Principal Compliance Officer

We’re TheyDo, a fully remote B2B SaaS organisation. Founded in 2019, we are the leading journey management platform, on a mission to make the customer journey the most powerful business tool there is.

In March 2024 we announced our latest funding round worth $34 million. Combined with our Series A raise in 2022 it takes our total investment to just under $50 million. Our angel investors include executives from Intercom, Miro, OpenAI, Amplitude, Slack, Airtable and more.

We support and partner with renowned enterprise organizations such as Cisco, Ford, Johnson & Johnson, Home Depot and Polestar, helping them manage their complex journeys and optimize them for efficient growth, removing the need for constant transformation.

We kicked off 2024 with a global team of 65 TheyDoers, representing over 30 nationalities across 20 countries.

This is just the beginning. Join our exciting journey as we scale to over 100 by the end of this year!

What you'll do

The Principal Compliance Officer will play a critical role in integrating InfoSec and compliance within our cross functional operations.

Working directly with our Head of Ops and collaborating with engineering and sales leadership, this position is responsible for managing a comprehensive roadmap of certification and standardisation projects, aligning them with our business needs, and ensuring that our customer-facing teams are equipped with the necessary tools, resources, and knowledge to effectively communicate our compliance posture to clients.

Responsibilities:

Certification and Audit Management:

Manage roadmap of certification and standardisation projects based on business needs:

• Lead the certification and audit processes of certifications such as ISO-27001:2022, SOC-2, and GDPR compliance.

• Manage our ISMS, and the lifecycle and framework for internal policies.

• Conduct operational audits to ensure the company meets operational requirements.
  

Resource and Education Leadership:

Setup the tools, resources and education for our customer-facing teams:

• Manage a knowledgebase of compliance-related sales material.

• Conduct compliance risk assessment training workshops when needed.

• Own and curate the list of sub-processors.
  

Collaboration and Support:

As a key part of the Business Operations team, closely collaborate with engineering and GTM teams.

• Be the first line of contact for compliance questionnaires and customers questions.

• To serve as a nominated DPO.
  

Qualifications:

• Proven experience in a senior compliance role.

• Deep understanding of ISO-27001:2022.

• Previous experience with Vanta, or similar compliance platform tooling.

• Previous experience within a SaaS or technology environment.

• Deep understanding of GDPR, and other relevant standards and regulations.

• A knack for identifying opportunities to improve our compliance posture and customer experience.

• Strong project management skills.

• Relevant certifications (e.g., CIPP/E, CIPM, CISSP) are a plus.

What we offer

• Competitive compensation and pre-IPO equity - we like to give our employees ownership with our stock package. When TheyDo succeeds, we all succeed

• Fully remote working with flexible hours - we're staunch advocates for autonomy and flexibility.

• Company events - we regularly connect in-person to strategise, reflect or simply have fun. Our most recents offsites were held in the Netherlands and Spain

• Flexible holiday days - we love what we do, and equally love taking a break. We expect you to take a minimum of 25 days per year (in addition to public holidays)

• Professional development reimbursement - we value learning and are happy to support you with books/conferences/courses that will benefit you in your role

• Mental health/wellness reimbursement - we’ll support you in looking after your body/mind (meditation, mindfulness, or a yoga/gym membership)

• Paid parental leave - we'll provide financial support and time off for you to bond with the newest little members of your family (6 months for the primary carer, and 6 weeks for the secondary carer - fully paid)

• Home office or co-working support - we offer everyone the choice of home office reimbursement or co-working support

• Latest tech & tools - Macbook Air, Pro or laptop, we want you to have the equipment that you’re most comfortable with. We use tools such as Gather, Slack, Notion, Loom, and G:Suite to work collaboratively and asynchronously

• Continuous growth of our benefits package as we continue to grow in size

To any recruitment agencies, we appreciate you would like to support us but we do not accept any unsolicited CVs or introductions.

About TheyDo

Our core values are the driving force behind every decision we make.

We ‘Journey together’ along a path of collaboration and synchronization. In everything we do, we ‘Own it’, never shying away from taking action or making decisions. Our ‘Cloaks off’ mentality ensures that transparency and integrity reign supreme. Moreover, ‘Customer Fueled’ innovation is at the heart of our work, as we know that the success of our product is directly linked to how we involve our customers in the process.

TheyDo is an equal opportunities employer. Our customers are diverse, and we believe our organisation should be, too. We nurture an inclusive culture where everyone feels equally important, no matter their background or status. We will never discriminate on the grounds of gender, civil status, family status, sexual orientation, religion, age, disability, education, or race.

If you are a woman or part of an underrepresented group, we encourage you to apply. Even if you don’t check every box — your skills and perspective could be just what we need to succeed. We value diversity and know you bring something unique to the table!