Skills: Ability to prioritize tasks and manage multiple projects simultaneously.
• Proficient Communication Skills: Effective communication of compliance requirements and risks to stakeholders.
• Problem-Solving Abilities: Ability to analyze complex regulatory issues and develop solutions.
• Knowledge of Regulatory Requirements: Deep understanding of relevant laws, regulations, and industry best practices, particularly those applicable to software and IT.
• Technical Proficiency: Experience with compliance management software, risk assessment tools, and data analysis platforms is beneficial.
• Educational Background: A Bachelor’s degree in Computer Science, Data Science, Business, or a related field.
• Experience: Minimum 10 years’ experience in software companies, minimum 7 years’ experience in software information security.
• Certification: CISSP certified.

Tools and Technologies

• Compliance Management Software: Familiarity with tools like LogicGate, VComply, or ZenGRC to streamline compliance processes.
• Governance, Risk, and Compliance (GRC) Platforms: Implement GRC platforms to centralize compliance documentation and reporting.
• Regulatory Technology (RegTech) Tools: Leverage RegTech tools to automate monitoring of regulatory changes and ensure compliance.