About the jobAt TRM, we're on a mission to build a safer financial system for billions of people around the globe. Our next-generation platform, which combines threat intelligence with machine learning, enables financial institutions and governments to detect cryptocurrency fraud and financial crime on an unprecedented scale.
The Security team is responsible for and committed to securing all things at TRM. From our customers to our code, and everything in between, the security team is involved in all aspects of the business. We are looking for a Security Compliance Lead to own TRM’s compliance and GRC initiatives that ensure we continue to deliver best-in-class security and trust for our customers.
Your responsibilities will include:
- Develop scalable and sustainable processes and tools for normalized controls, collecting audit evidence, monitoring controls, and conducting gap analyses.
- Manage TRM’s security compliance and certification lifecycle, SOC 2 Type II, while planning for and prioritizing future compliance needs.
- Lead and manage the end-to-end FedRAMP certification process.
- Develop the continuing compliance program to maintain an achieved FedRAMP certification.
- Manage customer due diligence requests including developing and maintaining security collateral for customers (e.g., SIG, CAIQ).
- Conduct enterprise risk assessments and manage the risk registry.
- Develop a vendor risk management program.
- Identify areas for improvement based on input from customers, the go-to-market teams, and overall business objectives. Anticipate customer needs with respect to compliance and due diligence.
- Experience with leading a cloud-first SaaS company through the FedRAMP Moderate certification process.
- Strong understanding of Public Sector compliance security standards including NIST 800-53, SOC2, and common compliance frameworks.
- Strong working knowledge of FedRAMP management, operational and technical security control and supplemental guidance.
- Strong focus on normalizing controls across frameworks and standards, with an eye toward improving maturity, scalability, and consistency over time, while looking beyond just “checking the box”.
- Experience delivering SaaS products to Public Sector customers is a plus.
- Privacy and GDPR experience is a plus.
- Security certifications (e.g., CISSP) are a plus.
TRM Labs is a blockchain intelligence company that helps financial institutions, crypto businesses and government agencies detect and investigate crypto-related financial crime and fraud. Our products are trusted by leading companies including PayPal, Visa, FTX, Uniswap, Anchorage, and federal agencies such as the FBI and Dept. of Treasury. Every day, we tackle challenges in data engineering, data science, and threat intelligence to advance our mission to build a safer financial system for billions of people.
To accomplish our mission, we have raised nearly $80M from JPMorgan Chase, Visa, Citi, PayPal, Block, Tiger Global and Bessemer. Our team is made up of world class experts from the FBI, U.S. Secret Service, US Treasury Department, McKinsey, Coinbase, and top-tier tech companies.
TRM is a remote-first workplace, with hubs in San Francisco, Washington, DC and London. We are looking for people with grit, passion, and humility to join our global team.
- Impact Oriented Trailblazer - We define high-impact targets through customer centricity, prioritization, and adaptability.
- Master Craftsperson - We execute efficiently to achieve goals through good judgment, velocity, and grit.
- Inspiring Colleague - We elevate team performance through integrity, apprenticeship, and positive energy.
- Remote-first work environment, with optional in-person offices
- Regular team off-sites and retreats
- Competitive salaries and stock options
- Premium health, dental, and vision insurance
- FSA, HSA, and 401K programs
- Life & disability coverage
- Paid time for vacations, volunteering, sick leave, and generous parental leave
- Fitness, co-working, and home office reimbursements
- Professional learning and development stipends