Principal Compliance Officer
Remote (CET +/- 2)
TheyDo
TheyDo is a collaborative workspace for Customer Journey Management. Align customer needs with business results and make an impact together. Start for free!We’re TheyDo, a fully remote B2B SaaS organisation. Founded in 2019, we are the leading journey management platform, on a mission to make the customer journey the most powerful business tool there is.
In March 2024 we announced our latest funding round worth $34 million. Combined with our Series A raise in 2022 it takes our total investment to just under $50 million. Our angel investors include executives from Intercom, Miro, OpenAI, Amplitude, Slack, Airtable and more.
We support and partner with renowned enterprise organizations such as Cisco, Ford, Johnson & Johnson, Home Depot and Polestar, helping them manage their complex journeys and optimize them for efficient growth, removing the need for constant transformation.
We kicked off 2024 with a global team of 65 TheyDoers, representing over 30 nationalities across 20 countries.
This is just the beginning. Join our exciting journey as we scale to over 100 by the end of this year!
The Principal Compliance Officer will play a critical role in integrating InfoSec and compliance within our cross functional operations.
Working directly with our Head of Ops and collaborating with engineering and sales leadership, this position is responsible for managing a comprehensive roadmap of certification and standardisation projects, aligning them with our business needs, and ensuring that our customer-facing teams are equipped with the necessary tools, resources, and knowledge to effectively communicate our compliance posture to clients.
Certification and Audit Management:
Manage roadmap of certification and standardisation projects based on business needs:
Lead the certification and audit processes of certifications such as ISO-27001:2022, SOC-2, and GDPR compliance.
Manage our ISMS, and the lifecycle and framework for internal policies.
Conduct operational audits to ensure the company meets operational requirements.
Resource and Education Leadership:
Setup the tools, resources and education for our customer-facing teams:
Manage a knowledgebase of compliance-related sales material.
Conduct compliance risk assessment training workshops when needed.
Own and curate the list of sub-processors.
Collaboration and Support:
As a key part of the Business Operations team, closely collaborate with engineering and GTM teams.
Be the first line of contact for compliance questionnaires and customers questions.
To serve as a nominated DPO.
Proven experience in a senior compliance role.
Deep understanding of ISO-27001:2022.
Previous experience with Vanta, or similar compliance platform tooling.
Previous experience within a SaaS or technology environment.
Deep understanding of GDPR, and other relevant standards and regulations.
A knack for identifying opportunities to improve our compliance posture and customer experience.
Strong project management skills.
Relevant certifications (e.g., CIPP/E, CIPM, CISSP) are a plus.
Competitive compensation and pre-IPO equity - we like to give our employees ownership with our stock package. When TheyDo succeeds, we all succeed
Fully remote working with flexible hours - we're staunch advocates for autonomy and flexibility.
Company events - we regularly connect in-person to strategise, reflect or simply have fun. Our most recents offsites were held in the Netherlands and Spain
Flexible holiday days - we love what we do, and equally love taking a break. We expect you to take a minimum of 25 days per year (in addition to public holidays)
Professional development reimbursement - we value learning and are happy to support you with books/conferences/courses that will benefit you in your role
Mental health/wellness reimbursement - we’ll support you in looking after your body/mind (meditation, mindfulness, or a yoga/gym membership)
Paid parental leave - we'll provide financial support and time off for you to bond with the newest little members of your family (6 months for the primary carer, and 6 weeks for the secondary carer - fully paid)
Home office or co-working support - we offer everyone the choice of home office reimbursement or co-working support
Latest tech & tools - Macbook Air, Pro or laptop, we want you to have the equipment that you’re most comfortable with. We use tools such as Gather, Slack, Notion, Loom, and G:Suite to work collaboratively and asynchronously
Continuous growth of our benefits package as we continue to grow in size
To any recruitment agencies, we appreciate you would like to support us but we do not accept any unsolicited CVs or introductions.
About TheyDo
Our core values are the driving force behind every decision we make.
We ‘Journey together’ along a path of collaboration and synchronization. In everything we do, we ‘Own it’, never shying away from taking action or making decisions. Our ‘Cloaks off’ mentality ensures that transparency and integrity reign supreme. Moreover, ‘Customer Fueled’ innovation is at the heart of our work, as we know that the success of our product is directly linked to how we involve our customers in the process.
TheyDo is an equal opportunities employer. Our customers are diverse, and we believe our organisation should be, too. We nurture an inclusive culture where everyone feels equally important, no matter their background or status. We will never discriminate on the grounds of gender, civil status, family status, sexual orientation, religion, age, disability, education, or race.
If you are a woman or part of an underrepresented group, we encourage you to apply. Even if you don’t check every box — your skills and perspective could be just what we need to succeed. We value diversity and know you bring something unique to the table!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Airtable Audits CIPP CISSP Compliance GDPR ISMS OpenAI Risk assessment SaaS SOC
Perks/benefits: Career development Competitive pay Conferences Equity Fitness / gym Flex hours Flex vacation Gear Health care Home office stipend Parental leave Team events Transparency Wellness Yoga
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs