Talent.com
Head of Risk and Compliance
Head of Risk and ComplianceAnonyome Labs, Inc. • South Jordan, UT, US
Head of Risk and Compliance

Head of Risk and Compliance

Anonyome Labs, Inc. • South Jordan, UT, US
job_description.job_card.30_days_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
job_description.job_card.job_description

Job Description

Job Description

Salary :

Head of Risk and Compliance

Anonyome Labs is creating a world in which people have exclusive control over their personal data.Were changing the identity, privacy and cyber safety paradigmand resolving the greatest challenges consumers and enterprises face.

Through the Sudo Platform products, we provide businesses with identity and privacy toolkits. We demonstrate these toolkits through our MySudo consumer reference applications empowering everyday users to decide when, where and with whom they share their personal information, and we help enterprises rapidly develop and deploy branded identity, privacy and cyber safety solutions for their customers.

In developing the Sudo decentralized digital identity at the heart of our products, we wanted to do something that hasnt been done before because thats what the global fight for data privacy willdemandfrom us all : out of the box thinking and privacy by design.

If you want to join us at the leading edge of data privacy, apply to join our team now. Theres never been a better time.

This is a fantastic opportunity to work at a well-established global start-up, working with global leaders in the security and privacy space.

Role

The Head of Risk and Compliance ensures Anonyome Labs remains compliant with business-critical external compliance objectives and leads the business risk management program.

Responsibilities

Data Protection and Privacy

Our customer trust hinges on the responsible handling of sensitive information, including regulated personal data. The Head of Risk and Compliance ensures compliance with data protection laws like EU GDPR, U.S. state privacy laws including California Consumer Privacy Act, while implementing best practices for consumer privacy. Responsibilities include :

  • Establishing robust controls for data storage, transfer, and disposal
  • Coordinating regular audits to ensure compliance with relevant data protection regulations
  • Monitoring access to sensitive customer and corporate data

Risk and Compliance Leadership

From external compliance objectives to third-party vendor agreements, this role ensures compliance while minimizing risk. Specific duties include :

  • Driving our programs for SOC 2 certification, PCI DSS compliance, EU-U.S. Data Privacy Framework self-certification and others as determined by business need.
  • Owning and maintaining disaster recovery and business continuity plans

    • Collaboration with Other Departments

    The Head of Risk and Compliance must work closely with other C-suite executives and their teams to ensure an understanding of risk management and compliance is present :

  • Partnering with the Head of Engineering and Head of Product to integrate compliance measures into systems design, implementation and operation
  • Working alongside People team to ensure compliant handling of employee and candidate data
  • Coordinating with internal SMEs and external legal counsel to align policies and operations with compliance regulations

    • Keeping Up with Changing Regulations and Compliance Obligations

    The regulatory environment and supply chain of service providers in which Anonyome Labs operates is never static. Compliance today does not imply compliance in the future :

  • Monitor changes in the regulatory environments critical to our products, including telecommunications, payments and fintech, consumer privacy, and data protection laws
  • Identify product or internal improvements to reduce the risk of becoming non-compliant

    • Reporting to Stakeholders

    Providing regular updates about the companys risk posture and compliance status are essential duties. They must :

  • Offer actionable insights to reduce risks while aligning compliance with the company's long-term goals
  • Advocate for necessary budget approvals to invest in risk management and compliance initiatives

    • Core Skills and Competencies

    Leadership and Strategic Planning

    Risk Management Strategy Design

  • Ability to develop and implement a comprehensive risk management strategy that addresses current and emerging risks across business units.

    • Business Alignment

  • Skills to align initiatives with overall business goals and objectives, ensuring risk management measures contribute to organizational success.

    • Risk Management and Compliance

    Regulatory Compliance

  • Familiarity with data protection laws such as EU GDPR, California Consumer Privacy Act, and industry certifications frameworks such as SOC 2, PCI DSS, and the EU-U.S. Data Privacy Framework.

    • Risk Assessment

  • Ability to conduct risk assessments of internal systems and third-party vendors to identify and mitigate vulnerabilities.

    • Disaster Recovery Planning

  • Competence in creating robust disaster recovery and business continuity plans.

    • Data Protection

    Sensitive Data Handling

  • Design strict controls for data storage, access, transfer, and disposal to ensure the integrity of sensitive customer and corporate information.

    • Privacy Best Practices

  • Advocate for user privacy by adopting and enforcing best practices for data protection.

    • Incident Response

    Crisis Management

  • Experience leading incident response efforts to evaluate breaches, assess damage, and communicate with stakeholders like customers and regulatory bodies

    • Post-Incident Analysis

  • Ability to supervise reviews after cybersecurity incidents and ensure lessons are applied to future defenses

    • Communication and Reporting

    Stakeholder Engagement

  • Strong communication skills to prepare and deliver detailed reports to stakeholders

    • Budget Advocacy

  • Ability to secure budget approval for critical risk and compliance initiatives

    • Employee Training and Awareness

    Training Development

  • Develop and conduct employee training sessions on risk management and compliance topics such as payments compliance.

    • Fostering a Data Protection Culture

  • Own the culture of shared responsibility for risk management across all departments

    • Collaborative Skills

    Cross-Department Coordination

  • Proficient in collaborating with Information Systems, Product, Engineering and Finance departments to ensure regulatory and external compliance where required
  • Supporting Sales by reviewing contracts and agreements for compliance requirements and devising how they can be achieved

    • Stakeholder Partnerships

  • Partner with C-suite executives to embed risk management and data protection policies into every aspect of the organization.

    • Personal Attributes

    Analytical Thinking

  • Sharp analytical skills to assess risks and the effectiveness of risk management measures.

    • Decision-Making

  • The ability to make sound, quick decisions.

    • Adaptability

  • Resilience and adaptability in navigating the dynamic nature of the digital threat landscape.

    • Finally, we expect you to score extremely high on our "Stuff That Matters" :

    Enhancing Privacy

    Privacy is at Our Core

    Growing as One team

    Work Inclusively, Embrace Diversity, Succeed Together

    Sharing Insights

    Information empowers our decision making

    Taking Ownership

    Own it, enjoy it, learn from it

    Feeding Curiosity

    Always learning

    We offer health, dental, vision & life insurance plans, unlimited PTO, cool office space, equity, catered lunches, and an exciting and innovative atmosphere. If youre interested in changing the world, wed love to talk to you.

    serp_jobs.job_alerts.create_a_job

    Head Of Compliance • South Jordan, UT, US