Compliance and Privacy Officer

1 Month ago • 4-8 Years

Job Summary

Job Description

As Toku’s Compliance and Privacy Officer, you will lead privacy and security programs, ensuring adherence to regulatory standards like GDPR, SOC2, and ISO 27001. This pivotal role combines technical expertise and strategic project management to ensure regulatory adherence and data protection, shaping the future of compliance in the evolving crypto industry. Responsibilities include overseeing privacy and compliance frameworks, managing security protocols, technical leadership, and developing training programs. The role requires a strong understanding of encryption, authentication, and network security. The officer will also be the point of contact for privacy-related inquiries and audits.

Must have:

Drive security/privacy engineering, business practices, and programs in fintech.
Manage GDPR, SOC2, or ISO 27001 implementations.
Strong understanding of encryption, authentication, and network security.
Excellent written and verbal communication skills.

Good to have:

Familiarity with compliance management platforms like TrustArc or Drata.

7 skills required

7 skills required for this role

Add these skills to join the top 1% applicants for this job

saas-business-models

communication

ethical-hacking

quality-control

html

hr-operations

hris-human-resource-information-systems

Job Details

About Toku

Toku is the leading provider of compliance infrastructure for crypto companies, enabling them to pay employees in tokens and stablecoins while staying compliant with state, federal, and international tax laws. Our growing client list includes 30% of the crypto companies listed on Robinhood.

Backed by $26M from leading investors including Blockchain Capital and Naval Ravikant, Toku is scaling rapidly to meet the demand for compliance solutions in the evolving regulatory environment. Read more about Toku in Fortune, Yahoo Finance, and CoinDesk.

To learn more, check our website.

As Toku’s Compliance and Privacy Officer, you’ll lead privacy and security programs, ensuring adherence to regulatory standards like GDPR, SOC2, and ISO 27001. This pivotal role combines technical expertise and strategic project management to ensure regulatory adherence and data protection, shaping the future of compliance in the evolving crypto industry.

What you'll do

Oversee Privacy and Compliance Frameworks:
Oversee GDPR compliance practices and drive certification efforts with TrustArc/eTrust, a leading privacy compliance governance certifier.
Design and execute privacy and security programs and risk registers aligned with regulatory frameworks (e.g., SOC2, GDPR, ISO 27001).
Lead security and privacy program initiatives collaboratively across teams.
Act as a point of contact for privacy-related inquiries and audits.

Manage Security Protocols:
Develop and implement security protocols to ensure data integrity and protection.
Conduct system security audits and drive penetration testing.
Define access control measures, encryption standards, and secure data transfer protocols.

Technical Leadership:
Lead vulnerability assessments and remediation strategies.
Collaborate with engineering teams to integrate privacy-by-design and security-by-design principles.

Develop Training Programs:
Establish company-wide privacy and security training initiatives.
Stay current with evolving regulations and security threats, adapting strategies accordingly.

What we’re looking for

Bachelor’s or Master’s degree.
4-8 years of experience driving security/privacy engineering, business practices, and programs in a fintech SaaS or HRIS/payroll platform.
Proven track record managing GDPR, SOC2, or ISO 27001 implementations.
Strong understanding of encryption, authentication, and network security.
Familiarity with compliance management platforms like TrustArc or Drata.
Excellent written and verbal communication skills with the ability to simplify complex ideas for diverse audiences.

Certificates preferred

Certified Information Systems Security Professional (CISSP).
Certified Information Privacy Professional (CIPP/E, CIPP/US)ISO 27001.
Lead Implementer certification.

Why you’ll love working at Toku

Shape the future of the crypto compliance space during a pivotal regulatory moment.
Work alongside innovative clients and highly engaged industry-leading investors.
Join a fast-growing startup with a clear market need and a strong product-market fit.
Competitive salary, equity, and remote-friendly work culture.

Toku is an equal opportunity employer, and we are committed to being a diverse team that reflects a broad range of background, thought, and experience. We do not discriminate based on race, color, religion, sex, gender identity, sexual orientation, age, national origin, status as an individual with a disability, status as protected veteran, or any other legally protected characteristics. Women, minorities, LGBTQ+, and people from underrepresented backgrounds are strongly encouraged to apply.

We strongly encourage you use Rezi.ai to vet resume quality before applying.