Side Hustles

Side Hustles For All

Salary Unstated

Compliance, Risk & Governance Manager

Apply Now
Full-time Remote 45d ago

Location:

US

Company:

Kodex is revolutionizing how companies handle third-party data requests, ensuring compliance and security for handling sensitive data.

Summary:

The Compliance, Risk & Governance Manager will oversee compliance and IT governance at Kodex, ensuring adherence to legal and regulatory standards. Applicants should have extensive experience in compliance management and cybersecurity frameworks.

Requirements:

Experience: 5+ years of experience in compliance, risk management, or IT governance, ideally within a SaaS, security, or privacy-focused environment., Deep knowledge of regulatory frameworks such as GDPR, CCPA, ISO 27001, SOC 2, and experience supporting audits and due diligence processes., Experience completing vendor security assessments with engineering-focused questions and infrastructure-level questions, Hands-on experience managing IT systems, employee device provisioning, and endpoint security tools (e.g. MDM, SSO, endpoint protection)., Strong understanding of operational risk and compliance in a B2B tech context.

Job Description:

Kodex is looking for a Compliance, Risk & IT Manager to join our team and take ownership of the systems, safeguards, and standards that protect our company and customers. In this role, you’ll be responsible for ensuring that Kodex meets its legal, regulatory, and contractual obligations — especially around how we manage law enforcement requests and sensitive data. You’ll also be responsible for the secure management of our internal IT infrastructure, ensuring that our devices, systems, and access controls are company-managed, compliant, and resilient.

This is a cross-functional role that blends compliance leadership, risk oversight, and hands-on IT operations. You’ll work closely with legal, product, and security teams to guide our compliance strategy, support audits and vendor assessments, and maintain clear internal policies.

This is a mission-critical role: Kodex operates at the intersection of technology, privacy, and public interest. Your work will help uphold our commitments to transparency, security, and accountability — values that are core to our product and our brand.

Responsibilities:

  • Manage Compliance: Lead audits for SOC2, PCI and HIPAA (we use Vanta). Ensuring compliance with certification requirements and managing improvements post-audit.

    • Ensure and maintain compliance with GDPR, CCPA, CPRA and other privacy regulations

    • Work closely with the EU Compliance Officer and Data Protection Officer

  • Vendor Security Questionnaires: Respond to security questionnaires and inquiries effectively in collaboration with Sales, Security and Engineering

  • Manage IT Hardware & Systems: Manage the provisioning, security, and lifecycle of company laptops to ensure all devices are compliant, tracked, and securely maintained.

  • Risk Assessments & Programs: Conduct risk assessments and mitigate data security and compliance risks. Assist in the Development of the Risk programs centered on Vulnerabilities, Enterprise, Vendors, and other areas to proactively address potential threats

  • Represent Kodex: Represent Kodex as the primary point of contact for all compliance-related matters with clients, partners, and regulatory bodies.

  • Ensure employees are trained and educated on compliance and security best practices to maintain a strong security culture within the organization. Lead the development and enforcement of internal compliance policies, frameworks, and best practices aligned with industry standards.

  • Stay updated on cybersecurity trends and threats to ensure effective training and awareness programs for employees

  • Monitor and respond to evolving regulatory landscapes affecting law enforcement data requests, data privacy, and cross-border data governance.

What you bring:

  • 5+ years of experience in compliance, risk management, or IT governance, ideally within a SaaS, security, or privacy-focused environment.

  • Deep knowledge of regulatory frameworks such as GDPR, CCPA, ISO 27001, SOC 2, and experience supporting audits and due diligence processes.

  • Experience completing vendor security assessments with engineering-focused questions and infrastructure-level questions

  • Hands-on experience managing IT systems, employee device provisioning, and endpoint security tools (e.g. MDM, SSO, endpoint protection).

  • Strong understanding of operational risk and compliance in a B2B tech context, or a banking, fintech or credit context

  • Ability to design and implement scalable internal controls, policies, and procedures with clarity and simplicity.

  • Excellent communication and collaboration skills; comfortable working across legal, engineering, and customer-facing teams.

  • A thoughtful, pragmatic approach to balancing risk mitigation with operational efficiency.

  • Ideal/optional - Used Vanta previously for compliance management

What you get:

  • A fast-paced and collaborative environment

  • Remote-first company

For Full Time positions only: 

  • Competitive compensation and equity options

  • Flexible PTO, public holidays

  • Comprehensive health, dental and vision plans